Tag: russian hackers
Tulsi Gabbard

'Putin Is Giddy': National Security Agency Knew Russians Could Hack Signal

The National Security Agency was reportedly aware of vulnerabilities in the messaging app Signal weeks before 18 top Trump administration national security and defense officials used the app in a group chat to plan the recent bombing of Yemen. Those vulnerabilities, an NSA memo warned, were being exploited by Russian hackers. Details have also emerged that at least two top administration officials who were in the chat were overseas, including one in Moscow — where he met with Russian President Vladimir Putin.

The use of the Signal app by the upper echelon of Donald Trump’s national security and defense team has rocked the nation, fueling concerns over the mishandling of sensitive—and potentially classified—information in ways that may be unlawful. These fears are seemingly compounded by Trump’s alleged mishandling of hundreds of classified documents, which led to criminal charges that were ultimately dropped after the U.S. Supreme Court granted presidents broad immunity from prosecution for official acts.

CBS News reports that the National Security Agency (NSA), an arm of the Pentagon, had “sent out an operational security special bulletin to its employees in February 2025 warning them of vulnerabilities in using the encrypted messaging application Signal.”

The NSA operates under the authority of the Director of National Intelligence, Tulsi Gabbard.

The Pentagon also sent out a memo warning of Signal’s vulnerabilities and use by Russian hackers, just days after that group chat.

“Several days after top national security officials accidentally included a reporter in a Signal chat about bombing the Houthi sites in Yemen, a Pentagon-wide advisory warned against using the messaging app, even for unclassified information,” NPR reported Tuesday.

“Russian professional hacking groups are employing the ‘linked devices’ features to spy on encrypted conversations,” the Pentagon’s memo warned.

It also notes that Google has identified Russian hacking groups who are “targeting Signal Messenger to spy on persons of interest.”

The Pentagon memo reminded users that “third-party messaging apps (e.g. Signal) are permitted by policy for unclassified accountability/recall exercises but are not approved to process or store non-public unclassified information.”

NPR’s Quil Lawrence noted that “NPR has seen DoD memo as far back as 2023 prohibiting mobile apps for discussing even much less sensitive info like ‘controlled unclassified information.'”

Last month, a Google Threat Intelligence memo warned of the use of apps like Signal by “military personnel, politicians, journalists, activists, and other at-risk communities.”

Critics argue that the use of Signal for “war plans” was against policy. During Tuesday’s Senate Intelligence Committee hearing CIA Director John Ratcliffe had insisted Signal was approved for use.

National security experts, including at least one former Trump administration official, have been highly critical of the use of the app by the 18-members in a chat.

President Trump’s Ukraine and Middle East envoy Steve Witkoff “was in Moscow, where he met with Russian President Vladimir Putin, when he was included in a group chat with more than a dozen other top administration officials — and inadvertently, one journalist — on the messaging app Signal,” CBS News reported on Tuesday. “Russia has repeatedly tried to compromise Signal, a popular commercial messaging platform that many were shocked to learn senior Trump administration officials had used to discuss sensitive military planning.”

Trump’s Director of National Intelligence, Tulsi Gabbard, acknowledged on Tuesday during a Senate Intelligence Committee hearing that she was overseas during the Signal chat. The Associated Press reported the DNI “wouldn’t say whether she was using her personal or government-issued phone because the matter is under review by the White House National Security Council.”

The Wall Street Journal’s chief foreign-affairs correspondent Yaroslav Trofimov appears to be one of the first to note that Witkoff had been in Moscow during the time the chat had been organized. He notes: “The Signal app itself has high encryption. But if your phone is inside Russia, and especially if your WiFi and Bluetooth are not disabled, Russia can see what is inside your phone pretty easily.”

On Tuesday morning, Rep. Dan Goldman (D-NY) noted: “Not a single person out of 18 of the very most senior officials in this Admin — including the Director of National Intelligence and the CIA Director — voiced any concern with highly classified military plans circulated on Signal. You also can be sure this is not the only time.”

