Ralph Cerchione Profile picture
Feb 9, 2018 69 tweets 46 min read Twitter logo Read on Twitter
#Cryptocurrency is readily admissible evidence re: a host of felonies. But no one may have stated how much more it can do or how easily. Until now.

.@ericgarland .@counterchekist .@911CORLEBRA777 @20committee @thespybrief @patribotics @gametheorytoday .@FBI .@NSAGov @GCHQ
1st, some basics. #Cryptocurrencies create a permanent, online record of each transaction, arguably the most easily tracked exchanges on Earth. But law enforcement shut down multiple #Darknet auction sites even before that was common knowledge. .@FBI .@NSAGov
Those sites had tens of thousands of users. And money launderers, Russian intelligence, terrorists & ordinary criminals have moved into it en masse. The world’s worst method for making nefarious transactions. .@FBI .@NSAGov
Those & other criminal activities implies there are at *least* a few hundred thousand felonies out there on cryptocurrencies, just waiting to be identified and rolled up. .@FBI .@NSAGov
Probably millions, given how many millions of cryptocurrency transactions have taken place. The scale of that map alone is staggering. Now merely cross-reference w/other obvious elements. Bank transfers/money laundering found by #FinCEN. .@FBI .@NSAGov
*Also* cross-reference the crypto w/the drug trade/gun trade/porn trade/etc - including everything IDed on Darknet auction sites they've already taken down. .@FBI .@NSAGov
Now take all your #FARA violators - whether carefully uncovered, blatantly obvious, or rolled up as deliverables in plea deals - & integrate them into this map as well. .@FBI .@NSAGov
Then we’ll be taking #botnets & hacked kompromat & adding them in also. & spies including supposedly deep-cover spies who are more exposed than they know. #FISA warrants/intel intercepts will vary depending on your access. .@FBI .@NSAGov
A global map of criminal activity. Not just organized crime & espionage, but almost everything touched directly or indirectly by the Internet.

