Trapped & Traced #GammsGroup #FinFisher 03-13-2023 from new AT&T Motorola Phone under ~$100 πβ£οΈπ€³πππ
ΒΉ From Virus Total Scanner:
https://www.virustotal.com/en/file/9b53e0eeb35c173fd0c56b85812c0e59501a8588037dc92b8bac38e916ffdf09/analysis/ #VisualVoicemail
GammaGroup.com Visual voicemail FinFisher Module 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/g806efa51f1af4a638b20262b6931f8b0caab56f276834ca58b01afcc4605057e
Β² From Virus Total Scanner:
https://www.virustotal.com/en/file/5387c9d5a137908cdc7820af51fea018c7b96dcce08a32a1fc20e9b6e64c8738/analysis/ #CarrierHub
GammaGroup From FinFisher CarrierHub 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/g13901560905741e48e926e061e01252bfa4ff6e8255f4156b56ca739c4ecaff3
Β³ From Virus Total Scanner:
https://www.virustotal.com/en/file/433321001cb907c775e4a06c1a2e36861b0d0355a74b4b9d0d1c2e48cce55d4c/analysis/ #MCMClient
GammaGroup FinFisher Module MCMClient 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/gf312aa3fc4174d9b88355ad755e6f24522e795ee3a304d3db07bb0ec7daa702b
β΄ From Virus Total Scanner:
https://www.virustotal.com/en/file/ae22b44ad5381463912046aea7ec541352e22b02f2f0887864807b22473c92ca/analysis/ #MTPHost π¬ Gmail backdoor Client
GammaGroup FinFisher Module MTPHost 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/g2579d64499654488a367fc14de7457bb6cd1b7489d0840cf8e0b61baa1d96bd6
β΅
From Virus Total Scanner:
https://www.virustotal.com/en/file/727ed61fe7e6476a4a7e08fcc16447fb74f6df317ea16f483efcf3da709cd4ba/analysis/ #MobileInstaller
GammaGroup FinFisher Module MobileInstaller 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/g5af535a69bba4ad6a8db6866f9e46075d42e2e8e0b424cfb93ec7bd473ff2180
βΆ From Virus Total Scanner:
https://www.virustotal.com/en/file/87b87fc66535c3415bffd4cd34c48d67054b9b4b90c4092fa535cb45ed5a0f41/analysis/ #InvisibleNet Motorola
GammaGroup FinFisher Module InvisibleNet 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/g01fa7fb9fb744f0d903e473bcd5fbad0a079d61992144621852170d09a81b6c9
β· #GammaGroup #FinFisher #FinSpy #Finsky #infosec #detectionkit for #Android apps list & tools involved
ΒΉ Firewall AI -π Blocking / Host Lists π
Β² VirusTotal App ππ€³π»β£οΈπ
Β³ VirusTotal Forensics ENV Read-Only Account πβ£οΈπ
β΄ PCAPdroid App - PCAP files / Host Lists πποΈπ
β΅ Textpad or Text file editor - πππ
βΆ Web2 + Web3 posting π¨βπ»π©βπ»π»π₯οΈπΏπΎπ¨οΈππ§π
#SSMβ’ #StateSponsoredMalwareβ’ #investigations by #infosec_jcp
#gammsgroup #finfisher #visualvoicemail #carrierhub #mcmclient #mtphost #mobileinstaller #InvisibleNET #gammagroup #finspy #Finsky #infosec #detectionkit #android #ssm #statesponsoredmalware #investigations #infosec_jcp
Trapped & Traced #GammsGroup #FinFisher 03-13-2023 from new AT&T Motorola Phone under ~$100 πβ£οΈπ€³πππ
ΒΉ From Virus Total Scanner:
https://www.virustotal.com/en/file/9b53e0eeb35c173fd0c56b85812c0e59501a8588037dc92b8bac38e916ffdf09/analysis/ #VisualVoicemail
GammaGroup.com Visual voicemail FinFisher Module 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/g806efa51f1af4a638b20262b6931f8b0caab56f276834ca58b01afcc4605057e
Β² From Virus Total Scanner:
https://www.virustotal.com/en/file/5387c9d5a137908cdc7820af51fea018c7b96dcce08a32a1fc20e9b6e64c8738/analysis/ #CarrierHub
GammaGroup From FinFisher CarrierHub 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/g13901560905741e48e926e061e01252bfa4ff6e8255f4156b56ca739c4ecaff3
Β³ From Virus Total Scanner:
https://www.virustotal.com/en/file/433321001cb907c775e4a06c1a2e36861b0d0355a74b4b9d0d1c2e48cce55d4c/analysis/ #MCMClient
