New Chinese Misinformation Campaign

Fake Campaign Attempts to Attribute Chinese Advanced Persistent Threat Group APT 41 to the NSA

By Dominic Alvieri 

@AlvieriD

October 12th, 2022

A new Chinese misinformation campaign has been spreading this past week attempting to attribute the Chinese APT 41 to the National Security Agency. Many are using the Intrusion Truth name. 

Global Times Chinese domain article tweet.

Several new accounts tweeted in Chinese Mandarin for the local media in Asia while others have been created in English for a wider audience. All accounts use the APT 41 hashtag. 

Kimberly Allen Fake FireEye Attribution in Mandarin

The above tweet translates to FireEye attributing Chinese APT 41 to the NSA.

The tweet above has been removed but the account remains.

The FBI reports concludes what we all know while some are trying to create confusion in typical APT 41 style.

This is a new and current campaign with all accounts still currently open. No new activity has been spotted since the initial report this week with fake attribution tweets.

Blog will be updated as needed. Stay safe.

A Week with Lapsus$

Conversations with Americas Most Wanted

By Dominic Alvieri

@AlvieriD

April 11th, 2022

What it's like

 

So what is it like to speak with someone so wanted and hated by so many? The answer may surprise you. Brash, confident and way more intelligent than people are willing to give to the remainder of the Lapsus$ group credit for. 

What is his name? I didn't ask and frankly don't care. Chances are it would be another farce. 

Where is he? I didn't ask again and don't care.

Where are the remaining members now? I again didn't ask and again don't care. That is not my job to breach Telegram and other companies and to find answers. 

This is an account from the past week with Lapsus. I am not part of Lapsus$.

Recent photo profile updates

Tagged on Twitter

That warm and cozy feeling. 

What did you talk about? None of your business. Just kidding. We did share a few laughs. Speaking of how influential a photo is in reference to text we laughed as he changed profile photos live. We are all visual creatures. We also all fall into patterns. Pattern analysis transfers well.

We spoke about women ( don't judge ) surprisingly not guns, a little tech and the minefield that has been unearthed around him. Eager to save what was a short lived legend in Lapsus$ it would come as no surprise to anyone that this is the current attempt at just that, reviving Lapsus$.

It was very interesting. There have been may articles and blogs written about the group and I am not going to be redundant but giving a brief synopsis of the past week chatting with the famed "Mox" of the prematurely pronounced dead Lapsus$ hacking and extortion group. 

In and out. Constant change, searching, contacts. Fast.

Lapsus$ is still alive albeit a like a racing team without a car or driver but it has a good pit crew. They are looking to change that. 

As several researchers have pointed out and has been confirmed there are several members of the group still active as is evident here. Actively searching to retain former glory. 

Right now it is no secret that the group is under diminished capacity. That can change at any moment.

Girls, guns, cars, companies... we didn't actually speak about guns but I'm sure that would have been interesting as well. 

Good bye Mox

To be continued fortunately by someone else. I'm exhausted.

Dominic Alvieri

Twitter @AlvieriD

Black Lives Matter campaign at Amazon.

 Amazon Corporate Hiring Policy

Black Lives do Matter, All Lives Do, with or without a felony.

By Dominic Alvieri, @AlvieriD

Black Lives Matter campaigns have been everywhere this year.
What exactly does that mean?

Amazon ran a great Black Lives Matter campaign earlier in the year. Or so we thought.

Upon further investigation it turns out that only certain lives matter, not all when it comes to corporate hiring policies.

Amazon is not alone.

How can a campaign matter if it excludes a huge portion of the population?

The largest incarcerated population in the World also has the largest felon population outside of prison seeking gainful employment. Amazon is always touting jobs but will never hire a felon.

The Cyber Show blog on Blogger, by Google.

The campaign began showing the true colors with the announcement of the Bezos Academy for underserved children. Amazon will never hire anyone who has made a mistake in the past. All lives matter but only to a point with certain companies.

What about their children?

Can the child of a felon attend the Bezos Academy Amazon?

What about working for Amazon? That is a no. Corporate policy, sorry.

Please buy from us, we support black lives. What?

CNN Report of the new Bezos Academy.

With the largest incarcerated population in the World, The United States also has the largest population of released felons back into society. Amazon is constantly touting jobs and new warehouses, but the truth is they will not hire a Black, White or any color felon. Sorry, doesn't matter how long ago the crime was or even what happened. Amazon does not care what or when it was.

But you can still buy from us!

We have a policy.

Does having a policy make it right?

Amazon has a strict corporate policy.

There is a new Bezos Academy preschool, tuition free for underserved communities.

Can all black children attend, even if their mother or father has a felony record?

As of press time, Amazon has not returned a request for comment.

Corporate hiring policy is very clear...

Amazon will never hire a person with a felony record. Period.

Where can the largest incarcerated population work?

The jobs ordeal is continuing with politicians and wall street pushing below living wage jobs and Amazon will not even hire you. So where can they work?