#BigData & geolocation - & a few other advancements – will tie the whole thing together. .@FBI .@NSAGov
Also remember, re: cryptocurrencies: There's a lot of transactions that are blatantly illegal. Not just the wrong drugs/guns/pornography. But basic things. Tax evasion? #FARA violations? Taking undeclared income when you have TS clearance? .@FBI .@NSAGov
Which is why we're likely looking at hundreds of thousands if not *millions* of blatant felonies to roll up. But again, that's *just* the basics of cryptocurrency, with a little FinCEN/IRS/FBI investigation thrown in for good measure. .@FBI .@NSAGov
Take a list of #cryptocurrency exchanges of interest going to their assorted accounts. Tie those accounts to individuals, when you know who they are (start w/#BigData & what you already have). Expand your database w/other transactions & people of interest. .@FBI .@NSAGov
As noted above, you only need to show tax evasion, a #FARA violation or receipt of undeclared income w/TS clearance to prosecute someone. And as all #cryptocurrency information is essentially public domain, you can access it w/out SIGINT or search warrants. .@FBI .@NSAGov
All presumably admissible & just sitting there. But this wildly understates the value of just that 1st layer of information. Consider the multiple Darknet black-market auction sites shut down by law enforcement, w/users estimated in the tens of thousands. .@FBI .@NSAGov
Knowing a host of accounts/individuals are actively criminal sheds light on many associates. So look at your above people of interest and tag accounts w/names & further descriptors, noting everything from known intelligence agents/assets to drug dealers. .@FBI .@NSAGov
For example, trading w/an account used solely for drug deals. Or taking money from a foreign government w/out registering as a foreign agent. Again, we know a lot of those radioactive accounts. .@FBI .@NSAGov
Also key: Because we know so many tainted accounts, we have a certain probable cause that comes up in certain transactions. Eg, anyone buying from a drug dealer, moving cash through a money launderer, getting paid by foreign intelligence. .@FBI .@NSAGov
If you see enough of these exchanges, you may get a much clearer idea of the dealer’s customers, the money launderer’s clients, the intel agent’s immediate assets. Not all of them, but their interactions in turn will reveal further information. .@FBI .@NSAGov
Again, some individuals, once identified, have legal restrictions on their activities. Receiving #bitcoin that never shows up on their taxes, unregistered payments by foreign governments, undeclared income of any kind for people w/TS clearances. .@FBI .@NSAGov
This may sound modest, until you realize you’re not just looking at tens of thousands of people on Darknet auction sites or those interacting w/known intelligence operatives or criminals, but public-domain databases showing millions of transactions. .@FBI .@NSAGov
Further, with something like the Kremlin scandal, you appear to be looking at multiple interlocking #RICO investigations either directly involved or incidentally uncovered. It’s much easier to prosecute those on a large scale. .@FBI .@NSAGov
The above is devastating in itself. But we’re not doing all this on a spreadsheet on someone’s laptop. With a little #BigData work, you start to assemble a digital map of criminal activities worldwide. Not because they’re all using #cryptocurrency or even online. .@FBI .@NSAGov
But because having hundreds of thousands or even millions of illegal transactions publicly available to law enforcement, converted to a searchable database, augments every other tool at their disposal. Take #FinCEN sifting through money laundering, etc. .@FBI .@NSAGov
What happens when they can link suspect accounts to #cryptocurrency exchanges, and vice versa? What happens when a known #Darknet drug dealer makes a large, “inexplicable” payment to someone else through a bank transfer? Or an “investment” to launder the money? .@FBI .@NSAGov
So, we’re talking about probably *millions* of illegal exchanges by a host of criminals who are effectively revealing their associates through these transactions, bank transfers & records seized under warrant/turned over in plea deals. .@FBI .@NSAGov
This would already be apocalyptically bad for the criminal underworld and, I admit, was what I was hoping for when I let it metastasize for a ½-decade+. Remember, every time you shut down a money launderer, drug cartel, etc, you get a lot of people. .@FBI .@NSAGov
But remember, this global map of crime is just where we *start,* & what we’re adding to. There are several further elements to include. So let’s add a few more pieces of information to this layer. .@FBI .@NSAGov
Add security clearances, known criminal or espionage activities, known methods of communication (phone numbers, emails, social media), employment, businesses & other investments. Remember, much of this data will *also* be public domain. .@FBI .@NSAGov
Is some piece of information coming up again and again? A business, a set of #cryptocurrency accounts, a phone number? What would be a dizzying search for individual investigators to track manually may emerge instantly under #BigData. .@FBI .@NSAGov
Next, let’s geolocate individuals, organizations & key properties. Even knowing someone is in the DC/New York area helps, but you can get much more precise than that. Knowing people work or hang out together is also useful. What correlations appear? .@FBI .@NSAGov
Are funds going to some corner of the world just before a shipment of drugs leaves it? Are known Hawala networks receiving funds at one end & disbursing at the other? .@FBI .@NSAGov
Warrants or intelligence intercepts allowing someone to be tracked through their phone or other means may show immediate proximity between two persons of interest, or long-term proximity between a person of interest & someone not previously on radar. .@FBI .@NSAGov
We may also want to note any key skills or social circles involved – anything from TS clearances to nuclear physics. .@FBI .@NSAGov
Now let’s start refining our list with other information focused on the Russia investigation. Transition emails have information that can be sifted into the database. Are email addresses or names popping up that correlate to suspect individuals/accounts? .@FBI .@NSAGov
Supposedly some deep-cover spies like to have their IDs “re”-issued by law enforcement or other authorities to give them a legitimate paper trail. One #BigData search to see if there was ever a preceding ID to any re-issued IDs & their made. .@FBI .@NSAGov
Similarly, taking the names of children who died young is supposedly a popular choice. Sift those records w/#BigData to see where a child is suddenly resurrected decades later & you have another tell. .@FBI .@NSAGov
Before we proceed, remember you may further pass all this information through a filter, showing the overall information investigators are allowed to see vs evidence that is actionable by law enforcement. Granted, knowing someone is compromised helps. .@FBI .@NSAGov
But now we’re getting into what is willingly handed over to investigators. .@FBI .@NSAGov
#FARA alone decimates DC foreign influence & corruption, particularly in the context of a huge investigation w/tons of people looking for deliverables. Think DC staffers with nothing to offer the .@FBI beyond a legion of #FARA violators. .@NSAGov
How many low-level congressional staffers are worried about whether they’re implicated in the coup but have nothing on it the .@FBI doesn’t already know? But who know at least a few, or few hundred, #FARA violators? .@NSAGov
But think about how many emails & texts are getting seized under warrants or handed over as deliverables by flipped witnesses.

