Ukrainian drone strikes may have targeted Moscow homes of Russian spies

Rublyovka, MoscowA SERIES OF COORDINATED drone strikes that struck Moscow last week were not random, but may in fact have targeted the homes of senior Russian intelligence officials, according to a new report by an American television network, which cited knowledgeable sources and data by an open-source research firm.

In the early morning hours of May 30, a fleet of at least six unmanned aerial vehicles (UAVs) struck what appeared to be residential apartment blocks in Moscow’s southeastern suburbs. The targets were all located in Moscow’s Rublyovka area, which contains some of the wealthiest neighborhoods in the Russian capital. Many expressed surprise at the airborne assault, as it was the first known attack against residential targets in Moscow since the latest phase of the Russian invasion of Ukraine, which began in February 2022.

Upon initial inspection, the targets of the early-morning attack appeared to have been chosen at random. Yesterday, however, the American television network NBC claimed that the targets of the attack had been carefully selected as “a part of Ukraine’s strategy of psychological warfare against Russia”. Citing “multiple sources familiar with the strikes”, including a senior United States official and a congressional staffer, NBC said that the targets of the attacks were all residences of Russian government personnel.

The television network also cited data by Strider Technologies, an open-source strategic intelligence company located in the American state of Utah, according to which at least one of the buildings that were struck by the UAVs housed a Russian state-controlled military contractor. According to Strider Technologies, the contractor provides services to a military unit that is known to be a front for Russia’s Foreign Intelligence Service (SVR). NBC further claimed that other targets in the alleged Ukrainian operation targeted the residences of senior Russian intelligence personnel.

Author: Joseph Fitsanakis | Date: 08 June 2023 | Permalink

Ukraine is running networks of saboteurs inside Russia, report claims

Security Service of Ukraine SBUTHE UKRAINIAN INTELLIGENCE SERVICES are training and arming cells of saboteurs inside Russia, who are responsible for several acts of sabotage on Russian soil, including a recent attack on the Kremlin, according to CNN. In an exclusive report published on Monday, the American television channel cited “multiple people familiar with US intelligence on” the activities of Ukrainian “agents and sympathizers” inside Russia.

According to the report, pro-Ukrainian saboteurs may be responsible for a growing number of incidents involving mysterious explosions, fires and malfunctions of Russian critical infrastructure. In recent months, such incidents have caused serious damage on Russian military warehouses, energy pipelines, fuel depots and refineries, railway networks, and military enlistment offices. Last month saw a widely reported attack by a fleet of unmanned aerial vehicles (UAVs) on the Kremlin, which serves as the official residence of the Russian president in Moscow.

The CNN report claims that the UAV attack on the Kremlin, and possibly other similar incidents that have taken place inside Russia in recent months, represent the “culmination of months of effort” by the Ukrainian government. The latter has now allegedly assembled and is operating semi-autonomous sabotage cells inside Russia. These cells are said to consist of Ukrainian nationals operating in an undercover capacity, as well as of Russian nationals who sympathize with Ukraine. They also include Russians who are militantly opposed to the administration of President Vladimir Putin.

These cells have been “well-trained” in sabotage and have been provided with lethal hardware —including UAVs or UAV components— by the Ukrainian government, CNN said. These provisions reach the saboteurs through “well-practiced smuggling routes” that the Ukrainians have established across the Ukrainian-Russian border. The latter is “vast and very difficult to control”, and has been so for decades, according to the report. In most cases, the weaponry used in acts of sabotage is assembled and operated from within Russia, rather than from command centers in Ukraine, the CNN report claims.

The broad strategic parameters of the saboteurs Russia have reportedly been established by the highest echelons of the Ukrainian government, under the direct supervision of President Volodymyr Zelensky. However, the Security Service of Ukraine (SBU) officers who handle, train and arm the saboteurs have deliberately given them significant autonomy in terms of targeting and tactics. CNN said it contacted the Ukrainian government for comment on this report. The SBU did not confirm or deny that it was involved in handling cells of saboteurs inside Russia. However, a SBU spokesperson told CNN that “the mysterious explosions and drone strikes inside Russia would continue”.