The frame here is that 25 years ago you could have made a mistake and you paid your debts.

Or so you thought.

What ever happened to paying your debt to society? Amazon carries that debt forever.

Many companies and people do. 

What illegal thing have you done now? Prior felon.

What illegal things have you done in 25 years? 

Now people can do horrible things for 25 years and we elect them president.

The last three lines should make the point clear. 

Dominic Alvieri, @AlvieriD

Analyst, Researcher and Tracker.

SEO For Better Please, Not Worst.

 

 Susquehanna University maintains disturbing meme   Suckabanana University                 on search engines.

  By Dominic Alvieri @AlvieriD

                           Prestigious Susquehanna University is above this meme and bad jokes.

Nestled in heart of the Susquehanna Valley in central Pennsylvania is prestigious Susquehanna University. A diamond in the valley.

Malicious memes and jokes have hidden risks finally being realized by more than just the cybersecurity industry. CNN, The New York Times and The Washington Post have been covering the events as they unfold with social media weaponization which comes through many avenues and dark alleys of the internet.

The university is well above this modern technical association of a bad joke that is now weaponized online. It readily shows up available to associate with and link via search engines to the universities website itself and separate searches of other keywords to Kappa Delta Sorority. 

As of press time no one from the university has returned multiple requests for comments.

 

 Is it just a joke? A meme? < ?>SEO_SU</?> 

The CyberSecurity Show on Blogger

For years it has been maintained that is a joke and just a meme. Memes and jokes with undertones like this are in poor taste at the very minimum standard of decency. With modern connectivity to the internet available with nearly every device overall internet usage and abuses have been soaring during the pandemic of 2020. COVID-19, viral attacks, ransomware and social abuses online are all reaching epic proportions as we wait for final election results.

So have the dangers. 

A malicious meme or bad joke now online can reach the most innocent and at risk.

You have to break the frames and differentiate between what was shown and pushed to you and what it actually is. 

Is it a video of Alice in Milan or a manipulated image created by Bob of Alice in Minsk?

It was actually made by Trudy in Moscow and emailed to Bob in Manhattan.

That impulse reaction will engrain a lasting memory node, if you will. You will remember Alice in Milan even though it was made by Trudy in Moscow and emailed to Bob in New York City.

The CyberSecurity Show on Blogger

You will remember the context of what was intended and it may not be the reality of the situation.

It can influence the unknowing either politically or socially and abuse and entangle you. 

It has to be addressed right now in every way, shape and form.

We are literally disconnecting from reality.

Hashtags and keywords are basically how Google, Microsoft and every search engine lets people find you, your business or your university. It does not just appear. Google and Microsoft did not place this on your site for you on their own accord without technical direction and consent. It is a created association made by you, your business, your university or the person(s) or business that is in charge of your website(s).

That goes for fraternities and sororities as well.

                                         SEO for fraternities and sororities needs to improve.

What is SEO anyway?

SEO stands for Search Engine Optimization. <a>SEO_101</a>

Google and Microsoft can help you remove them if anyone is ever unsure of how to do so.

The hashtag below is displayed on GramHum which is an Instagram viewing page that displays dubious content with the following examples. The hashtags and keywords have many bad examples.

One of many found that purport this kind of activity. Is this suitable for a child? Is it suitable period? 

Susquehanna University is not involved with any of the websites, pages, hashtags or links other than the current SEO linkage to its website and domain (TLD).

This is an example of what those keywords and hashtags represent and link to.

Instagram viewer with few posts but dangerous content.

Notice the same post in the snapshot above and below. 
Was this created only for a political trolling campaign? 

Edited for disturbing content.

If a post or tweet is added and viewed by millions to disinform or misinform and then deleted, does it count? Yes it does. You distributed non verified malicious content.

My research has shown that several sites are being maintained for years with only a few posts being counted every year. One GramHum landing page only shows 24 posts dating back since the pages inception. A tactic used during the election. Distribute it and then delete it.

 I didn't know or it was only a joke or meme is the excuse.

GranHum dotcom is registered with PorkBun LLC, a registrar of domain names that has had hundreds of reported coronavirus scam websites that it has registered this year. #CyberSecurity

This viewing page group has been placing and deleting content on various sites and show only a minimal amount of posts.

                                 SEO is search engine optimization. Is this optimization acceptable?

The suckabanana keywords and hashtags lead to dangerous areas of the internet with undertones and deviance that many dare not fathom, let alone witness in any form.

Do you know the Banana Fungus? It is real, and bananas may not survive.

                                       Banana fungus is real. So are disturbing banana memes.

The keywords and hashtags have many hidden dark places on the internet that the university does not know about and is not related to, responsible for or associated to in any way, shape or form other than the keyword and hashtag placement for search engines. It is just the first layer of search engine optimization that someone is in control over and will rectify the situation. 

 Google will gladly be able to assist. You can probably Google it.

                                                                 Search results on Bing

The Federal Bureau of Investigation has been investigating the dark underworld of keyword and hashtag associations and leads for many years. Many lead to the dark web. Then the links and layers get deeper. The are becoming more topical and dangerously mainstream today.