Oh, you deleted those? Really? Such that data forensics actually can't get them off *your* computer? .@FBI .@NSAGov
What about the other guy's computer? The other people cc'ed?

The server logfiles that were there for a year and which the FBI may well have started collecting over a year ago? With warrants? & how many warrants have been approved since? .@FBI .@NSAGov
And then there are the botnets & hackers gathering kompromat (blackmail information). .@FBI .@NSAGov
As w/Pyotr Levashov and the Kelihos botnet, it's not just the botnet & crimes the .@FBI will presumably be interested in, but to what degree Kelihos was used to gather & implement blackmail/kompromat. Could unearth a ton of assets not yet exposed. .@NSAGov
There's a number of reasons Russia's intel networks may be in the process of vaporizing. Consider botnets. Millions of illegally linked computers harvesting/deploying kompromat? Creating data trails *everywhere*? .@FBI .@NSAGov
Throw in everything else from #cryptocurrencies to flipped witnesses to #FARA deliverables from those *seeking* immunity. As .@ericgarland pointed out, a Russian hack of 3 billion Yahoo email users could have been one of many giant kompromat tools. .@FBI .@NSAGov
But now we're at the stage of everything getting exposed, and I don't think most operatives fully grasp the degree to which everything can be counterhacked and exposed in the digital world. The .@FBI only seems quiet until it really gets moving. It's moving *now.* .@NSAGov
It's easy to think in terms of mass counterhacks, etc, the value in these botnets may prove much more practical.

Where have they gone? What did they touch? What kompromat did they glean? What demands did they transmit? .@FBI .@NSAGov
Botnets can be valuable by leveraging a host of computers. What few consider is they also represent thousands - potentially *millions* - of points of vulnerability. It's impractical to purge the digital traces from each of a host of computers. .@FBI .@NSAGov
But even if you *did* scrub their files, those transmissions passed over a multitude of servers in turn, each of which keeps logfiles for at least a year. And let's not even get into individual computers with old backups lying around. .@FBI .@NSAGov
And then there's what I like to call the *bad* part. Millions of interlinked computers, taken over by a hostile intruder to serve what is presumably a conspiracy demanding a giant #RICO investigation? Even if your warrants are limited to *that*... .@FBI .@NSAGov
Can you imagine a more effective way to find everything compromised - assuming you don't just find a server/backed-up memory somewhere with the whole operation described in detail? Anything that sprawling leaves traces *everywhere.* .@FBI .@NSAGov
Thousands, even millions of computers bound together in a network gathering kompromat & transmitting blackmail demands? All of them storing data? All the servers they transmit through w/logfiles for a year? .@FBI .@NSAGov
Each one represents a point of vulnerability it itself. So does every 3rd-party server they've transmitted over. And thousand or millions of computers spamming/malwaring/blackmailing the Internet leave a *lot* of traces. .@FBI .@NSAGov
Why mention this now? It's the same pattern .@ericgarland noted in krav maga. A multitude of rapid strikes to keep your opponent hurt, off balance and enraged until you can take them down. Multiplied a million-fold and coming in from ten-thousand directions. .@FBI .@NSAGov
The implication that the hack of 3 billion Yahoo email accounts and other major hacks being traced back to Russia & serving as ideal sources of kompromat is also well taken. .@FBI .@NSAGov
They probably did not realize how easily all this could be backtracked.