GammaGroup FinFisher Module MCMClient 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/gf312aa3fc4174d9b88355ad755e6f24522e795ee3a304d3db07bb0ec7daa702b
β΄ From Virus Total Scanner:
https://www.virustotal.com/en/file/ae22b44ad5381463912046aea7ec541352e22b02f2f0887864807b22473c92ca/analysis/ #MTPHost π¬ Gmail backdoor Client
GammaGroup FinFisher Module MTPHost 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/g2579d64499654488a367fc14de7457bb6cd1b7489d0840cf8e0b61baa1d96bd6
β΅
From Virus Total Scanner:
https://www.virustotal.com/en/file/727ed61fe7e6476a4a7e08fcc16447fb74f6df317ea16f483efcf3da709cd4ba/analysis/ #MobileInstaller
GammaGroup FinFisher Module MobileInstaller 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/g5af535a69bba4ad6a8db6866f9e46075d42e2e8e0b424cfb93ec7bd473ff2180
βΆ From Virus Total Scanner:
https://www.virustotal.com/en/file/87b87fc66535c3415bffd4cd34c48d67054b9b4b90c4092fa535cb45ed5a0f41/analysis/ #InvisibleNet Motorola
GammaGroup FinFisher Module InvisibleNet 03-13-2023
New VT generated after Save:
https://www.virustotal.com/graph/embed/g01fa7fb9fb744f0d903e473bcd5fbad0a079d61992144621852170d09a81b6c9
β· #GammaGroup #FinFisher #FinSpy #Finsky #infosec #detectionkit for #Android apps list & tools involved
ΒΉ Firewall AI -π Blocking / Host Lists π
Β² VirusTotal App ππ€³π»β£οΈπ
Β³ VirusTotal Forensics ENV Read-Only Account πβ£οΈπ
β΄ PCAPdroid App - PCAP files / Host Lists πποΈπ
β΅ Textpad or Text file editor - πππ
βΆ Web2 + Web3 posting π¨βπ»π©βπ»π»π₯οΈπΏπΎπ¨οΈππ§π
#gammsgroup #finfisher #visualvoicemail #carrierhub #mcmclient #mtphost #mobileinstaller #InvisibleNET #gammagroup #finspy #Finsky #infosec #detectionkit #android
So after having a $1200 Samsung phone bricked by #SSMβ’ #StateSponsoredMalwareβ’ from #GammaGroup's #FinFisher #FinSpy #Finsky I am writing a post analysis of some 'features' to be detailed at a later time when I have time.
Suffice to say some items available include:
ΒΉ Disabling Digitizer
Β² Disabling the lower part of the
"βοΈ βΌοΈ β«" so you can't minimize, go back or home key."
Β³ Neu use of #QuciksandModule to #BatteryDrain and change the voltage input on the charger and/or altering the π #battery power display
β΄ #Nuking & #Disabling the #Phone dialer app to make the #CallLog show nothing.
β΅ #Nuking & #Disabling the #Contacts app so you can't add any numbers
βΆ #Corrupting the #Addressbook so that all your #contacts go π₯
β· Intermittent Display of items
βΈ #E911Backdoor usage such that even without a #SIMCard comms & even #AirplaneMode overlay shows airplane mode but really the phone is ON the Data network.
βΉ Removal of the #simcard got temporary usage of my phone and it went back to normal use wise but then the #E911Backdoor was data enabled once they got approval.
#ssm #statesponsoredmalware #gammagroup #finfisher #finspy #Finsky #quciksandmodule #batterydrain #battery #nuking #disabling #phone #calllog #contacts #corrupting #addressbook #e911backdoor #simcard #AirplaneMode
So after having a $1200 Samsung phone bricked by #SSMβ’ #StateSponsoredMalwareβ’ from #GammaGroup's #FinFisher #FinSpy #Finsky I am writing a post analysis of some 'features' to be detailed at a later time when I have time.
Suffice to say some items available include:
ΒΉ Disabling Digitizer
Β² Disabling the lower part of the
"βοΈ βΌοΈ β«" so you can't minimize, go back or home key."
Β³ Neu use of #QuciksandModule to #BatteryDrain and change the voltage input on the charger and/or altering the π #battery power display
β΄ #Nuking & #Disabling the #Phone dialer app to make the #CallLog show nothing.