Author: Joseph Fitsanakis | Date: 06 June 2023 | Permalink

Senior representatives of dozens of spy agencies held secret meeting in Singapore

Shangri-La DialogueSENIOR REPRESENTATIVES FROM OVER 20 intelligence agencies from around the world, including the United States and China, reportedly participated in a secret meeting in Singapore last week. The meeting allegedly took place in parallel to the Shangri-La Dialogue, a high-level security conference held annually in Singapore. The conference, focused on security issues in the Asia-Pacific region, has been organized since 2002 by the International Institute for Strategic Studies (IISS), a London-based think-tank.

The Shangri-La Dialogue is typically attended by defense ministers of major Western powers and regional Asian powers, along with security and intelligence representatives from participating nations. However, the existence of a separate closed-door meeting of intelligence officials has never been reported before. On Saturday, the Reuters news agency cited discussions with “five sources”, who claimed that such a meeting occurred between June 2 and 4.

According to Reuters, the meeting was discreetly organized by the Singaporean government and held at a separate venue alongside the security summit. This type of meeting has reportedly been taking place annually for several years, but was previously undisclosed. The secret meeting is believed to have included representatives from approximately two dozen major intelligence agencies from countries such as the United States, China, and India. The United States intelligence community was represented by Avril Haines, the Director of National Intelligence, according to the news agency.

The Reuters report did not mention whether the Russian intelligence community participated in the event. When asked about the alleged secret meeting, a spokesperson from the Singapore Ministry of Defense said that participants at the Shangri-La Dialogue included “senior officials from intelligence agencies”, who “also take the opportunity to meet their counterparts”. The spokesperson added that the Singapore Ministry of Defense “may facilitate some of these bilateral or multilateral meetings”, because “participants have found such meetings held on the sidelines of the [main event] beneficial”.

The governments of the United States, China and India did not respond to requests for comment by Reuters.

Author: Joseph Fitsanakis | Date: 05 June 2023 | Research Credit: C.E. | Permalink

Russia says it uncovered U.S. operation to compromise Apple phones

Apple iPhoneRUSSIAN OFFICIALS SAID THEY uncovered a sophisticated espionage effort by the United States government, which targeted the smartphones of thousands of Apple users living in Russia, including foreign diplomats. According to the Russians, the operation was carried out by the National Security Agency (NSA), an American intelligence agency that specializes in gathering foreign signals intelligence and securing the United States government’s information and communication systems.

The source of the allegation is the Federal Security Service (FSB), Russia’s primary counterterrorism and counterintelligence agency. On Thursday, the FSB said that “an intelligence action of the American special services” had been uncovered by FSB officers with the assistance of the Federal Protective Service. Known in Russia by its initials, FSO, the Federal Protective Service operates federal emergency communications systems and provides personal security for high-ranking government officials.

According to the FSB, “several thousand Apple telephones” were targeted in the alleged NSA operation, including devices belonging to “domestic Russian subscribers”, as well as devices belonging to foreign diplomats stationed in Russia. The latter allegedly include diplomats from Israel, Syria and China, according to the FSB. The Russian agency also claimed that Russia-based foreign diplomats from North Atlantic Treaty Organization member-states had their phones targeted, as well as diplomats from former Soviet states.

In the same press release, the FSB accused the NSA and Apple of working in “close cooperation” with each other —an allegation that the Russian government has been making for several years. In a follow-up media statement, the Russian Ministry of Foreign Affairs accused the United States of engaging in “hidden data collection” and dismissed Apple iPhones as “absolutely transparent”.

Kremlin spokesman Dmitry Peskov urged Russians to avoid using Apple products and lamented reports that one in three Russian government workers continue to utilize Apple products for their personal use. When asked by reporters if the Russian government had plans to outlaw the use of Apple products by government employees, Peskov responded that the Kremlin did “not have the power to even recommend that”, except for those government employees with access to classified information.

Author: Joseph Fitsanakis | Date: 02 June 2023 | Permalink

Israeli, Italian intelligence officers drown as boat capsizes in Lake Maggiore

ONE ISRAELI AND TWO Italian intelligence officers are among the victims of a boating accident in northern Italy. Local reports indicate that the incident occurred last Sunday evening, when a passenger boat named the Gooduria capsized and sank rapidly in Italian territorial waters. The boat was on a sightseeing trip near the Italian shoreline of Lake Maggiore, a popular destination situated on the southern side of the Alps between Italy and Switzerland.