The Atlantic’s Dr. Norman Ornstein, a political scientist and scholar, responded to Rep. Goldman, writing: “Putin is giddy. He has compromised the phones of every top national security official in the Trump administration. No doubt has enough juicy information from what is likely to be multiple Signal chats to deeply damage American security. And possibly to blackmail some of them.”

Reprinted with permission from Alternet.

US Recovers Over Half Of Ransom Paid To Colonial Pipeline Hackers

US Recovers Over Half Of Ransom Paid To Colonial Pipeline Hackers

Washington (AFP) - The US Justice Department announced Monday that it had recovered more than half of the $4.4 million paid by Colonial Pipeline to Russia-based ransomware extortionists Darkside, who had forced the shutdown of a major US fuel network. "Today, we turned the tables on Darkside by going after the entire ecosystem that fuels ransomware and digital extortion attacks, including criminal proceeds in the form of digital currency," said Deputy Attorney General Lisa Monaco. The seizure came one month after the group gave the US government a security scare by breaking into the computer s...

 Colonial Pipeline

Trump Ignored Cyber Defense, But GOP Blames Biden For Pipeline Hack

Reprinted with permission from American Independent

EDITOR'S UPDATE: Colonial Pipeline announced that its East Coast gas line resumed operations around 5 pm ET on Wednesday evening. But the company cautioned that operations will ramp up for a few days before the line reaches full capacity.

Gas prices are up this week after a hacker attack shut down a major East Coast gas pipeline. Congressional Republicans are blaming the increased prices on President Joe Biden.

On May 8, the Colonial Pipeline Company announced it had been the victim of a cyberattack involving ransomware. The attack forced a shutdown of most of the privately held company's 5,500-mile East Coast pipeline, which ordinarily delivers 45% of the region's fuel and runs from Houston to New York. Panic-buying since the announcement has resulted in gas stations running out of fuel and the highest gas prices in six years.

According to the Federal Bureau of Investigation, a group of hackers with ties to Russia is behind the attacks, though there is no evidence they are acting on behalf of any government. The group, DarkSide, has a history of extorting money after hacking into company computer systems in the United States and Europe.

Rather than blame the problems on the group behind the attack or inadequate security at Colonial Pipeline, several Republican lawmakers have blamed the shutdown and the gas price spikes on Biden and cited it as evidence to condemn his presidency.

"Increased taxes, the largest increase in inflation since the '08 Obama jobless economy, and skyrocketing gas, energy, and household goods prices," accusedSen. Todd Young of Indiana on Wednesday. "American workers and families are being pummeled by the Biden economy."

"Highest gas prices in 6 years," tweeted Rep. Markwayne Mullin of Oklahoma. "Working families cannot afford Joe Biden's America."

"The people of NC-11 are feeling the effects of Biden's utter incompetence as they see gas prices soar and inflation loom," complained Rep. Madison Cawthorn of North Carolina. "Biden is hurting our people. I will fight for a better life for my neighbors every day. Enough is enough."

"Skyrocketing gas prices," wrote Alabama Rep. Barry Moore. "This is Joe Biden's America."

"Lines around city blocks for a gallon of gas," said Louisiana Rep. Mike Johnson. "By any objective measure, Biden's first 100 days have been a disaster."

"In Joe Biden's America you can't get gas or a job," added Colorado Rep. Ken Buck.

"In the 1970's, during the last major gas shortage, Joe Biden was already in government," said Rep. Lauren Boebert, also of Colorado.

While Republican lawmakers are busy tweeting, the Biden administration saysthe attack "has triggered a comprehensive federal response focused on securing critical energy supply chains." This includes creating an interagency response group, temporarily waiving fuel standards, giving emergency safety waivers to those transporting fuel, and providing security guidance for other infrastructure.

Colonial Pipeline Company praised the White House on Tuesday for "leadership and collaboration in resolving this matter."

Ransomware attacks predate Biden's 112-day-old administration, but few, if any, GOP lawmakers attacked Donald Trump for his handling of cybersecurity.

Experts say Trump not only failed to take the problem seriously, but actually made things worse. "Much of the work done … [during the Trump administration] was weakened by a president who didn't prioritize cyber-issues and who, in many cases, actively undercut any actions or messaging against our adversaries," Chris Painter, who coordinated cyber operations at the State Department under President Barack Obama, told the Washington Post in December.