β΅ #Nuking & #Disabling the #Contacts app so you can't add any numbers
βΆ #Corrupting the #Addressbook so that all your #contacts go π₯
#ssm #statesponsoredmalware #gammagroup #finfisher #finspy #Finsky #quciksandmodule #batterydrain #battery #nuking #disabling #phone #calllog #contacts #corrupting #addressbook
So after having a $1200 Samsung phone bricked by #SSMβ’ #StateSponsoredMalwareβ’ from #GammaGroup's #FinFisher #FinSpy #Finsky I am writing a post analysis of some 'features' to be detailed at a later time when I have time.
Suffice to say some items available include:
ΒΉ Disabling Digitizer
Β² Disabling the lower part of the
"βοΈ βΌοΈ β«" so you can't minimize, go back or home key."
Β³ Neu use of #QuciksandModule to #BatteryDrain and change the voltage input on the charger and/or altering the π #battery power display
β΄ #Nuking & #Disabling the #Phone dialer app to make the #CallLog show nothing.
β΅ #Nuking & #Disabling the #Contacts app so you can't add any numbers
βΆ #Corrupting the #Addressbook so that all your #contacts go π₯
#ssm #statesponsoredmalware #gammagroup #finfisher #finspy #Finsky #quciksandmodule #batterydrain #battery #nuking #disabling #phone #calllog #contacts #corrupting #addressbook
The look on the #pedophiles faces π³ when they realized that the #UK's #GammaGroup's #FinFisher #FinSpy #Finsky #ForcedMDM and #rooted their phones & collected all the #evidence about them and their #Facebook #Meta #WhatsApp #Oculus #Instagram #Repulbican #PedophileCult even with #E2EE in an article about #Signal
#pedophiles #uk #gammagroup #finfisher #finspy #Finsky #forcedmdm #rooted #evidence #facebook #meta #whatsapp #oculus #instagram #repulbican #pedophilecult #e2ee #signal #infosec
They should be more worried about that UK based GammaGroup.com's #FinFisher #FinSpy #Finsky that already #ForcedMDM's whoever they want.
See my post(s) about this over at that dead birb cite:
https://mobile.twitter.com/search?q=GammaGroup%20(%40infosec_jcp)&src=typed_query
#finfisher #finspy #Finsky #forcedmdm #infosec #journalism #rtdna
Oooo! Found a new #FeederProxy on #AWS for #GammaGroup's #FinFisher #FinSpy #Finsky that has a very low rating so as to fly below the detection radar.... For. Now. π§
GammaGroup FinFisher
Callback Proxy Feeder App on AWS : System App : Proxy Feeder / Low Detection rated #stealthProxy buried deep in #AWS .
Keeping an eye on this one ππ
host : ec2-35-160-233-103.us-west-2.compute.amazonaws.com
#feederproxy #aws #gammagroup #finfisher #finspy #Finsky #stealthproxy #virustotal #infosec
#GammaGroup #FinFisher #FinSpy #Finsky
App : #System
CDN host on Infosec.exchange
host : 143-244-50-84.bunnyinfra.net
#VirusTotal of 143-244-50-84.bunnyinfra.net
#gammagroup #finfisher #finspy #Finsky #system #virustotal
Here is my #PinnedTweet from the birb site about #infosec
https://mobile.twitter.com/infosec_jcp/status/1522605524214181888
Sick criminals at #Meta & #Google ruined my life with #GammaGroup's #FinFisher #FinSpy #Finsky for their #InsiderTrading of information by surveillance of me for the last two plus decades while I worked for #SunMicrosystems #BEASystems #OracleSystems & #CiscoSystems and now are running a disinfo campaign to destroy my credibility on #Meta for the past 17+yrs by lying about my past all to please their Russian / RINO handlers who are just #CounterIntelligence agents for #Trump / #Putin who were misled by bad #HUMIT...
So when you see the 'propaganda account I n Facebook claiming to be me' know that it IS a propaganda account run by a psychopath who is _CLAIMING_ to be me. Zachariah 'Not a Hacker - ZombZack@Gmail' Crocker confessed LIVE and ON CAMERA about this as a harassment account and also a #CounterIntelligence technique #Facebook #Meta #WhatsApp & the eye implants at the #Oculus accounts that stream your right eye sights and sounds, B R A G G E D about.
And before you go all off on some conspiracy rant. Know that #NanoTechExists, doofus.
Stupid. #Republican. In. Name. Only. π¦. ( #RINO ) #pedophiles
On. #Meta.
You. Are. In. A. Cult.
