Tag: Peter Chayanov

Wikileaks Hands “Keys” to Putin’s Russian Hacker – Readers, Leakers Tracked

Exclusive analysis by Laurelai Bailey, published by Patribotics this week confirmed that Julian Assange and Wikileaks obtained two new servers in Russia just one week before the hacked Podesta emails were released.

Laurelai reported that the ultimate registrant of the servers was one Peter Chayanov, of Russia, a known cyber-criminal and hacker.

Julian Assange has been identified by the US intelligence community as a front for Russian distribution and ‘deniability’ of Russian government-sponsored hacking. Today, however, as a result of our reporting on the dox by Op Ferguson, that link is far clearer.

The internet is tightly controlled in Russia. Cyber criminals have to answer to Putin. Mr. Chayanov is the head of a firm called Hostkey, which hosts mail spammers and other malware and hacking tools, despite offering web space to Wikileaks. Wikileaks chose to use a Russian hacker to host their site – and they knew that he was connected to Vladimir Putin and operated with the blessing of Putin’s government.

Putin and Assange are thus already linked.

But it is much worse for Wikileaks – and the internet in general – even than it looks. In order not to bury the lede, I will report what appear to be the conclusions of the web developers and hackers on Twitter discussing Laurelai’s story, and then report on how they appeared to have arrived there.

* Wikileaks has handed Chayanov access to everything stored on its site and servers

* The Russian hacker and spammer can ‘monitor traffic

* He can tell who is reading anything on the Wikileaks site anywhere in the world

* The Russian hacker has access to all documents that have been sent to Wikileaks

* He can probably bust the anonymity of any computer or user who thought they were anonymously donating to Wikileaks

* It is not reasonable to suggest that this hacker is other than linked with Russia’s GRU – if he has it, they have it

* Through Julian Assange and his website, it appears that the Russian hacker and his government can track any readers of the Wikileaks site and any donors of material to it, thus allowing Russia to ‘blackmail’ anyone who ‘sent secrets’ to Wikileaks as a ‘whistleblower’.

I will update this story later in the day summarizing discussions among the hacker and developer community on Twitter that led to this bombshell conclusion.

All of the above appear to be factual statements. It is not a fact that Russia did indeed monitor web traffic to Wikileaks, but it seems to be an absolute fact that if they want to, they can – and it seems, from the reaction of Mr. Chayanov upon being outed, almost totally certain that Julian Assange handed Russia the keys to the Wikileaks site deliberately.

When Julian Assange wrote “Wikileak the Government” he apparently meant “Wikileaks is the Government (of Russia)”.

A subsequent post will explore the further possibility that Peter Chayanov is also Guccifer2 – providing the materials that hacked the US election, as well as helping Assange and Wikileaks work with Putin to do so.

Advertisements

Wikileaks is Connected to Russia – Despite Their Claims

By Laurelai Bailey

 

Wikileaks has time and time again denied any connections to Russia or the Russian state, but – like Donald Trump – they are lying. This weekend, it was exposed on Twitter that they acquired major Russian servers – from a known hacker – one week before the Podesta emails were released.

 

I will walk you through the proof, since its a little complex for non computer experts. So let’s start with a primer.

 

All websites on the internet have an address, much like houses in the real world. This address are usually names and things you recognize, like google.com or amazon.com. But behind that address there are a series of numbers, unique to each server known as internet protocol addresses. If you have ever had to log in to your wireless router, you wound up typing a number into your browser like 192.168.1.1, this is an IP address.

 

Now IP addresses have physical locations, in the real world, and tools exist to discover where those addresses are.

 

Wikileaks  -like every other website –  has servers and IP addresses behind the domain name “wikileaks.org”. When we do a command on a linux machine called “dig” we find out all of the IP addresses behind the domain name. Here is the output of the dig command. Don’t worry if you can’t understand this part – just scroll down to the rest of the article. The writing in the middle explains it, but for those that want proof, we need to list how we get from a to b. 

 

dig wikileaks.org

 

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> wikileaks.org

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4839

;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 4, ADDITIONAL: 8

 

;; QUESTION SECTION:

;wikileaks.org.                 IN      A

 

;; ANSWER SECTION:

wikileaks.org.          600     IN      A       95.211.113.154

wikileaks.org.          600     IN      A       141.105.65.113

wikileaks.org.          600     IN      A       141.105.69.239

wikileaks.org.          600     IN      A       195.35.109.44

wikileaks.org.          600     IN      A       195.35.109.53

wikileaks.org.          600     IN      A       95.211.113.131

 

;; AUTHORITY SECTION:

wikileaks.org.          1470    IN      NS      ns2.wikileaks.org.

wikileaks.org.          1470    IN      NS      ns1.wikileaks.org.

wikileaks.org.          1470    IN      NS      ns4.wikileaks.org.

wikileaks.org.          1470    IN      NS      ns3.wikileaks.org.

