Gh0stNet & Shadow Network Operators - Right Now

#Gh0stNet, an aspect of technology that the trafficking group I've been writing criminal reports against for years is using (with 4 state victories since 2018).

The hotel in Southern Maine who is #filming female guests without their knowledge nor consent, for bitcoin profit sharing, who I won my case in court in July 2023, after having spent a year doing forensics from May 2022-April 2023, & interviewing perpetrators & victims, stated the crimes they actively committed fell under #RICO. They're using their own version of GHOST malware, which connects to a server in #Idaho & other places.

I ran traces for months in any spare time, to gain a picture of what was going on.

While in TX, a #ThreatActor who did an installation for #CDC, whose wife works in #Rehab & where the couple stated they're recruiting women to be sex trafficked to Central America; the husband talked about a #scam where investors seek funds to establish a bank, then later the bank closes. While I was pinging the GHOST servers, over months, I was able to trace the locations to names & recognized several in Idaho from San Francisco. Those people, made me uncomfortable then, and I didn't need to know why. Now, I know why.

During tracing period, a newly established bank in the Idaho city where there had been multiple hits, closed. I found that interesting.

In TX, a Threat Actor, told me he was in the group for life, that they were a #ShadowNetwork on #Facebook & he was designing a new social media network for them. He was intelligent but arrogant (an indicator of possible NPD) & misogynistic.

He believes women are "less than". (Ummm, No!) He said he believes in "spirits" & listens to a "Pastor". He believes "thoughts" are real non-physical "entities".

He's taken teachings of Abraham by Esther & Jerry Hicks: "thoughts are things" & works of "What The Bleep Do We Know"; entirely warped them, which is something that has been studied as a strategy of Cults & something that #MarkVicente explains.

As a programmer, Chris is always right; all who disagree with him are wrong & must be #punished. Women are objects to be owned. (Nope.)

My "favorite" thing he said, was related to malicious apps on Android & IOS.

Chris: Want to know how to get infected apps past screening?

Me: (Non-verbal, I raised my eyebrows in wry; WTF what he talking about?) After my pause, he proceeded:

Chris: You break them.

When an app is run through malware testing, he designs it to manifest a glitch in the reader. The reader ends up not recognizing the glitch & passing it, or being overwhelmed & kicking it back to a certain sequence in the test, where it ends up being passed at the end of review.

He was very animated about the apps he was paid to make which are malware and are living in Apple & Google Play stores right now.

His company, knows they are a criminal enterprise & are well compensated by buyers.

#Aurora is also repeatedly coming up in my forensics as is #Wistia & #Akamai.

I have three years of forensics that I have turned into law enforcement and 100G+ of technical evidence. I can begin to post some of the code that may be appropriate for BUG researchers, helpers, or other journalists.

I personally was enormously surprised by Law Enforcement response.

FINANCIAL CONTROLLER, SECURITY & SAFETY

In 2009 when I left #RealityDigital as Co-Controller, I called a former mentor, Anne Mitchell CPA, as I had previously been a Financial Controller in private equity, and thought that *maybe I might be better suited for Private Equity Wealth Management & #TaxLaw than for working in Technology companies.

Anne advised me to start my own finance consulting firm, and switch from employee work to consulting projects, while continuing to outsource Legal & Financial Advisor components.

(I ended up getting hired at Joby Energy, a tech startup, and so apparently my skills weren't limited to Asset Preservation; I do have some, tech ability.)

Anyone who works in Finance, is under strict regulations, whether an employee, contractor, consulting firm, or any other type of entity. Breaches are serious and required to be handled in real time, and reported to AG at specific stages.

While traveling, I recorded breach attempts at various hotels, and turned in legal reports. Because of the gravity of the situation, any my training, I followed "protocol" to secure devices. The time that took, created a loss in many billable hours of work, and ability to accept new work at the time.

Now, I could have secured devices faster, but I also knew enough about the law, plus I was curious.

1) Knowing about the law, meant that in March 2021, when there was a small breach notification, that was enough for FTC but not for Law Enforcement, I did something I've never done before: I let it play out and watched the Threat Stages in real time, from both the user/victim experience perspective, and also by accessing the code logs on the back-end. I wanted to collect enough evidence to turn in the malware and get a conviction, after I learned from interviewing an officer in Hill Country that this was a Chapter 33 Felonious Computer Crime. https://statutes.capitol.texas.gov/docs/PE/htm/PE.33.htm

It was also a travel pre-paid personal phone that I cared nothing about.

It took 2 days. I cancelled my appointments and was sort of mesmerized. Once the attack was complete, I compiled documentation of the stages and filed with Police & OAG.

2) I was curious about the #Behaviorism aspect of #ThreatActing and of #Victims.

I had already been trained in Social Engineering when I protected financial assets at a Wealth Management Firm. I further learned about Social Engineering as it relates to NLP & Pick-Up Artists, after I'd secured court injunction for Stimbra's fraud in 2003.

I had spoken to a Technical Consultant who does forensics on hacked devices for the State of Virginia Attorney General. He was kind enough to go over a threat assessment with me, and my behaviors were correctly on track. So how were perpetrators able to affect devices?

My security training, was working. I have separate devices for personal vs work, and my work product was safe, yet my personal phone experienced multiple attempted attacks.

The attacks that were effective were all location based: hackers living in specific hotels.

Criminals physically accessed my person device, when I had it locked in hotel storage. They were hotel employees or hostel "volunteers" with key access.

Some attackers are using a flaw in Google's Nearby Connections. This is interesting to me as it relates to a patent that a Trafficker in California owns, who worked at Google; and it has components of the Aviation Technology that we were developing at Joby Energy.

Some attackers are using Zero Day exploits, although those attacks, which I documented August 2021, failed to work as my behaviors took care of it in real time.

The hackers who are violating RICO laws and involved in the trafficking of drugs, sex, and financial fraud, some of them claim to be "bank robbers", and are utilizing "layers", from the mouth of the Hotel Proprietor in Southern Maine. When I looked under the hood, what I saw was website impersonation & email phishing; predominantly threats that utilized cookies, java script injection and the browser as the playground.

Those hackers, are also using an attack type to download text, word files, and images with embedded key(s), in the background, which upload data to their servers in the background and/or install a tunnel to their network.