It has been reported that nearly all of the approximately two dozen passengers aboard the Gooduria were current or former members of the Italian and Israeli intelligence services. These individuals were believed to have collaborated professionally as intelligence officers and had gathered for “a convivial meeting to celebrate the birthday of one of the group”, according to a statement issued by the Italian government.

It is worth noting that some Italian news outlets have expressed skepticism about the precise nature of the gathering. An article in the Italian daily Corriere della Sera suggested that “the gathering was a working meeting of intelligence agents”. Another Italian daily, La Stampa, said that the gathering was “an opportunity to exchange information between agents of the two countries”. These claims have not been confirmed by the Italian and Israeli governments.

Italian authorities have stated that no foul play is suspected in the accident. Instead, it is believed that inclement weather, possibly coupled with overcrowding onboard the Gooduria, contributed to the incident. The Ministry of Foreign Affairs of Israel released a brief statement on Sunday acknowledging the death of a retired member of the Israeli intelligence services, without identifying the victim by name or professional title. However, local media reports have identified the deceased as Shimoni Erez, 50, a recent retiree from the Mossad, Israel’s external intelligence agency.

The two Italian victims of the accident have been identified as Claudio Alonzi, 62, and Tiziana Barnobi, 53, both of whom were intelligence officers. Additionally, among the casualties was a Russian national named Anna Bozhkova, 50, who was reportedly the wife of the captain of the Gooduria. Following the capsizing of the boat, Israeli diplomats promptly arranged for the immediate evacuation of ten active Israeli intelligence officers from Italy. They were swiftly removed from regional hospitals and transported back to Israel via a military flight.

Author: Ian Allen | Date: 31 May 2023 | Permalink

Albanian court releases Russian and Ukrainian bloggers suspected of espionage

Gramsh AlbaniaA COURT IN ALBANIA has ordered the release from prison of two Russians and one Ukrainian national, who were arrested nearly last August on suspicion of carrying out military espionage. On August 20, 2022, Albania announced the arrests of Russian nationals Svetlana Timofeeva and Mikhail Zorin. Arrested alongside the two Russians was a Ukrainian citizen, who was identified in media reports as Fedir Alpatov.

Albanian authorities said the three foreigners had been arrested while attempting to enter the Gramsh military installation, a defunct small-arms factory, which is located 50 miles south of the Albanian capital Tirana. During the Cold War, the Gramsh factory specialized in producing Soviet-designed AK-47 assault rifles. After the collapse of Albania’s communist system in the early 1990s, the factory was turned into a storage facility and was subsequently used to deactivate and decommission expired munitions.

Following their arrest, the three foreign nationals said they were “urban explorers” who engaged in “industrial tourism”, a type of travel that centers on entering and photographing dilapidated industrial facilities around the world. Soon after her arrest was announced, the United States government-funded Radio Free Europe (RFE) confirmed that Timofeeva, was indeed “one of Russia’s most famous urban explorers”. According to RFE, Timofeeva, 34, was known under the nom de guerre “Lana Sator” and maintained an Instagram page that was followed by over 250,000 users.

The plot thickened in March of this year, when Timofeeva, while still in detention, applied for political asylum in Albania. It emerged that Timofeeva was wanted by the Russian government on charges of “illegally obtaining information constituting a state secret”. In February of this year, the Ministry of Justice of Albania approved a request by Moscow to extradite Timofeeva to Russia, in order to face espionage charges. However, this decision was later overturned by an Albanian judge, a development that reportedly angered Russian President Vladimir Putin.

Timofeeva’s lawyers argued that she had openly opposed the February 2022 Russian invasion of Ukraine and had voiced public criticism of President Putin. As a result, Timofeeva had left Russia and had been living in exile in Georgia at the time of her arrest. Some observers, however, suspected that at least one of those arrested had links to Russian intelligence. It was reported that Zorin had admitted being an informant for the Russian Federal Security Service (FSB). However, the precise conditions under which Zorin’s alleged admission was made are not known.

In a statement released to the media last week, Albania’s Elbasan Trial Court said that, even though Timofeeva, Zorin and Alpatov would be released from detention, the investigation against them on suspicion of espionage would continue for the time being.