Find the kompromat, find the treason, find the traitors. .@FBI .@NSAGov
John Schindler/@20committee wrote that "illegal" operatives were harder to make and more valuable. With this host of data rolls in - from #botnets, #cryptocurrencies, flipped witnesses, intercepts, #FARA, etc. .@FBI .@NSAGov
The Dutch have *how* much data from the SVR? Not to mention the US & her other allies? Russia is apt to lose her intel networks at a catastrophically rapid pace. .@FBI .@NSAGov
Reflect also on all the data *not* mentioned above. The Panama Papers. The Paradise Papers. Al Qaeda’s *entire* fundraising records at the time of Osama bin Laden’s death. .@FBI .@NSAGov
Like a hologram, all these data points can be used to further refine and sharpen the emerging image. .@FBI .@NSAGov
Oh, and to clarify: That million-fold multiplication of attacks? That's *counterattacks.* When you have to defend not only every agent, asset & secure computer - but every troll, useful idiot, shill & *bot* in your *botnet* & every person & computer they *touched?* .@FBI .@NSAGov
They *all* become points of vulnerability. Now throw in the FBI, US & allied law enforcement/intel, #FinCEN, the IRS & a host of interlocking #RICO investigations, and the means to glean much of this evidence on a massive scale. *Try* to defend all that. .@FBI .@NSAGov
And remember, most of this *doesn't* need to be critical for bringing down your primary targets. Reveal another traitor you don't know about, it's a win. Reveal whole networks, roll them up, take their pleas, reap their data... And do it globally. Annihilation. .@FBI .@NSAGov
Based on my own work, it seems the breakthrough required to make quantum & post-zetascale supercomputing possible already exists. The problem in transmitting it now or keeping it in a hackable format is that Russia et al might get it & while the US ignores it. .@FBI .@NSAGov
Unfortunately, that technology has quite a few applications, too many of which are easily weaponized. Efforts to limit the military applications are incomplete and still ongoing. .@FBI .@NSAGov
If that tech would be of interest, please reach out. As you can see above, some of us are doing what we can with conventional technologies in the meantime. .@FBI .@NSAGov
“I can calculate the movements of the heavens, but not the madness of men.” - Isaac Newton
.@FBI .@NSAGov
Please say "Hi!" to our Kremlin visitors.

(That blog hasn't been significantly updated in several months.) Just after 1 pm, Eastern Time. On a corner of the Web not meaningfully updated in almost a year... Odd.

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with Ralph Cerchione

Ralph Cerchione Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @Dry_Observer

Sep 23, 2018
@ericgarland Only the beginning, Eric.


I considered the flaw in cryptocurrency enabling the mass tracking/takedown of organized crime/Russian intel a modest side project for more than one reason. As we proceed, *why* will become more apparent.
@ericgarland So, SS7 protocols represent a massive flaw in cell-phone security.

Likely useful for years, but less so as it becomes public knowledge.

But sources & methods you *can* safely declassify?
cc: @LouiseMensch @ninaandtito @thespybrief @911CORLEBRA777
@ericgarland @LouiseMensch @ninaandtito @thespybrief @911CORLEBRA777 What if a staggering source of hard evidence in the Russian coup came from a technical weakness of rapidly diminishing utility, & which urgently needed to be closed anyway?
Read 16 tweets
Sep 15, 2018
@ericgarland @911CORLEBRA777 @JamesFourM @thespybrief @patribotics @LouiseMensch @ninaandtito @DirkSchwenk @xtrixcyclex @colinkalmbacher @claytonpurdom @emzanotti @RoyBlunt @FBIWFO @NewYorkFBI @FBILosAngeles @INTERPOL_HQ @DHSgov It's hard to overstate how important a cooperating Manafort becomes to unraveling media subversion.

But let's start with Eric's documentation of media-influence operations & go from there.
@ericgarland @911CORLEBRA777 @JamesFourM @thespybrief @patribotics @LouiseMensch @ninaandtito @DirkSchwenk @xtrixcyclex @colinkalmbacher @claytonpurdom @emzanotti @RoyBlunt @FBIWFO @NewYorkFBI @FBILosAngeles @INTERPOL_HQ @DHSgov First, remember @ericgarland initially just released the public, executive summary of his research into *one* aspect of this - a consistent pattern of harassment in response to his original Game Theory thread.
@ericgarland @911CORLEBRA777 @JamesFourM @thespybrief @patribotics @LouiseMensch @ninaandtito @DirkSchwenk @xtrixcyclex @colinkalmbacher @claytonpurdom @emzanotti @RoyBlunt @FBIWFO @NewYorkFBI @FBILosAngeles @INTERPOL_HQ @DHSgov There are so many critical details to go over here.

One, the patterns were easily detected, & hard evidence could be found in abundance.

