[Dailydave] there you go..Cyber Redphone

parastoo at unseen.is parastoo at unseen.is
Tue May 10 23:19:03 EDT 2016 

when a nation-state (known to P) pwned a govt-owned server to mount a childish attack on another player
who used this Cyber redphone ( among other little things :> )

copy of the original mail sent by the datacenter :

Return-Path: admin at mailbox.unseen.is
Received: from mt08.unseen.is (LHLO mt08.unseen.is) (82.221.109.11) by
 mb06.unseen.is with LMTP; Wed, 4 May 2016 02:43:31 +0000 (GMT)
Received: from localhost (localhost.localdomain [127.0.0.1])
	by mt08.unseen.is (Postfix) with ESMTP id 3C898502901
	for <parastoo at unseen.is>; Wed,  4 May 2016 02:43:31 +0000 (GMT)
MIME-Version: 1.0
From: "Content-filter at mt08.unseen.is" <admin at mailbox.unseen.is>
Date: Wed,  4 May 2016 02:43:30 +0000 (GMT)
Subject: BANNED contents (.exe,.exe-ms,New Order.exe) in mail TO YOU from
 <info at solon.org.gr>
To: undisclosed-recipients:;
Message-ID: <VRLIAJbuzPg5ED at mt08.unseen.is>
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Content-Type: text/plain; charset="UTF-8"

BANNED CONTENTS ALERT

Our content checker found
    banned name: .exe,.exe-ms,New Order.exe

in an email to you from:
  info at solon.org.gr

Content type: Banned
Our internal reference code for your message is 01290-05/LIAJbuzPg5ED

First upstream SMTP client IP address: [82.221.106.185]:7463 ml01.unseen.is
Received from: 82.221.106.185 < ::1 < 197.210.226.13

Return-Path: <info at solon.org.gr>
From: Sales <info at solon.org.gr>
Message-ID:
  <20160504054005.Horde.-WkI90exhfRXKNqjtfOX9qF at webmail.solon.org.gr>
User-Agent: Horde Application Framework 5
Subject: New Order
The message has been quarantined as: virus-quarantine.udtzkein at mailbox.unseen.is

Please contact your system administrator for details.

/END/

----- Original Message -----
From: "Parastoo" <parastoo at unseen.is>
To: dailydave at lists.immunityinc.com
Sent: Saturday, March 12, 2016 12:18:48 AM
Subject: [Dailydave] there you go..Cyber Redphone

this is based on this thread : 
https://lists.immunityinc.com/pipermail/dailydave/2016-March/001137.html
not a bad idea

P. wants to admit an attack has taken place in iDirect Government 
Technologies (iGT) a subsidiary of VT , a major U.S Military and IC 
Satellite contractor . the "intrusion" is still going on , we are 
studying whether possible to do "more" than data ex filtration ( that , 
already happened ) particularly due to a recent GCC decision to call 
some of us in ME terrorists and put restrictions ( media - tech ) on 
news channels specially in Satellite front .

P. announces to the anonymous group who know enough of each other 
unofficially , that our move in essence is not to insult U.S's Cyber 
Space and its guardians . this is to remind them that their friends , 
the backward-thinking Monarchs in the deserts , make stupid decisions 
and well somebody gotta pay for it . if current efforts work and say we 
get one random iGT Transponder to play one of our designed Kinetic games 
you got a promise iGT will be left with no more harm ( a REL plus some 
dox dump goes to Cryptome ) and P go says a warm hello to Thuraya .

above is all there is to say on the phone . to honor the technical 
nature of the list lets make a wild list of possibilities when :

1. you already pwned the SOC within the satellite's NOC
1.1 a remote terminal up there in the actual satcom/milsatcom platform 
allows run very Kinetic apps on one of the "Zones" which could easily 
maximize the RF power facing earth . virtually a guarantee to blind and 
deafen any Radar station , EW installations , perhaps Flying things too
2. you got a weaponized malware tailored for the satellite's terminal ( 
user ) SoC architecture , got a long list of internet facing terminals 
from your Shodan account , most of them being used in some SCADA remote 
enabler
2.1 and while the terminal manufacturer claims it got a bunch of 
assurances and standards , some fancy-ass FIPS-something in silicon 
reality its buggy as your sister's marriage with UBL ( may he rest in 
peace . although Snowden says otherwise.. who to believe ? ) among those 
bugs are hardware features to radiate "much" more energy to the 
satellite and we know the sat cannot handle a bot made of those 
terminals suddenly point their directed & distributed energy

when you invest in such weaponry you also must let the other folks know 
of it . history tells us nobody in the official anonymous unofficial 
group like a devastating surprise . P's approach is to dial the redphone 
and tell about the very small in scale CNA ( in our version , C taken 
from Cyber and N from Neutronic - very different than your typical CNA 
to computers by networks ) in hope they get a better realization of the 
actual realm of warfare here

this hope is false ? let the group make their moves and decide
P.
Sat Mar 12 00:17:35 IRST 2016




_______________________________________________
Dailydave mailing list
Dailydave at lists.immunityinc.com
https://lists.immunityinc.com/mailman/listinfo/dailydave

More information about the Dailydave mailing list