Author: Joseph Fitsanakis | Date: 29 May 2023 | Permalink

Turkey claims it uncovered Israeli spy cell that targeted Iran

Israeli consulate Istanbul TurkeyON MONDYA, TURKEY’S NATIONAL intelligence organization (MİT) announced the arrest of several members of an alleged spy network, who were reportedly recruited, trained and handled by Israel’s intelligence agency, the Mossad. Two members of the alleged spy ring were arrested two months ago, according to the Office of the Istanbul Chief Public Prosecutor and Turkey’s National Intelligence Organization (MİT).

The arrests reportedly came as a result of an investigation into a threatening package sent that was sent in the mail by one of the spy suspects. The investigation was initiated by the Istanbul branch of the General Directorate of Security (Turkish police), which later revealed a connection with a separate 18-month long counterintelligence investigation by the MİT. It eventually led to the arrest of  Selçuk Küçükkaya, a Turkish national, who is accused of operating as the head of the alleged spy ring.

On Monday, Istanbul police arrested 11 associates of Küçükkaya, who the MİT believes to be members of the alleged spy cell. Some reports indicate that Turkish authorities are still searching for two additional suspects who are believed to be part of the alleged spy ring. The MİT states that the spy ring had established a front company through which its members conducted business activities in Iran, with the assistance of intermediaries operating abroad.

The Istanbul Chief Public Prosecutor’s office alleges that Küçükkaya made contact with Israeli intelligence through a member of the so-called Gülen movement. The Gülen movement consists of supporters of Muslim cleric Fethullah Gülen, who runs a global network of schools, charities and businesses from his home-in-exile in the United States. The Turkish government has designated Gülen’s group a terrorist organization and claims it was behind the failed 2016 coup against Turkey’s President, Recep Tayyip Erdoğan.

Küçükkaya is further-accused of having had several in-person meetings with Mossad officers in various locations around Europe. During those meetings, Küçükkaya allegedly received assignments designed to test his intelligence-gathering abilities. It is alleged that Küçükkaya was eventually hired as a spy by the Mossad, who also provided him with instructions on how to use a clandestine communication system to contact his Israeli handlers.

The claim by the Turkish government that it has busted a Mossad spy cell operating in its territory is not unprecedented. In October 2021, the MİT disclosed the arrests of 15 members of an alleged Mossad spy ring following a series of raids across four Turkish provinces. Last December, Turkish media reported that 44 individuals had been detained and interrogated for allegedly spying on Palestinian exiles living in Turkey on behalf of the Mossad. What is new about this latest claim is the alleged connection between the Mossad and the Gülen movement, which the administration of Turkish President Erdoğan views as an existential domestic security threat.

Author: Joseph Fitsanakis | Date: 24 May 2023 | Permalink

U.S. charges Greek businessman with smuggling military and dual-use goods to Russia

Rijen NetherlandsThe United States Department of Justice has charged a Greek national with wire fraud and smuggling sensitive military-grade and dual-use goods from the United States to Russia. The suspect, Dr. Nikolaos “Nikos” Bogonikolos, 59, was arrested in Paris, France, on May 9, at the request of the United States, and is currently in custody pending extradition proceedings.

Bogonikolos is a mathematician and self-described “serial entrepreneur”, with business activities dating back to 1987. He has authored and co-authored academic articles, holds a number of patents, and has published a book entitled Total Process Security Reengineering. Following the ECHELON revelations in the late 1990’s, he authored a report (.pdf) entitled “The Perception of Economic Risks Arising from the Potential Vulnerability of Electronic Commercial Media to Interception” as part of a study for the European Parliament.

In 2005, Bogonikolos received his PhD from the Kharkov National Economic University in Ukraine, focusing on applications of artificial intelligence in the field of economics. According to his own claims, he has been active as an entrepreneur or researcher in some 40 countries, including Russia. Bogonikolos is the founder of a Greek-based company called Aratos Group. In 2016, Aratos Systems BV was registered as legal entity in The Netherlands. Since 2020, the company has been located in the town of Rijen, which is also home to the main operational military helicopter base of the Royal Netherlands Air Force.

Aratos Systems BV describes itself on its website (currently offline) as an “independent and leading member of the Greek Aratos Group”. Its activities, as declared to the Netherlands chamber of commerce, are “the collection, processing, protecting, and selling of earth observation data to public and private parties”. Aratos Systems also “owns and runs a fully equipped Satellite Ground Station constantly connected with EUMETSAT” —the latter being the European operational satellite agency for monitoring weather, climate and the environment from space.