Two, Eric *didn't* stop with documenting & researching just that one piece.
Read 55 tweets
Sep 6, 2018
@ericgarland @20committee @JamesFourM @Medium @FBI @NSAGov @DHSgov @GCHQ @LincolnsBible @USTreasury @BarackObama @NATO @DARPA @JohnBrennan @GenMhayden @CIA @TheJusticeDept @gametheorytoday @DEAHQ So, to list of other things .@FBI .@NSAGov .@DHSgov .@GCHQ .@USTreasury could use in a #BigData search to pull any remaining deep-cover spies:

Yes, as I've noted before, you can pull all the "re-issued" credentials, then check for any preceding ID.

But that's just a start.
@ericgarland @20committee @JamesFourM @Medium @FBI @NSAGov @DHSgov @GCHQ @LincolnsBible @USTreasury @BarackObama @NATO @DARPA @JohnBrennan @GenMhayden @CIA @TheJusticeDept @gametheorytoday @DEAHQ That's an obvious thing .@FBI .@NSAGov .@DHSgov .@GCHQ .@USTreasury could do, given the supposed tendency of deep-cover operatives to request "re-issuing" of a "lost" ID that never existed in the first place.
Read 173 tweets
Aug 21, 2018
@ericgarland @20committee @JamesFourM @Medium @FBI @NSAGov @DHSgov @GCHQ @LincolnsBible @USTreasury @BarackObama @NATO @DARPA Again, there was a warning about more evidence being released in tandem with egregious attacks on Kremlin's critics.

Given the targeting of Brennan, we’ve hit another tipping point.
.@FBI .@NSAGov .@DHSgov .@GCHQ .@USTreasury
@ericgarland @20committee @JamesFourM @Medium @FBI @NSAGov @DHSgov @GCHQ @LincolnsBible @USTreasury @BarackObama @NATO @DARPA I was planning to drop more evidence sources, but I don't think everyone yet realizes the security-clearance fiasco is a giant evidence-reaping machine *in* *itself.*
@JohnBrennan @GenMhayden
.@FBI .@NSAGov .@DHSgov .@GCHQ .@USTreasury
@ericgarland @20committee @JamesFourM @Medium @FBI @NSAGov @DHSgov @GCHQ @LincolnsBible @USTreasury @BarackObama @NATO @DARPA @JohnBrennan @GenMhayden As discussed previously in this thread, we have no shortage of people who direly need to proffer *something,* in the face of an investigation that needs neither their testimony nor their evidence.
.@FBI .@NSAGov .@DHSgov .@GCHQ .@USTreasury
Read 227 tweets
Aug 4, 2018
@ericgarland @20committee So, .@ericgarland gets a new kind of botnet targeting, & .@JamesFourM runs into issues w/his article on @Medium?

There was a warning about harassment & the countering release of evidence on the conspiracy.
.@FBI .@NSAGov .@DHSgov .@GCHQ
@ericgarland @20committee @JamesFourM @Medium @FBI @NSAGov @DHSgov @GCHQ The warning: Any egregious harassment of Kremlin critics could release or expedite yet *another* major evidence source against the conspiracy.

While unpleasant, I think these two each warrant something modest… yet formidable.

& apropos.
.@FBI .@NSAGov .@DHSgov .@GCHQ
@ericgarland @20committee @JamesFourM @Medium @FBI @NSAGov @DHSgov @GCHQ So, Eric you brought up the agencies rating investments recently, as well as AIG, stock markets, etc.

What, you might ask, is so deadly about global finance & the conspiracy? Beyond the obvious flows of money & influence?
.@FBI .@NSAGov .@DHSgov .@GCHQ
Read 322 tweets
Jul 28, 2018
@TheRickWilson @LouiseMensch Oops.

For everyone seeking a deal w/law enforcement, there is one *small* detail we may have glossed over for all parties.

Asset forfeiture. To the government, and... to civil suits.
cc: @thespybrief @ericgarland @TrueFactsStated
@TheRickWilson @LouiseMensch @thespybrief @ericgarland @TrueFactsStated And if you're thinking you'll fight - *great!*

A #RICO conviction proving guilt up front?

Involving treason, organized crime, media collusion, child trafficking, etc?

*&* you harassed or threatened people's kids? *Not* just the adult ones?
@TheRickWilson @LouiseMensch @thespybrief @ericgarland @TrueFactsStated I'm sure jury pools drawn from DC, New York, London, etc will be sympathetic.

But do remember a couple of *other* trivial details.

One, the Democratic Party already filed such a suit, and named Russian intelligence as a defendant.
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!


0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy


3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!