Tag: Kelhios botnet

DAUGHTERGATE: Ivanka Trump Scrubbed From Trump Poker Shell Companies

New financial disclosures reported by Donald Trump show Ivanka Trump’s name being scrubbed from shell companies related to online gambling. Sources with links to the intelligence community and separate sources with links to the White House say that these companies were designed to disguise Russian payments and money-laundering. They further point, these sources say, to the fact that the Kelhios botnet – which was used in Russia’s hack on the American election – was run by a command and control server working from Trump Tower, with the full knowledge of Eric Trump.

Ivanka has been linked to eleven companies in the Trump financial disclosures. Her status has been put to “Inactive” on several odd holding companies, including:

and others. The most immediately interesting company of Ivanka Trump’s is “Poker Venture Managing Member Corp“.  This is owned by Donald and Ivanka Trump. Ivanka’s company with her father itself is an officer of this very dodgy-looking shell, “Poker Venture LLC.” Judging by the corporation wiki, there is panic in Team Ivanka and Team Trump over “Poker Venture“.  It shows zero “Key People”, and has two other almost identical companies as its officers – the live, active PVMMC that Ivanka co-owns with her pops, and this “Inactive” attempt to clean Ivanka out of the picture: by: Poker Venture Managing Member Corp by: Donald J. Trump.

Those touring “Corporation Wiki” will be surprised to see that “Poker Venture Managing Member Corp by: Donald J Trump” lists itself as an officer of inactive “Poker Venture”, yet when one clicks on the gray icon, one is taken to the same active company.

All very strange. Why are Ms. Trump’s shell companies having a panic? What does it matter if she is directly connected to Trump International Hotel Management (which she is) through TIHM? Why is “Poker Ventures” suddenly showing as both active and inactive simultaneously?

Patribotics hopes to expand reporting and commission other writers. If you would like to donate, there are buttons around the site, or you could make a contribution here. 

Sources with links to the intelligence community say that the disassociation with the TIHM is because Trump Hotels and Eric Trump are linked to the Kelhios botnet, which was run with a command and control server out of Trump Tower with the full knowledge of Eric and Donald Trump, and also of course, of Ivanka Trump, whose husband Jared was talking to the Russian Ambassador in the Russian Embassy about secret communications with Russia.

Poker Venture Managing Member Corp is a Nevada company. On the Nevada Secretary of State’s website, it shows an odd filing history. The company was formed in 2012, filed an annual listing in 2013 and 2014; no documents are listed for 2015, but two appear two years later, on August 4 2016.  However, the official Nevada listing shows PVMMC being cancelled on May 22, 2017.

Equally odd is that the state of New Jersey   – (Ivanka Trump has a New Jersey address listed as one of her business records, associated with Poker Ventures) – has added to its newly published list of “Internet Gaming Ancillary Companies”  both Poker Ventures LLC, which was already listed, but also “Novacorp Net Ltd”, “VidMob Inc” and “Reblaze Technologies”.  VidMob Inc, a video company, appears to have a Russian developer on its github, Sergey Shpuntov, whose activity appears to be locked on GitHub; Novacorp Net appears to be associated with a credit card company whose records have been scrubbed (but not well enough); while Reblaze Technologies appears to be coded by Russo-Israelis. Russian Israeli.jpeg

Much worse, Reblaze Technologies does not appear to have much to do with “ancillary services for internet gambling” in NJ – rather, it publishes anti-NSA blogs such as these, lauding the ‘hacking tools’ leaked by Shadow Brokers. Reblaze also offers lists of “protect your website” services you can buy from Russian hackers [sic], listing, ostensibly to protect against them, the full range of tools employed on Russia’s hack of America; its founder repeated the anti-NSA blog in an article that reads as a threat to hack America on Medium in December 2016.

Despite this, even the most secretive malware usually gets exposed eventually.

A great example of this occurred in August: ‘Powerful NSA hacking tools have been revealed online’. As the article explained, “some of the most powerful espionage tools created by the National Security Agency’s elite group of hackers” were stolen by illicit hackers and placed up for auction, for any cybercriminal in the world to buy.

Put all of these together – Novacorp, VidMob and Reblaze, as brand new additions to New Jersey’s “ancillary internet gambling companies” and you see three Russian companies involved, sources allege, with the Kelhios botnet, the direct Russian hack on American voter registries and the DNC, and malware delivered via the Kelhios botnet, that are now trying to cover themselves by pretending to have something to do with “online gambling”. Sources suggest that all three directly relate to Ivanka Trump’s “Poker Ventures” company with her father, which is listed on the same sheet. The state document says:

The following companies have filed completed applications to provide ancillary services for Internet gaming. Preliminary examination of the filings allows for these companies to enter into agreements with casino licensees and Internet gaming permit holders.