Last week, the Netherlands Public Prosecution Service and the Fiscal Information and Investigation Service raided the Aratos Systems offices in Rijen. According to the unsealed complaint (.pdf) it is believed that Bogonikolos was contacted in December 2017 by representatives of an illicit Russian procurement network that acquires sensitive military-grade and dual-use technologies, under the direction of Russia’s Foreign Intelligence Service (SVR). Elements of that network are often referred to by Western government officials as “the Serniya Network” or “Sertal”, among other names. In December 2022 the United States charged five Russian nationals, including a suspected intelligence officer, believed to be part of that network, as well as two United States nationals.

In December 2017, Bogonikolos allegedly accepted an invitation to travel to Moscow alone for a meeting. The complaint cites an email exchange between senior members of Sertal and Serniya Network, including Yevgeniy Grinin and Aleksey Ippolitov, who are both wanted by the FBI. In the email exchange, it is suggested that Bogonikolos is a “supporter of the Orthodoxy” and that he sees it as “the basis of friendship with Russia”.

Read more of this post

U.S., Russian spy agencies publish rival ads encouraging would-be informants

Russia Ukraine WarRIVAL ONLINE CAMPAIGNS BY American and Russian intelligence agencies are encouraging each other’s citizens to contact them, share information and possibly even defect. At least three ads have been  on social media, with the Federal Bureau of Investigation (FBI) issuing the earliest one in February of this year. The Central Intelligence Agency (CIA) and its Russian counterpart, the Foreign Intelligence Service (SVR), are now believed to have published similar ads.

The FBI ad initially appeared on Twitter, directing users to the website of the Bureau’s Washington Field Office. There, a text in Cyrillic urges Russian nationals to “change [their] future” by contacting the FBI. The CIA followed suit on Monday of this week by posting a video on its new channel on Telegraph, a popular social media platform among young Russians. The CIA video portrays frustrated Russian government employees morally torn by the Kremlin’s policies. It concludes with them contacting the CIA through a secure online connection. A narrator’s voice states, “my family will live with dignity thanks to my actions”. Viewers are then assured that their safety is the CIA’s highest priority, should the choose to do the same.

Shortly after the CIA video appeared online, the Russian Ministry of Foreign Affairs’ Director of Information, Maria Zakharova, said that the Russian government would respond “appropriately” to what she called a “CIA provocation”. On Wednesday, a number of Western media outlets reported that the SVR had unveiled a short recruitment video seemingly targeting Americans. The video, shared on Telegram, includes archival news footage of United States military and police personnel, flag-burning demonstrators, and protests against abortions. It concludes with footage of President Joe Biden overlaid with a sniper crosshairs. A narrator states in English: “If you want to help normalcy, help the Foreign Intelligence Service of the Russian Federation”.

Amid the ongoing war in Ukraine, both the United States and Russia are engaging in extensive cyber-enabled operations aimed at each other’s targets. However, these recruitment videos underscore the continued need for highly placed human sources and their central role in multi-platform intelligence collection efforts.

Author: Joseph Fitsanakis | Date: 18 May 2023 | Permalink

China sentences US citizen to life for espionage following closed-door trial

Hong KongA CHINESE COURT HAS sentenced a United States passport holder to life in prison on espionage charges, following a brief closed-door trial. However, no information has been made available about the precise charges against him. Closed-door trials are frequent occurrences in Chinese courts, especially in cases relating to national security, which include charges of espionage against the state. However, life sentences are exceedingly rare for espionage cases.

The individual convicted in this case has been named in media reports as John Shing-Wan Leung, 78. He is reportedly a permanent resident of Hong Kong, a special administrative region of China, over which Beijing has near-absolute control. It is not known if Leung was a Chinese citizen at any time in his life. China does not recognize joint citizenship and requires its citizens to drop their Chinese citizenship when swearing allegiance to another country. The Reuters news agency reported on Monday that Leung was at some point a member of two American-based Chinese expatriate groups, which it described as “pro-China”. These are the United States-China Friendship Promotion Association and the United States-China Friendship Association.

