Chris Vickery Profile picture
Oct 1, 2018 4 tweets 3 min read Twitter logo Read on Twitter
If you want a thread to pull on, consider why the same entity would be behind these listed sites:
[… ]
Why would someone be interested in the data generated by the public interacting with those sites?
And, yeah, the "neverhillary" section is in reference to a previously active site "" (a domain which I have since taken over ownership of after they let it lapse).
Here's a hint, "LoudDoor" is a bigger player than people realize.

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with Chris Vickery

Chris Vickery Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @VickerySec

Oct 9, 2018
When I found the exposed 154 million US voter database in June 2016, I was able to trace the data to a company named L2 Political.
L2 then traced the leak to a client of theirs. The client claimed hackers had taken down their firewall which then publicly exposed the database.
L2's client did not suggest that *I* was the hacker(s) who had removed their firewall and exposed the database.
If true, this means there is confirmation, from the holder of the data, that a nationwide US voter registry _was_indeed_hacked_ months prior to the 2016 election.
I can't believe I didn't recall this sooner. Foreign hacking of the US election system was not much of a topic when I originally reported this 154 million voter record leak and the detail of actual confirmation of a US nationwide vote hack became lost in the ether.
Read 10 tweets
Sep 8, 2018
That's an SCL Group site. It's hosting a personal blog for a German parliamentary candidate.
This candidate makes Youtube videos...
in which he argues that North Korea should have and retain nuclear weapons in order to keep the United States from invading.
Meant to include this screen with at the top of the thread.
Read 4 tweets
Sep 8, 2018
Step 1: Locate odd binary being served to the public internet.
Step 2: Get curious.
Step 3: Fire up a contained, temporary, virtual environment.
Step 4: Run the binary.
[result attached]

Step 5: Forever wonder of what could have been.
And of course they are also serving up a script that gives *ultimate* trust to expired keys. THIS IS NOT OK FOR A DOD CONTRACTOR TO HAVE BEEN DOING (among other things).
But, hey, while you're at it you might as well pipe some stuff straight into bash from the internet, right? #yolo I guess.
Read 4 tweets
Aug 8, 2018
AggregateIQ developed a voting system that takes votes via phone and online. Relevant project references are "Direct Vote", "vb9k", and (as recently observed in the wild) "VoteVault[.]io".
Take a look at the hosting abnormalities that occurred prior to the 2016 election.
I'm not saying that there was any funny business conducted regarding influencing any potential voters into thinking that they could actually vote via phone or internet... but that would certainly fit this macabre circus that we're all watching play out.
And I'm not saying that a sudden switch to Saudi Arabian IP space is indicative of anything in particular. It's just suspicious as all fuck.
Read 4 tweets
Aug 2, 2018
Something I realized a little while ago is that a few articles have attributed the start of the US Military's move toward cloud computing to this 2010 letter:… (U//FOUO)
You may recognize the author's signature.
It is now-disgraced General Michael Flynn.
The immediate result was a project called the Distributed Common Ground System (DCGS-A) which was declared a clunky, hard-to-use failure after $2.7 billion had been sunk into its development.
Ironically it was within a different cloud environment that I discovered an archived copy of the DCGS-A development environment (and other relevant files) on September 27th, 2017. That find joined the ranks of other military-related cloud data exposures I had already come across.
Read 7 tweets
Jul 2, 2018
As time goes on, a new parlor trick for open source insights emerges: Inferring personality traits from previously used passwords.
There have been a lot of high profile data breaches in which someone actually dumps the whole data set publicly (not cool, but it happens).
1) Read article reporting a celebrity/politician's personal email address.
2) Check if that email address has been involved in a previous high-profile data breach (like with
3) If it was, look up the email address on "one of those sites" that hosts previous high-profile data breaches with hashes included (not gonna list any here, and beware of the malware-laden ones).
4) Head on over to a site like and look up the hash.
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!


0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy


3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!