Chris Vickery Profile picture
Data breach hunter. InfoSec & Cybersecurity. Personal account.
Lysa Profile picture CHEW Profile picture 2 subscribed
Oct 9, 2018 10 tweets 4 min read
When I found the exposed 154 million US voter database in June 2016, I was able to trace the data to a company named L2 Political.
L2 then traced the leak to a client of theirs. The client claimed hackers had taken down their firewall which then publicly exposed the database. L2's client did not suggest that *I* was the hacker(s) who had removed their firewall and exposed the database.
If true, this means there is confirmation, from the holder of the data, that a nationwide US voter registry _was_indeed_hacked_ months prior to the 2016 election.
Oct 1, 2018 4 tweets 3 min read
If you want a thread to pull on, consider why the same entity would be behind these listed sites: americanstrawpoll.com/img/
[ web.archive.org/web/2018100119… ]
Why would someone be interested in the data generated by the public interacting with those sites?
#CA #AIQ #SCL #PG #LD #AS #WPA And, yeah, the "neverhillary" section is in reference to a previously active site "neverhillary2016.com" (a domain which I have since taken over ownership of after they let it lapse).
Sep 8, 2018 4 tweets 2 min read
mss-01.pafr.swy.sclgroup.cc
dig That's an SCL Group site. It's hosting a personal blog for a German parliamentary candidate.
This candidate makes Youtube videos...
in which he argues that North Korea should have and retain nuclear weapons in order to keep the United States from invading.
Sep 8, 2018 4 tweets 2 min read
Step 1: Locate odd binary being served to the public internet.
Step 2: Get curious.
Step 3: Fire up a contained, temporary, virtual environment.
Step 4: Run the binary.
[result attached]

Step 5: Forever wonder of what could have been. And of course they are also serving up a script that gives *ultimate* trust to expired keys. THIS IS NOT OK FOR A DOD CONTRACTOR TO HAVE BEEN DOING (among other things).
Aug 8, 2018 4 tweets 2 min read
So,
AggregateIQ developed a voting system that takes votes via phone and online. Relevant project references are "Direct Vote", "vb9k", and (as recently observed in the wild) "VoteVault[.]io".
Take a look at the hosting abnormalities that occurred prior to the 2016 election. I'm not saying that there was any funny business conducted regarding influencing any potential voters into thinking that they could actually vote via phone or internet... but that would certainly fit this macabre circus that we're all watching play out.
Aug 2, 2018 7 tweets 2 min read
Something I realized a little while ago is that a few articles have attributed the start of the US Military's move toward cloud computing to this 2010 letter: info.publicintelligence.net/USFOR-A-DCGS.p… (U//FOUO)
You may recognize the author's signature.
It is now-disgraced General Michael Flynn. The immediate result was a project called the Distributed Common Ground System (DCGS-A) which was declared a clunky, hard-to-use failure after $2.7 billion had been sunk into its development.
Jul 2, 2018 5 tweets 2 min read
As time goes on, a new parlor trick for open source insights emerges: Inferring personality traits from previously used passwords.
There have been a lot of high profile data breaches in which someone actually dumps the whole data set publicly (not cool, but it happens). Example:
1) Read article reporting a celebrity/politician's personal email address.
2) Check if that email address has been involved in a previous high-profile data breach (like with haveibeenpwned.com).
Jul 1, 2018 12 tweets 2 min read
Serious triage proposal to immediately hinder bot/troll armies on Twitter and Facebook:
a) Keep "Entry-Level" Twitter accounts free.
b) "Standard" accounts require a one-time $3 fee (nonrefundable).
c) For certain "Verified" accounts (e.g. elected officials) the fee is waived. 1. The one-time $3 fee for a standard account can *only* be paid with a unique credit card (this is possible even if paying through paypal). Once a credit card is used for an account, it cannot be used to pay the $3 fee on any other account, ever again.
Jun 29, 2018 4 tweets 1 min read
If you take a phrase from SCL Group's posted privacy policy, and google for the exact phrase (with quotation marks) you get exactly 6 results of other sites using the same exact language (may vary depending on which line you google for).
Curious results, don't ya think? For what it's worth, this little trick is extremely useful for finding hidden relationships between entities playing shell games.
I normally wouldn't mention it, but I've noticed that some have started using website techniques that mitigate against leaving this sort of trail.
Mar 26, 2018 4 tweets 2 min read
I found Bannon's tools.
Facebook ad tools, scrapers, targeting scripts, etc.
Federal authorities have it all now.
Smoking gun evidence involving foreign influence in US elections.
Reports going up momentarily at: upguard.com/breaches/aggre… and gizmodo.com/aggregateiq-cr… Data involves Cambridge Analytica, AggregateIQ, WPA Intel, Brexit, Cruz, and more.