Leung is believed to have been arrested in Hong Kong in 2021 by local Chinese counterintelligence officers. He has been held in prison ever since his arrest. A press release issued on Monday by the Intermediate People’s Court in Suzhou, a city located in southern Jiangsu province, 700 north of Hong Kong, said Leung had been found “guilty of espionage”. The press release added that Leung had been “sentenced to life imprisonment and deprived of [his] political rights for life”. However, the statement provided no information about Leung’s alleged crimes, or the country he was found to have spied for.

According to the BBC, the United States embassy in Beijing refused to discuss the details of this case, stating only that the United States government was aware of Leung’s conviction. An embassy spokesperson told the BBC that “the Department of State has no greater priority than the safety and security of US citizens overseas”.

Author: Joseph Fitsanakis | Date: 15 May 2023 | Permalink

Senior members of South Korea’s largest trade union charged with espionage

KCTU South KoreaSOUTH KOREAN PROSECUTORS have charged four senior members of one of the country’s largest trade unions with espionage on behalf of North Korea. The move, which is seen as highly controversial by South Korea’s liberal opposition, has come a few months after the conservative administration of President Yoon Suk Yeol launched what some commentators have described as South Korea’s largest counter-espionage operation in over 30 years.

The operation came to light on January 18, when hundreds of police officers, led by officers of the National Intelligence Service (NIS), conducted search raids at a number of regional offices of the Korean Confederation of Trade Unions (KCTU). Founded in the mid-1990s, the KCTU represents over 1.1 million members. Most of its membership consists of supporters of the Democratic Party of Korea (DPK), a left-of-center liberal coalition that ruled South Korea until last year. Since its establishment in 2014, the DPK has been engaged in a bitter political rivalry with the People Power Party (PPP), a conservative coalition that currently governs South Korea.

On Wednesday, four KCTU officials, all of them men, between the ages of 48 and 54, were charged with several violations of South Korea’s National Security Act, including carrying out espionage on behalf of North Korea and meeting illegally with North Korean intelligence officers. South Korean government prosecutors accuse the four of meeting several times with their alleged North Korean handlers. The alleged meetings too place during overseas trips in Vietnam and Cambodia between 2017 and 2019.

While abroad, the four alleged spies were allegedly trained and given instructions to establish what prosecutors describe as “an underground organization [operating] under the guise of legal union activities”. The four men were allegedly tasked with steering the KCTU toward actions and rhetoric that were against the United States and Japan. They were also asked to helping organize worker rallies against the policies of the PPP. In other instances, the alleged spies photographed American military installations located in South Korea.

The opposition DPK has strongly condemned the charges, calling them politically motivated and describing them as a return to the days of rightwing military rule, which South Korea experienced until 1987. The NIS remains highly controversial among left-of-center South Koreans, many of whom view it as a corrupt state entity that is politically aligned with the conservative PPP. Between 2018 and 2022, the liberal DPK government spearheaded what it described as an “anti-corruption campaign” inside the NIS. As a result of that campaign, three former NIS directors were charged with —and eventually convicted of— secretly diverting funds from the agency’s clandestine budget. The funds were eventually used to aid the re-election campaign of the then-South Korean President, Park Geun-hye. Their apparent goal was to prevent the DPK from coming to power, fearing that the left-of-center party was too close to Pyongyang. President Park also went to prison for accepting financial bribes from the NIS.

Author: Joseph Fitsanakis | Date: 12 May 2023 | Permalink

US-led ‘Five Eyes’ alliance dismantled Russia’s ‘premier espionage cyber-tool’

Computer hackingAN ESPIONAGE TOOL DESCRIBED by Western officials as the most advanced in the Russian cyber-arsenal has been neutralized after a 20-year operation by intelligence agencies in the United States, Australia, Canada, the United Kingdom and New Zealand. The operation targeted Turla, a hacker group that cyber-security experts have long associated with the Russian government.

Turla is believed to be made up of officers from Center 16, a signals intelligence unit of Russia’s Federal Security Service (FSB), one of the Soviet-era KGB’s successor agencies. Since its appearance in 2003, Turla has used a highly sophisticated malware dubbed ‘Snake’ to infect thousands of computer systems in over 50 countries around the world. Turla’s victims include highly sensitive government computer networks in the United States, including those of the Department of Defense, the National Aeronautics and Space Administration, and the United States Central Command.