 

;; ADDITIONAL SECTION:

ns1.wikileaks.org.      80774   IN      A       46.28.206.81

ns2.wikileaks.org.      83083   IN      A       46.28.206.82

ns3.wikileaks.org.      80774   IN      A       95.211.113.131

ns3.wikileaks.org.      80774   IN      A       195.35.109.54

ns3.wikileaks.org.      80774   IN      A       31.192.105.18

ns4.wikileaks.org.      80774   IN      A       195.35.109.44

ns4.wikileaks.org.      80774   IN      A       95.211.113.154

ns4.wikileaks.org.      80774   IN      A       141.105.65.114

 

;; Query time: 20 msec

;; SERVER: 213.186.33.99#53(213.186.33.99)

;; WHEN: Fri Mar 10 16:21:37 2017

;; MSG SIZE  rcvd: 327

 

Now the above might mostly seem like junk to you, if you don’t speak computer, so we’ll cut out everything not that’s not relevant and focus on what is relevant, namely, these two addresses:

 

wikileaks.org.          600     IN      A       141.105.65.113

wikileaks.org.          600     IN      A       141.105.69.239

 

When you look up these addresses, listed above, via a command known as “whois”, you can find their physical location in the real world.

 

organisation:   ORG-MTL21-RIPE

org-name:       Mir Telematiki Ltd

org-type:       LIR

address:        Barabannii pereulok 4/4

address:        107023

address:        Moscow

address:        RUSSIAN FEDERATION

phone:          +7 495 369 9796

fax-no:         +7 495 369 9796

mnt-ref:        MTLM-MNT

mnt-ref:        RIPE-NCC-HM-MNT

mnt-by:         RIPE-NCC-HM-MNT

mnt-by:         MTLM-MNT

abuse-mailbox:  abuse@hostkey.ru

abuse-c:        HA2800-RIPE

created:        2010-10-06T10:46:46Z

last-modified:  2016-09-30T12:14:19Z

source:         RIPE # Filtered

 

This information is the same for both IP addresses, and if you notice the last modified date as “2016-09-30” that is when the IP address’s pointing to a server was changed. So we can safely bet that this is when wikileaks added these addresses to their systems.

In turn, this proves Wikileaks gained Russian hosting on September 30th 2016, one week before the Podesta emails were made public. Wikileaks got Russian Federation virtual addresses one week before the Podesta emails. Let that sink in.

 

Now the actual owner of the IP addresses is a man by the name of Peter Chayanov, whose IP addresses have hosted spammers and hackers, according to my sources, who work in internet backbone companies.

 

Chayanov’s IP space is a virtual equivalent of a bad neighborhood that makes you lock your car doors when you drive through it. So this further implies a connection to Wikileaks and Russian hackers. That sort of stuff is Chayanov’s day job. And, further, it’s important to remember, this web host also stays around at the consent of the Russian government despite (or because of?) being known cyber criminal hosts.

chayanov.jpg

The other addresses I told you to ignore before? When you do a whois on wikileaks itself you get shown IP’s in Amsterdam and Zurich, ones that make much more sense to have since they are in countries with strong freedom of speech and transparency laws. Places you would want an organization like that in, but the Russian IP spaces, to be visible to you have to be dug for carefully to find them. They did a fairly good job obfuscating it, but the records will always be able to be found.

Mr. Chayanov did not disguise his hosting carefully enough. And when he was exposed this weekend on Twitter, he made matters worse by deleting his account at once.

So why would Wikileaks, a “transparency” org acquire hosting in a country thats known to assassinate whistleblowers? Especially ones that challenge Trumps presidency? It makes no sense for people who claim to be for transparency to take up virtual residence in an autocratic nation that might try to kill them. So why would they do it? Well, it’s pretty simple; they would only be there with the consent of the Russian government, ieVladimir Putin. He wants them to be there and allows them to be there.

 

Why would he do that? Sounds an awful lot like putting a rattlesnake in your own bed to keep the neighbors away. That is if wikileaks was as neutral and would leak against anyone like they claim. Putin might be an autocrat, but he isn’t an idiot.

 

He would not allow them there unless he got something out of it for himself, like immunity to being leaked against or by having influence over what gets leaked and when. Putin like all politicians is a self interested lout and acts in ways that keep him in power. Much like many other world leaders. So wikileaks dropping info on the US alone isn’t enough to allow them to stay, he knows he would be next on the leaking list.

 

So that strongly suggests Russia is getting some kind of favorable or special treatment. Its also likely that the CIA was already aware of this and that this is part of the information they base their claims of Russian interference on. When you see this alone its enough to strongly suggests collusion with the Russian government either directly or indirectly.

 

So it seems fairly sure to me that Wikileaks is now in bed with the Russian government in some form or fashion. Will we shortly discover that Mr. Chayanov is also connected to Guccifer2? 

Laurelai Bailey was an original Wikileaks activist.