#pinnedtweet #infosec #meta #google #gammagroup #finfisher #finspy #Finsky #insidertrading #sunmicrosystems #beasystems #oraclesystems #ciscosystems #counterintelligence #trump #putin #humit #facebook #whatsapp #oculus #nanotechexists #republican #rino #pedophiles
Here is my #PinnedTweet from the birb site about #infosec
https://mobile.twitter.com/infosec_jcp/status/1522605524214181888
Sick criminals at #Meta & #Google ruined my life with #GammaGroup's #FinFisher #FinSpy #Finsky for their #InsiderTrading of information by surveillance of me for the last two plus decades while I worked for #SunMicrosystems #BEASystems #OracleSystems & #CiscoSystems and now are running a disinfo campaign to destroy my credibility on #Meta for the past 17+yrs by lying about my past all to please their Russian / RINO handlers who are just #CounterIntelligence agents for #Trump / #Putin who were misled by bad #HUMIT...
So when you see the 'propaganda account I n Facebook claiming to be me' know that it IS a propaganda account run by a psychopath who is _CLAIMING_ to be me. Zachariah 'Not a Hacker - ZombZack@Gmail' Crocker confessed LIVE and ON CAMERA about this as a harassment account and also a #CounterIntelligence technique #Facebook #Meta #WhatsApp & the eye implants at the #Oculus accounts that stream your right eye sights and sounds, B R A G G E D about.
Stupid. #Republican. In. Name. Only. π¦. ( #RINO ) #pedophiles
On. #Meta.
You. Are. In. A. Cult.
#pinnedtweet #infosec #meta #google #gammagroup #finfisher #finspy #Finsky #insidertrading #sunmicrosystems #beasystems #oraclesystems #ciscosystems #counterintelligence #trump #putin #humit #facebook #whatsapp #oculus #republican #rino #pedophiles
So was digging back on my #TWTR timeline during the #Pandemic and found a real banger story I was plate spinning which has a #StateSponsoredMalware #SSMβ’ angle as well as a #PDFSpearPhishing component of a shady #HousingEvictionSpecialist who is well known in the #BayArea , #BrianScarsbeckLaw who is now working with #ToddRothsbardLaw for Todd. Hi Todd! π
So, I did a traceback on this #SpearPhishingPDF that Brian Scarsbeck was serving to HIS CLIENTS AND POTENTIAL CLIENTS which compromises their clients computer and allows full access into said clients systems.
Use of #FinFisher #FinSpy #Finsky client #investigations
#HousingEvictionFraud using #MetaBrigades #GangStalkers who organized a coordinated effort to harass me while I worked for #CiscoSystems.
β£οΈπ #Investigations by #infosec_jcp β£οΈπ
Thread:
https://mobile.twitter.com/infosec_jcp/status/1448069568254124037
#twtr #pandemic #statesponsoredmalware #ssm #pdfspearphishing #housingevictionspecialist #bayarea #brianscarsbecklaw #toddrothsbardlaw #spearphishingpdf #housingiskey #COVID19 #infosec #investigations #finfisher #finspy #Finsky #housingevictionfraud #metabrigades #gangstalkers #ciscosystems #infosec_jcp
So was digging back on my #TWTR timeline during the #Pandemic and found a real banger story I was plate spinning which has a #StateSponsoredMalware #SSMβ’ angle as well as a #PDFSpearPhishing component of a shady #HousingEvictionSpecialist who is well known in the #BayArea , #BrianScarsbeckLaw who is now working with #ToddRothsbardLaw for Todd. Hi Todd! π
So, I did a traceback on this #SpearPhishingPDF that Brian Scarsbeck was serving to HIS CLIENTS AND POTENTIAL CLIENTS which compromises their clients computer and allows full access into said clients systems.
Use of #FinFisher #FinSpy #Finsky client #investigations
#HousingEvictionFraud using #MetaBrigades #GangStalkers who organized a coordinated effort to harass me while I worked for #CiscoSystems.
β£οΈπ #Investigations by #infosec_jcp β£οΈπ
Thread:
https://mobile.twitter.com/infosec_jcp/status/1448069568254124037
#twtr #pandemic #statesponsoredmalware #ssm #pdfspearphishing #housingevictionspecialist #bayarea #brianscarsbecklaw #toddrothsbardlaw #spearphishingpdf #housingiskey #COVID19 #infosec #investigations #finfisher #finspy #Finsky #housingevictionfraud #metabrigades #gangstalkers #ciscosystems #infosec_jcp
So was digging back on my #TWTR timeline during the #Pandemic and found a real banger story I was plate spinning which has a #StateSponsoredMalware #SSMβ’ angle as well as a #PDFSpearPhishing component of a shady #HousingEvictionSpecialist who is well known in the #BayArea , #BrianScarsbeckLaw who is now working with #ToddRothsbardLaw for Todd. Hi Todd! π
So, I did a traceback on this #SpearPhishingPDF that Brian Scarsbeck was serving to HIS CLIENTS AND POTENTIAL CLIENTS which compromises their clients computer and allows full access into said clients systems.
#HousingIsKey #COVID19 #infosec #investigations #FinFisher #FinSpy #Finsky #investigations #HousingEvictionFraud #Investigations by #infosec_jcp
Thread:
https://mobile.twitter.com/infosec_jcp/status/1448069568254124037
#twtr #pandemic #statesponsoredmalware #ssm #pdfspearphishing #housingevictionspecialist #bayarea #brianscarsbecklaw #toddrothsbardlaw #spearphishingpdf #housingiskey #COVID19 #infosec #investigations #finfisher #finspy #Finsky #housingevictionfraud #infosec_jcp
So was digging back on my #TWTR timeline during the #Pandemic and found a real banger story I was plate spinning which has a #StateSponsoredMalware #SSMβ’ angle as well as a #PDFSpearPhishing component of a shaded #HousingEvictionSpecialist who is well known in the #BayArea , #BrianScarsbeckLaw who is now working with #ToddRothsbardLaw for Todd. Hi Todd! π
So, I did a traceback on this #SpearPhishingPDF that Brian Scarsbeck was serving to HIS CLIENTS AND POTENTIAL CLIENTS which compromises their clients computer and allows full access into said clients systems.
#HousingIsKey #COVID19 #infosec #investigations #FinFisher #FinSpy #Finsky #investigations #HousingEvictionFraud #Investigations by #infosec_jcp
Thread:
https://mobile.twitter.com/infosec_jcp/status/1448069568254124037
#twtr #pandemic #statesponsoredmalware #ssm #pdfspearphishing #housingevictionspecialist #bayarea #brianscarsbecklaw #toddrothsbardlaw #spearphishingpdf #housingiskey #COVID19 #infosec #investigations #finfisher #finspy #Finsky #housingevictionfraud #infosec_jcp
Today I got four more IP's from four different IP ranges calling back as #System app from a #GammaGroup #FinFisher #FinSpy #Finsky desperately trying to reach π #Google's, #AWS , #Twitter and another #CloudFront (not shown).ππ§ββοΈπ€
Edit: See attached direct IPs and FQDNs. β£οΈ
So desperate this #CarrierHub #SSMβ’ #malware #UIUX #infosec #DetectionWithoutSoftware ππ #ForcedMDM demo
#system #gammagroup #finfisher #finspy #Finsky #google #aws #twitter #cloudfront #carrierhub #ssm #malware #uiux #infosec #detectionwithoutsoftware #forcedmdm
Today I got four more IP's from four different IP ranges calling back as #System app from a #GammaGroup #FinFisher #FinSpy #Finsky desperately trying to reach π #Google's, #AWS , #Twitter and another #CloudFront (not shown).ππ§ββοΈπ€
Edit: See attached direct IPs and FQDNs. β£οΈ
So desperate this #CarrierHub #SSMβ’ #malware #UIUX #infosec #DetectionWithoutSoftware ππ demo
#system #gammagroup #finfisher #finspy #Finsky #google #aws #twitter #cloudfront #carrierhub #ssm #malware #uiux #infosec #detectionwithoutsoftware
Today I got four more IP's from four different IP ranges calling back as #System app from a #GammaGroup #FinFisher #FinSpy #Finsky desperately trying to reach π #Google's, #AWS , #Twitter and another ASN. ππ§ββοΈπ€
Will list the direct IPs and FQDNs later. β£οΈ
#system #gammagroup #finfisher #finspy #Finsky #google #aws #twitter
#GammaGroup.Com
#FinFisher #FinSpy #Finsky
App : #CarrierHub : #ForcedMDM
β£οΈ IP 142.250.68.42 β£οΈ
#VirusTotal'D
https://www.virustotal.com/graph/embed/g2d788ed91ba84968ad15971054394ec2dc7697e15e3442b9b43c74667702b4e2?theme=light
#gammagroup #finfisher #finspy #Finsky #carrierhub #forcedmdm #virustotal