The Snake malware has also been found in computers of privately owned firms, especially those belonging to various critical infrastructure sectors, such as financial services, government facilities, electronics manufacturing, telecommunications and healthcare. For over two decades, the Snake malware used thousands of compromised computers throughout the West as nodes in complex peer-to-peer networks. By siphoning information through these networks, the Turla hackers were able to mask the location from where they launched their attacks.

On Tuesday, however, the United States Department of Justice announced that the Federal Bureau of Investigation (FBI), along with its counterparts in the United States-led ‘Five Eyes’ intelligence-sharing alliance, had managed to dismantle Snake. This effort, codenamed Operation MEDUSA, was reportedly launched nearly 20 years ago with the goal of neutralizing the Snake malware. In the process, Five Eyes cyber-defense experts managed to locate Turla’s facilities in Moscow, as well as in Ryazan, an industrial center located about 120 miles southeast of the Russian capital.

The complex cyber-defense operation culminated with the development of an anti-malware tool that the FBI dubbed PERSEUS. According to the Department of Justice’s announcement, PERSEUS was designed to impersonate the Turla operators of Snake. In doing so, it was able to take over Snake’s command-and-control functions. Essentially, PERSEUS hacked into Snake and instructed the malware to self-delete from the computers it had compromised. As of this week, therefore, the worldwide peer-to-peer network that Snake had painstakingly created over two decades, has ceased to exist, as has Snake itself.

Author: Joseph Fitsanakis | Date: 11 May 2023 | Permalink

Russian pro-Kremlin influencer survives IED attack that killed fellow passenger

Zakhar PrilepinA UKRAINIAN PARAMILITARY GROUP has claimed to be behind a targeted attack against an influential figure in Russian literature and social media on Saturday, which killed his fellow passenger and prompted strong denouncements by the Kremlin. The attack appeared to target Yevgeny Nikolayevich Prilepin, 47, known in Russia as Zakhar Prilepin. One of the best-known novelists in Russia, Prilepin spent much of his late teens and early twenties serving in the Russian National Guard. He saw action during two tours in Chechnya.


After decommissioning from the National Guard, Prilepin joined a host of ultra-nationalist Russian street gangs, including the National Bolshevik Party (currently banned), a group that aspired to bring together Russia’s far-left and far-right militants. At the same time, Prilepin began writing about his war experiences in novels that explored broader nationalist themes in Russian history. Today, Prilepin is highly influential in Russian social media circles, and many of his books have been turned into popular films.

Prilepin’s popularity soared after 2014, when he publicly endorsed Russian President Vladimir Putin’s military campaign in Crimea. His decision to back the Russian president formed an informal link between supporters of the Russian president and members of banned nationalist groups like the National Bolshevik Party. In the ensuing years, Prilepin has chronicled his work as an armed volunteer with pro-Russian separatists in eastern Ukraine. This resulted to the Ukrainian government including his name on a list of Russian citizens that it deemed as threats to national security.


The apparent attack on Prilepin took place on Saturday near the tiny settlement of Pionerskoye, in Russia’s Nizhny Novgorod region. Prilepin is believed to have family relatives in this rural part of the country, which is located over 250 miles east of Moscow. According to statements by Russian emergency services personnel, a radio-controlled improvised explosive device was detonated under Prilepin’s Audi Q7 passenger car, instantly killing his fellow passenger, who has not been named. Read more of this post

In rare public comments, Taiwan spy chief points to 2027 as key in China’s plans

Tsai Ming-yenIN A SERIES OF rare public comments, the director of Taiwan’s primary intelligence agency has singled out 2027 as a year of paramount significance for China’s military plans for Taiwan. On Thursday, Tsai Ming-yen (pictured), director-general of Taiwan’s National Security Bureau (NSB) since February, spoke to an audience of graduating students at Taiwan’s National Chung Hsing University in Taichung City. According to reports, it was the first time in a quarter of a century that an NSB director-general had addressed a university audience.

In addition to his speech at the Chung Hsing University, Director-General Tsai, a former deputy foreign minister and diplomat, gave a rare interview to the United States-based Bloomberg news agency. He refused to weigh in on the ongoing discussion about a timeframe for a possible Chinese invasion of Taiwan. But he singled out the year 2027 as a significant one for Chinese Premier Xi Jinping’s plans to modernize the People’s Liberation Army (PLA).