It is not therefore much of a leap to imagine – though sources were not specific on this point – that Novacorp, VidMob and Reblaze have been discovered to have been paid by a Trump company, and that their late additions to the New Jersey filing are an attempt to provide a figleaf over other “services” that they did provide.

On the wider reason for the cover-up on Ivanka, sources suggested patribotics was being pointed to specific documents because Trump is threatening to fire Special Counsel Robert Mueller. Patience for Trump’s obstruction is wearing thin, sources with links to the intelligence community report. They also suggest that Paul Ryan, who is more realistic towards his own predicament than Mr. Trump, is willing to cooperate with authorities in exchange for mitigation of his own sentence. If Ryan gives up McConnell, and does not impede Mueller or the FBI further, it is possible he may avoid jail, although like Devin Nunes he will be required to resign from Congress. Ryan spoke in defense of Special Counsel Mueller, showing that Trump can no longer rely on Russian kompromat on Ryan to protect him.

If whistleblowers wish to contact patribotics they are encouraged to get in touch on Twitter or via the contact form elsewhere on this site.

 

Read More of our ground-breaking Trump Russia journalism here:

 

EXCLUSIVE: Director Comey Legally Taped Calls, Meetings With Trump

EXCLUSIVE: Sources with links to the Justice Department confirm that U.S. intelligence has legal copies of all Donald Trump’s “tapes” of his meetings with Director Comey – and that Comey had his own phone legally hacked in order to record suspects, including Trump, Eric Trump and Donald Trump Jr, for over a year.

Patribotics hopes to expand our reporting and commission other writers. If you would like to donate, there are buttons around the site, or you could make a contribution here. 

On June 9th, in the United States District Court of the Eastern District of New York, Judge Orenstein slapped down Jeff Sessions as he attempted to force the service provider on James Comey’s phone to assist Sessions with continuing an SS7 exploit placed there by the consent of James Comey, and lawfully, in order to help Comey in his criminal investigation of Donald Trump and Russia.

Separate sources with links to the intelligence and justice communities are clear that the ‘witness’ in this case is James Comey, the ‘software solution’ is the SS7 exploit used on his phone by consent, and that his phone was recording, again, by consent, and as part of a lawful criminal investigation that included Donald Trump, all his conversations for well over a year. This would mean that the FBI had essentially used Director Comey’s cell phone to monitor suspects in the Trump Russia case since before the beginning of June, 2016. This is very, very bad news for Mr. Trump.  If Trump, as he is openly threatening, prepares to fire Special Counsel Mueller, parts of these tapes may be leaked to the general public. The court case itself, with the names of the witness and his cell phone provider redacted, is open, public record, but sources linked to the intelligence community have confirmed the witness to be Director Comey, giving the document an extraordinary significance.

First we can see that the ‘hot mike’ phone was provided to Director Comey by Federal Agents, in or before the summer of 2016, as part of a criminal investigation, and in order to assist him in that investigation:

As part of an investigation into suspected criminal activity, the government has secured the agreement of the Witness to engage in monitored communications with subjects of the investigation. Beginning over a year ago, agents provided the Subject Telephone to the Witness, who in turn provided written consent to the interception and recording of all calls made and received over that device

Second, we can see that Director Comey had renewed his written consent on this ‘several months later’ and again just two days before Trump fired him. The day after this consent was renewed, Comey interviewed Donald Trump Jr and Eric Trump about the Kelhios botnet operating out of Trump Tower, which they both had knowledge of.  This conversation too was legally recorded and likely was the immediate spur for Trump to obstruct justice by firing Comey.

The Witness again provided written consent to the monitoring of the Subject Telephone several months later, and then did so a third time two days ago; in this most recent writing, according to the government, the Witness again committed “not [to] allow third parties to use the telephone.” Id. at 7 & Ex. A.3

It is clear that the government, by which we mean Jeff Sessions, submitted to the court that he needed help finding out how Director Comey’s cell phone had been monitored as the “software based solution” (ie, the SS7 hot mike of the phone) had been discontinued. Intelligence sources familiar with the matter were scornful of the idea that the consensual monitoring of Director Comey’s phone would be continued after he was fired for investigating Trump’s sons and the Kelhios botnet used in Russia’s hack of the U.S. election. (In point of fact, sources laughed aloud at the suggestion).

Until recently, the agents consensually monitored the Subject Telephone’s communications and location by using “a software-based solution” that did not require the Provider’s participation. Id. at 7 n.6. The government reports that the latter product was recently “discontinued” without explaining how that discontinuance renders the product it was already using ineffective (although I assume that it must be so).

The translation of this passage is that intelligence agents who consensually hacked the phone switched off their exploit the second Trump fired Comey, and Jeff Sessions was whining to the court that he could not get back in.

In the dry language of the ruling, judge Orenstein told Sessions that Comey was using this exploit to investigate a crime and that hacking his phone without consent was completely unnecessary. He told Sessions to go and boil his head.

The third discretionary factor is necessity. In N.Y. Tel. Co., the Supreme Court observed that “without the Company’s assistance there is no conceivable way in which the surveillance authorized by the District Court could have been successfully accomplished.” 434 U.S. at 175. The record before me shows no such necessity. The government has demonstrated only that for over a year, it was able to monitor the Witness’s communications over the Subject Telephone without the Provider’s assistance, and that the particular product it used to do so has been discontinued. It has not asserted, much less established, that there are no other alternatives available that will allow it to accomplish its investigative goal without forcing the Provider to furnish technical assistance against its will. The complete lack of any showing of necessity weighs heavily against the government.

The front-facing of Director Comey’s identity to Patribotics may be taken as a warning shot on Mueller. As I have previously reported, Donald Trump is under a criminal indictment, and Director Comey decided he himself might need to be fired in order to advance the narrative away from himself and towards Donald Trump’s criminal actions. Sources report the Articles of Impeachment being considered by the Judiciary Committee have now advanced further and the language of them is presently being worked upon for presentation to Congress, at which point, the criminal indictment granted against Trump will be made public.

Come for the Bishop, best not miss.

If whistleblowers wish to contact patribotics they are encouraged to get in touch on Twitter, or via the secure email listed here

Sources: Boris Epshteyn Paid Russian Hackers For Both Team Trump and FSB

Exclusive: Sources linked to the intelligence community say it is believed that a Russian hacker of the election, Pyotr Levashov, was paid directly by Boris Epshteyn on behalf of both Trump and the FSB.

boros

Patribotics hopes to expand reporting and commission other writers. If you would like to donate, there are buttons around the site, or you could make a contribution here. 

Sources say the indictment on April 20th of Levashov in the US district court in Connecticut (where an FBI counterintelligence division is based) represents the first concrete move in court that openly leads towards the impeachment of Donald Trump and the prosecution of dozens of members of his team – because this hacker, the sources suggest, was compensated by Team Trump and the FSB jointly, and Team Trump, sources say, know it.

Mr. Epshteyn’s lawyers have denied to me in writing that he was ever an agent of Russia, and have said that neither he nor his parents were ever agents of the Russian state. However, I stand by my prior and current reporting on this public figure, who, until recently, was a member of the US Government as staff at the White House, as well as maintaining a constant public presence as a surrogate of Mr. Trump’s during the campaign, and on television for the White House after it.

Multiple sources with links to the intelligence community report that:

Trump Tower was a “command and control” center for the Kehlios botnet, dismantled by the FBI;

That the “Trump server” with a Trump Tower IP address, that was communicating with servers owned by Alfa Bank in Russia, and with Spectrum Health, had the data packets it sent opened on the hour by human members of Trump’s data team, located near to Trump Tower;

As I have previously reported here at patribotics, the server was ‘washing’ the DNC’s stolen, hacked ‘Vertica” database with voter registration databases – but new sources report further information that images were also sent from or to Russia, and opened by members of Trump’s own team on an hourly basis

That “Pyotr Levashov'” or “Peter Severa”, indicted by the FBI for running the Kehlios botnet, was recruited for the hacking effort by Mr. Epshteyn, who, sources say, was working for both the FSB and team Trump;

That in 2015, Trump Hotels was fined a pittance of $50,000 for malware and credit card fraud after it failed to correct an earlier “breach”, but that this was deliberate, as the credit card malware would later be repurposed to be used in the election;

Kcmc.jpeg

That human accounts pushing out fake memes authorized by Russia were paid, via the Kelhios botnet being operated from Trump HQ, using bitcoin and a spam payments system previously used for pornography;

And that Pyotr Levashov, aka Peter Severa, is also connected to one Dante Jimenez, another top spammer who himself connects back to Hostkey – the Russian company controlled by Vladimir Putin, with servers in the Russian academy of sciences, that hosts Wikileaks

Sources further attest that the FBI intercepted the traffic between the Alfa Bank server and Mr. Trump’s server, and know exactly what was transmitted

Sources further report that there were at least two other “mother servers”, other than the one with the Trump Tower IP address, and the Spectrum Health server that simultaneously pinged Alfa Bank. Sources indicate that one of these two servers was at Spectrum Health, and transferred messages to Russia via a method called “iodine xfer transfer”, but that the US intelligence community intercepted all such messages

Sources close to the intelligence community indicate that the indictment of Pyotr Levashov in Connecticut this week represents the FBI ‘making its move’ to begin proceedings against Trump and his team, as, these sources say, Trump and many of those working for his campaign are well aware that they are tied by data to the criminal activities of Mr. Levashov

Multiple, other sources with links to the intelligence communities of more than one country, who were not the original sources on my exclusive story that Carter Page took a recording of Donald Trump to Moscow, confirm that this story is true.

There will be extensive further reporting on this exclusive story; please check back for updates.