Biden announced Monday that his administration will do everything possible to "disrupt and prosecute ransomware criminals" and "will be pursuing a global effort of ransomware attacks by transnational criminals who often use global money-laundering networks to carry them out."

But, Biden noted, much of the nation's vital infrastructure "is privately owned and managed, like Colonial," and those "private entities are making their own determination on cybersecurity."

The president added, "So to jumpstart greater private-sector investment in cybersecurity, we launched a new public-private initiative in April. It begins with a 100-day sprint to improve cybersecurity in the electric sector, and we'll follow that with similar initiatives in natural gas pipelines, water, and other sectors."

Republican Sen. Marsha Blackburn of Tennessee used the exposure by hackers of the vulnerability of one company to claim that America needs another oil pipeline.

"America is facing a gas shortage," Blackburn tweeted on Wednesday. "We need to get the Colonial pipeline back to work, and the Keystone pipeline back to construction."

Unlike the Colonial Pipeline, the proposed Keystone XL oil pipeline would not transport oil to Americans; it would be used by a Canadian company to transfer tar sands oil from Alberta to refineries in the Gulf of Mexico. Most of that refined oil would then likely be exported overseas.

Published with permission of The American Independent Foundation.

Mueller Links Roger Stone Indictment To Russian Hacking And Wikileaks

Mueller Links Roger Stone Indictment To Russian Hacking And Wikileaks

Reprinted with permission from Alternet.

When Special Counsel Robert Mueller issued the indictment against Roger Stone, a long-time ally of President Donald Trump, he filed it while noting that it was connected to another case: the indictment of Russians who hacked Democratic emails during the 2016 campaign.

Stone has been charged with lying to Congress, tampering with a witness, and obstructing justice.

Stone’s lawyers objected to the assertion that the cases were connected, a motion that could have triggered the case to be assigned to a different judge. But on Friday, Mueller responded to the lawyers’ objections and revealed why the cases are connected:

In Netyksho, eleven Russian military officers are charged by indictment with, inter alia, conspiring to hack into the computers of U.S. persons and entities involved in the 2016 U.S. presidential election, steal documents from those computers, and stage releases of the stolen documents to interfere with the 2016 U.S. presidential election.

As alleged in the Netyksho indictment, in 2016, the Netyksho defendants stole documents from the DNC, the Democratic Congressional Campaign Committee, and the Clinton campaign chairman. Those defendants then released many of the stolen documents, including through a website maintained by Organization 1. In the course of investigating that activity, the government obtained and executed dozens of search warrants on various accounts used to facilitate the transfer of stolen documents for release, as well as to discuss the timing and promotion of their release. Several of those search warrants were executed on accounts that contained Stone’s communications with Guccifer 2.0 and with Organization 1. Evidence obtained from those search warrants resulted in the allegations that the Netyksho defendants hacked and stole documents for release through intermediaries, including Organization 1, and that Stone lied to a congressional committee investigating, among other things, the activities of Organization 1 regarding those stolen documents.

Here, “Organization 1” refers to WikiLeaks, which published the stolen emails.

Mueller also argued that Stone’s actions are part of the same “alleged criminal event or transaction” as those at issue in Netyksho.

He explained that the “criminal conduct alleged in Netyksho was a central focus of the congressional investigation that the defendant is alleged to have obstructed, and therefore the activities underlying the crimes charged in that case are part of the same activities underlying the crimes charged in this case.”

Since Stone’s lies came up in the context of an investigation the Russian election interference and possible connections to the actions of Americans, the cases are linked.

“The defendant’s false statements did not arise in a vacuum,” the filing said.

Perhaps most damningly, prosecutors noted that they had seized hundreds of thousands of Stone’s communications: “The government obtained and executed dozens of search warrants on various accounts used to facilitate the transfer of stolen documents for release, as well as to discuss the timing and promotion of their release.
“Several of those search warrants were executed on accounts that contained Stone’s communications with Guccifer 2.0 and with Organization 1.”

 

Shop our Store

Headlines

Editor's Blog

Corona Virus

Trending

World