     This is an official tweet regarding the current social media threat to children during the pandemic.

Children are our future and we need to protect them. The "suck a banana' franchise of tags and associations are being hashtagged with kid themed tags including "hard for kids" and others.

The combination of what appears to be a benign "hard for kids" hashtag that may imply a difficult math or science problem, is tagged along with deviant hashtags.

Gamers and gaming sites are another lure.  

Banana rooms and hidden areas that are clicked on may place your child in harms way with no knowledge if not monitored and aware of the dangers. 

Many memes and online distribution channels have become dangerous social weapons.

The Washington Post published an article of political memes Friday, November 6th, 2020. 

Notice the "who made this" comment. Who made it indeed. 

The internet has become weaponized, not just social media.

Dangerous memes and accounts are spreading a different kind of virus that has infected everyone who has seen any of the malicious memes, videos, posts and tweets. 

Courtesy of The Washington Post .

Several photos have shown up on both political and sexually themed sites.

Lurking with bad intent below in nefarious parts of the internet.

All three above are suckabana hashtag memes cropped for content.

The three links above are all associated with the suckabana franchise of keywords and tags that only gets worse if you follow the links and leads. Several variations of the hashtags and keywords exist and have multiplied at an alarming rate in 2020. 

The Pandemonium in the Pandemic.

 

Hidden banana rooms and different searches yield other nefarious lures.

Weaponizing social media is not only dangerous but it is destroying the very foundations of our democracy and lives and striking many down to the core. 

 

We all can do better. We all have to. All of US.

<p>

Veuillez ne pas sucer une banane sur votre site Web SEO. French.

Por favor, no chupes un platano en tu sito web SEO Spanish.

Molim vas, nemojte sisati bananu na svojoj web stranici SEO. Croatian.

Bitte saugen Sie keine banane auf lhrer Website SEO.. German.

Please don't suck a banana in your website SEO.

</p>

Dominic Alvieri, @AlvieriD

Analyst, Researcher and Tracker.

The Cybersecurity Show on Blogger

How To Spot a Troll

 Be on the lookout for Trolls.

With the political season in full swing and a sprint towards the end with the final debate tonight, be on the lookout for political trolls. Trolling will still be active in many different forms after the election. 

Common troll actions online or off are similar in malicious nature and one sided. Do you really think a person who will knock you over for a cab be a pleasant person online? Someone cut you off on the road and give you the finger? Very thoughtful and caring and no doubt similar in their online persona.

How about someone following you walking all the way home filming all the way to your home address and network? That actually happened to me and in the last 50 yards I turned around and let the expletives fly.  Common little items you may notice in a person can be hidden and multiplied online.

You can be trolled online and not even know it.

Many social sites let you peruse account activity without becoming a member, albeit with restricted messaging privileges. Someone can be trolling you right now as you read this.

Is this a political action account?

Several accounts have been set up online on multiple platforms as political only accounts, meaning they only conduct self serving politics. Building followers some real and some fake along the way.

Can this action figure above be a real person or a person hiding with an ulterior motive?

Pattern analysis can define the account better than the person hiding behind the account. Patterns will reveal hashtag creations and associations that the person thinks they are masking with layers of malicious similarity. Lets get this person 10,000 followers, or attempts to attract others and link more fake accounts to show a social power and strength. 

Account layering is now becoming common practice as many bad actors attempt to gain leverage to sway and disinform. 

The new online version of the old game is now called whack a troll. They are seemingly everywhere. 

Join our cause...please.

This account became active just in time for the election.

Russia and Iran have interfered to date with this current election process, as per the FBI. 

Many more attempts are likely before and during the election. This election has been the most challenging to date and no doubt foreshadows more difficulties in upcoming elections. 

Old accounts that are now becoming active are another give away. Sole purpose accounts with fake groups and followers have been proliferating online for years. Some repackaged, others retooled but all share the common traits of sole purpose posting, tweeting and blogging to attain a political goal. 

Can there be hidden financial agendas as well?

What about other hidden agendas?

New FBI warning.

New dangerous versions of trolls have been appearing online with different dangerous motives. One deceptive troll tactic is to fake a common friendship or association. So and so from xyz group gave me your name. Trolls come with many hidden agendas and dangerous forms. 

The FBI has recently confirmed an alarming social trend in other dangerous trolling incidents.

The time is now to be informed abut the dangers and the many different varieties of trolls online. The troll can be after your ID, finances or family. You have every right to protect yourself. You also have the right to know who and what you are protecting yourself from. The person or entity behind the actual account attempting to cause harm.

Be careful and informed of the dangers. Monitor, educate and inform. The dangers online and off never take a break and are evolving at a rapid pace. Be proactive and not reactive. 

There are new avenues of danger possible at every click, text, email or post. 

Cybersecurity Awareness Month is October. Stay safe and be cybersecurity aware everyday.

@AlvieriD

Analyst, Researcher and Tracker.