Rob Monster (quite the aptronym, no?) had been advertising their escrow services on a web site for domain traders and owners, NamePro, saying that he could help sellers transact "tax-free." On Twitter, the topic has also been raised and expanded to reveal that the
. . ."Dan Ehrlich
@danehrlich11
DATABASES for @Epik all came from IP addresses in New Jersey and Ukraine.
The CEO of the sister company of @Epik, @sibyl_ltd, also runs a Ukranian hosting firm. The firm in Vancouver that @Epik contracts out datacenter support to...
... @VanwaTech / @orcatech_io, is sister companies with @SharkTech, which has been previously linked with Chinese APTs. What should happen is @epik be investigated by the @IRS for all the invoices and domain sales not reported, & the @FBI for foreign hacking.
The Trump Intersection
From another researcher into the contextual implications of the data, Brian Krebs, author of Spam Nation, and an independent journalist who specializes in covering cyber crime and security and privacy issues, comes this Twitter thread.
briankrebs
@briankrebs
·
Sep 23
1/4: In 2016, media outlets reported on data showing unexplained & frequent connections between Russia's Alfa Bank & a Trump Org. email server. Thanks to ongoing lawsuits from Alfa Bank, a report on the data commissioned by the Senate in 2018 is now public
Indictment, Lawsuits Revive Trump-Alfa Bank Story
In October 2016, media outlets reported that data collected by some of the world's most renowned cybersecurity experts had identified frequent and unexplained communications between an email server...
2/4: Last week, the special counsel tapped to investigate the origins of the Russia inquiry indicted the former cybercrime prosecutor who brought the data to the attention of the FBI in 2016. Social media has been dissecting the placeholder names in the indictment to ID sources.
3/4: Alfa Bank has subpoenaed 49 people/entities in a John Doe suit that claims the data was result of a sophisticated cyberattack. The newly released report on the data came in a lawsuit filed by 1 of the deposed, who says Alfa Bank plans to violate a confidentiality agreement.
4/4: This story looks at the technical claims made on both sides. It also concludes that the way this entire inquiry has been handled may well negatively affect the US govt's ability to collect crucial and sensitive investigative tips in re cybercrime activity for years to come.
To which thread Dan Ehrlich of NamePros provides a long thread of his own showing the analysis of the "Wonder of the Internetted Internet" that begins here. . .
Dan Ehrlich
@danehrlich11
33/ - The far right hosts hundreds of websites on @inmotionhosting
out of Los Angeles (which strangely has their office inside the business school of @pepperdine
Image
As the thread unfurls, Ehrlich traces the chain of interconnectivity. . .
34/ - In Los Angeles, if you draw a line starting at Pershing Square / Chinatown, down Wilshire Blvd, all the way to the ocean at Santa Monica and Playa Vista and @ICANN headquarters, you will find about 15 small data centers being used as a platform to attack and subvert the USA
35/ - Those data centers all connect to one another through the 1 Wilshire Building, one of the most important "carrier hotels" for the entire internet http://one-wilshire.com. @GorillaServers
@dedipath
@QuadraNet
@MegaPath
@PsychzNetworks
@SharkTech
Ehrlich drops his bombshell:
36/ - What we are looking at is an "internet within an internet" that has provided the platform (the computer servers and hosting networks) for Russian and Chinese intelligence agencies, as well as transnational organized crime, to "wage war by deception" against us all.
Then he drops his consequent bombshell: ". . .the registered agent for a group of @robmonster (the EPIK domain regirstrant CEO) is in Wyoming" and a whole lot of other rightist sites that are laundering money through "merch" shops via a mini-hotel site (a 'motel'?) called Enzo.com. We learn that it's. . .
Not a surprise that one of @enzuinc's directors runs/owns
Image
I am not supplying hotlinks to any of these sedition supporters and racist web sites who are raising money through Enzo. However, one of them is an outfit called the "1776 Shop," which appeared in the EpikFail data breach. The conclusion is that Wyoming is the center of right wing cyber money laundering in the USA as well as being the heart of the Panama Papers empire. Donald Trump has been identified in the Panama Papers hack. Offshore Trove Exposes Trump-Russia links and Piggy Banks of the Wealthiest 1 Percent. And this expose by the WaPo: How the Chinese Internet ended up in Cheyenne, Wyoming
All those Alfa Bank pings to Trump's Trump Tower server probably have been traced as taking this Russian/Chinese cyber highway. Trump ran his money laundering operation from NYC via Cheyenne, via Panama, to (probably) the Ukraine, hence to Putin's (or his agents') server(s) in the Kremlin.
I refuse to condemn the hackers who exposed part of the picture of Trump's crime family laundromat and I refuse to condemn the hackers who have continued exposing the criminal laundromats run by people like Rob Monster. Republican Trumpists were outraged that the FBI obtained FISA warrants to "search" that activity and because of the evidence they gathered, were able to expose the illegal campaign interference (i.e. foreign donations) from Russians. Two of whom are convicted and serving sentences. Now the FBI can follow-up on the traitorous "patriots" of the right. Plus the IRS can, too, because there is doubtless a corresponding tax evasion case involving them and Trump being run using this highway with stops at the various net hotels that we traced leading from WY to Russia.
With all that in mind, is it any mystery why PayPal severed all relations with Monster's Epik domain business? They obviously determined that money laundering and tax evasion transactions that they previously and unknowingly left themselves open to when they had processed payments of these players, left them open to federal charges of accessory to both crimes. Legitimate business can't run away from such associations fast enough.
As for me, I invite Anonymous and other like-motivated hackers to get to work and root out this kind of online criminal syndicate you've just been reading about. They're needed to root out the threats to democracy that run their enterprises secretly and deceptively while selling snake oil to the Trumpty-Dumbpty faithful who probably could care less that the money they spend of all the sites and on owning such sites is devoted to the same single goal: Overthrowing the democratic government of the United States.
<b><u>UPDATE</u></b>
www.nytimes.com/...Trump Server Mystery Produces Fresh Conflict
<blockquote>Emails obtained by <i>The New York Times</i> and interviews with people familiar with the matter, who spoke on the condition of anonymity to discuss issues being investigated by federal authorities, provide a fuller and more complex account of how a group of cyberexperts discovered the odd internet data and developed their hypothesis about what could explain it.
(SNIP)
The Alfa Bank results “have been validated and are reproducible. The findings of the researchers were true then and remain true today; reports that these findings were innocuous or a hoax are simply wrong,” said Jody Westby and Mark Rasch, lawyers for David Dagon, a Georgia Institute of Technology data scientist and one of the researchers whom the indictment discussed but did not name.</blockquote>