The Chinese leader first introduced his “PLA Modernization 2035” plan in 2017, describing it as a whole-of-government effort to significantly improve the PLA’s combat capabilities as a step toward achieving China’s long-term goal of becoming a major global military power. Tsai pointed out that the year 2027 will be the 10-year mark into President Xi’s 18-year program of military reforms. Additionally, Xi will most likely be campaigning for a fourth presidential term that year, Tsai said.

In his interview with Bloomberg, Tsai said that President Xi “doesn’t allow any kind of different voice in the Chinese political system”. In essence, therefore, the Chinese leader has been surrounding himself with “a coterie of like-minded officials”. This resulting ‘groupthink’ means that “the risk of making a wrong decision” on pressing issues like Taiwan “will become much higher” in the coming years, he warned. To counter that threat, and to monitor China’s military intentions, Tsai said Taiwan is systematically deepening its real-time cooperation with its “international friends”, especially with the so-called “Five Eyes” alliance, an intelligence-sharing coalition comprising of the United States, United Kingdom, Canada, Australia, and New Zealand.

In a separate development, the United States Director of National Intelligence Avril Haines said on Thursday that the Taiwan Semiconductor Manufacturing Company Ltd (TSMC) would be a major cause for concern in a possible Chinese invasion of Taiwan. The United States and other countries rely overwhelmingly on the TSMC’s production output for the use of semiconductors in civilian and military hardware. Should a Chinese military invasion of Taiwan prevent the TSMC from producing those semiconductors, the resulting impact on the global economy would be “enormous”, possibly in the neighborhood of “between $600 billion to $1 trillion on an annual basis for the first few years”, Haines said.

Author: Joseph Fitsanakis | Date: 05 May 2023 | Permalink

Analysis: Did Ukraine try to assassinate Vladimir Putin?

KremlinOFFICIALS IN UKRAINE HAVE vehemently denied allegations by the Kremlin that the Ukrainian government tried to assassinate Russian President Vladimir Putin using two unmanned aerial vehicles (UAVs). A statement by the Russian government said that the Kremlin, which serves as the official residence of the Russian president in Moscow, came under attack by two unmanned aerial vehicles (UAVs) in the early hours of Wednesday. According to the statement, the UAVs were shot down 16 minutes apart. The first UAV allegedly exploded mid-air at 2:27 a.m. local time over the old Senate building, which is located on the eastern side of the Kremlin. At 2:43 a.m. a second UAV exploded over the Kremlin, sending debris flying across the courtyard of the heavily fortified complex.

There were no injuries or material damages, according to the Russian Federal Protective Service, which is responsible for the protection of high-ranking state officials and government facilities, including the Kremlin complex. Within hours, Russia openly placed blame on the government of Ukraine for the alleged attack and claimed that it had been intended to kill President Putin. A subsequent statement praised the Russian armed forces for thwarting the alleged attack on Putin’s life with “timely actions”. Meanwhile, government officials in the United States said that the White House “had no foreknowledge of an impending drone attack on the Kremlin” and urged that Moscow’s allegations be treated with skepticism.


The Ukrainian military and paramilitary forces are both interested in, and capable of, carrying out strikes inside Russia. In 2023 alone, there have been dozens of apparent acts of sabotage in European Russia, which have damaged bridges, disrupted railway transportation systems, and rendered weapons depots unusable. This week alone, a fuel depot in Russia’s Krasnodar Krai was extensively damaged by a fire, which local authorities claimed was caused by a kamikaze UAV attack. About 1,500 miles north in Bryansk Oblast, near Russia’s border with Belarus, two trains were derailed by blasts that, according to news reports “appeared to be separate but identical incidents”. Ukraine denies involvement in these incidents, but military observers remain suspicious.

Meanwhile, investigative work by news outlets such as The New York Times suggests that Ukrainian paramilitary units may have been behind acts of sabotage in Western Europe, and even assassinations of pro-Putin figures inside Russia. Some of these attacks —if that is indeed what they were— may have been carried out by teams of cover human operatives. Others may have been carried out by mechanical means, including UAVs. Certainly, the Ukrainian military has never been shy about its effort to develop a strong long-range strike capability using UAVs. There is also some evidence that it may have carried out at least one UAV-enabled attack near Moscow in recent months. It therefore stands to reason that Ukraine is both willing and able to launch strikes inside Russia. Read more of this post

%d bloggers like this: