Russia, Lithuania and Norway exchange prisoners in rare three-way spy-swap

Frode BergA rare three-way spy-swap has reportedly taken place between Russia and two North Atlantic Treaty Organization (NATO) members, Lithuania and Norway. Rumors of a possible exchange of imprisoned spies between the three countries first emerged in mid-October. However, all three governments had either denied the rumors or refused to comment at the time. It now turns out that the spy-swap, which international news agencies described as “carefully coordinated” was the result of painstaking negotiations between the three countries, which lasted several months.

A major part of the process that led to last week’s spy swap was the decision of the Lithuanian parliament to approve altering the country’s criminal code. The new code allows the president of Lithuania to pardon foreign nationals who have been convicted of espionage, if doing so promotes Lithuania’s national interest. The new amendment also outlines the process by which the government can swap pardoned foreign spies with its own spies —or alleged spies— who may have been convicted of espionage abroad. On Friday, Lithuanian President Gitanas Nausėda announced he had pardoned two Russian nationals who had been convicted of espionage against Lithuania, in accordance with the new criminal code. The president’s move was approved by the country’s multi-agency State Defense Council during a secret meeting.

Shortly after President Nausėda’s announcement, Sergei Naryshkin, Director of Russia’s Foreign Intelligence Service (SVR) said that Moscow would immediately proceed with “reciprocal steps”. The Kremlin soon released from prison two Lithuanian nationals, Yevgeny Mataitis and Aristidas Tamosaitis. Tamosaitis was serving a 12-year prison sentence, allegedly for carrying out espionage for the Lithuanian Defense Ministry in 2015. Mataitis, a dual Lithuanian-Russian citizen, was serving 13 years in prison, allegedly for supplying Lithuanian intelligence with classified documents belonging to the Russian government.

The two Lithuanians were exchanged for two Russians, Nikolai Filipchenko and Sergei Moisejenko. Filipchenko is believed to be an officer in the Russian Federal Security Service (FSB), who was arrested by Lithuanian counterintelligence agents in 2015. He had been given a 10-year prison sentence for trying to recruit double agents inside Lithuania, allegedly in order to install listening bugs inside the office of the then-Lithuanian President Dalia Grybauskaite. Moisejenko was serving a 10½ year sentence for conducting espionage and for illegally possessing firearms. Lithuania alleges that Moisejenko had been tasked by Moscow with spying on the armed forces of Lithuania and NATO. Along with the two Lithuanians, Russia freed Frode Berg (pictured), a Norwegian citizen who was serving a prison sentence in Russia, allegedly for acting as a courier for the Norwegian Intelligence Service.

On Saturday, Darius Jauniškis, Director of Lithuania’s State Security Department, told reporters in Vilnius that the spy swap had taken place in a remote part of the Russian-Lithuanian border. He gave no further information about the details exchange, or about who was present at the site during the spy-swap.

Author: Joseph Fitsanakis | Date: 18 November 2019 | Research credit: E.G. | Permalink

Al-Baghdadi’s ISIS hideout was equipped with frequently used internet connection

Abu Bakr al-BaghdadiThe Islamic State’s Syrian hideout that housed the group’s leader until his demise on October 26, was equipped with a frequently used internet connection, according to Arab media reports. Abu Bakr al-Baghdaid, the self-proclaimed caliph of the Islamic State, was killed by United States soldiers in Barisha,  a village in the Syrian province of Idlib, which is located just two miles from the Turkish border.

The region that surrounds Barisha is under the control of Turkey and can most accurately be described as a Turkish protectorate inside Syria. Moreover, it is heavily monitored by several intelligence agencies that have been looking for al-Baghdadi for years. It has therefore been generally assumed that the Islamic State leader’s hideout was kept isolated from the outside world and that no digital telecommunications means were used by its inhabitants, out of fear that they would be monitored by the Syrian authorities, Turkey, the United States, or others.

But a new report from the Dubai-based Al-Aan TV claims that the hideout was equipped with a frequently used internet connection and that it was active almost up to the moment US troops stormed the compound. The exclusive report, which aired on Thursday, alleges that the internet connection was set up in February of this year, and that it was used almost daily. The last time it was active was just 12 hours prior to the raid that killed al-Baghdadi and several members of his family.

The bill for the internet connection was approximately $8.00 a month and was paid by Abu Muhammad al-Halabi, a Syrian smuggler whose name also appears on tax records as the owner of the property, according to Al-Aan. The report provides no information about the type of online activity that the internet connection at the Barisha compound was used for.

Author: Joseph Fitsanakis | Date: 15 November 2019 | Permalink

Venezuelan ex-spy chief disappears as Spain seeks to extradite him to US

Hugo CarvajalThe former director of Venezuela’s military spy agency, who is wanted in the United States for drug trafficking, reportedly disappeared in Spain as authorities there were attempting to extradite him to Washington. Hugo Carvajal is a retired general and former diplomat, who was a member of the late Venezuelan President Hugo Chávez’s inner circle. From 2004 to 2011, under Chávez’s tutelage, Carvajal headed the Directorate General of Military Counterintelligence (DGCIM).

In 2008 the US named Carvajal as a major facilitator of international drugs trafficking and imposed financial sanctions on his assets around the world. Washington accused Carvajal of assisting the paramilitary group known as the Revolutionary Armed Forces of Colombia (FARC) transport drugs from Latin America to Mexico and from there to the US.

Things took an interesting turn, however, when in February of this year Carvajal posted a video on social media in which he denounced Chávez’s successor, President Nicolás Maduro, and sided with his arch-nemesis, Juan Guaido, the President of the National Assembly of Venezuela. In his video, Carvajal urged the Venezuelan armed forces to stop siding with Maduro and support Guaido as Venezuela’s acting president. Guaido is openly supported by the United States and dozens of other Western countries.

Soon after making his announcement, Carvajal fled to Spain, where he was arrested in April, after the US Department of Justice filed a formal request for the former spy chief’s extradition to America. But in September, Spain’s top criminal court ruled that Carvajal would not be extradited to the US. The former spy chief was released minutes after the court made its decision known.

Last Friday, however, the same court accepted an appeal by the Office of the Public Prosecutor and overturned its earlier decision. Shortly after the court’s decision, Spanish media reported that Carvajal had already been arrested and was due to be transported to the US in a matter of days. But three days later, the former spy chief posted a message on his personal Twitter account saying that neither he nor his lawyers had been approached by Spanish police. It appeared, then, that Carvajal had not been detained.

Spanish newspaper El Pais reported on Tuesday that Carvajal was nowhere to be found when Spanish police officers went to his residence in Madrid to arrest him. His whereabouts are currently unknown, said the paper. The US Department of Justice has not commented on the case.

Author: Joseph Fitsanakis | Date: 13 November 2019 | Permalink

Massive data dump identifies users of influential far-right website

Atomwaffen DivisionA data dump of unprecedented scale includes usernames, IP addresses and even the content of thousands of private chat logs stolen from an influential neo-Nazi website that is now defunct. The data belonged to IronMarch, which was founded in 2011 by Alexander Mukhitdinov, a Russian far-right activist using the online nom-de-guerre “Slavros”. In the nearly six years of its existence, the website featured some of the most extreme and uncompromising far-right content on the World Wide Web.

The discussions that took place on IronMarch’s message boards are believed to have led to the creation of several far-right groups in Europe, Australia, and the United States. Among them is the notorious Atomwaffen Division (pictured), an American neo-Nazi group that focuses on street-fighting and is known to train its members in the use of military-grade weapons and guerilla warfare tactics. Another group that organized and recruited heavily through IronMarch was Vanguard America, one of the organizers of the Unite the Right rally in Charlottesville, Virginia in 2017.

But the website abruptly shut down its operations in late 2017. No explanation was given. Users of far-right online forums are used to experiencing such sudden changes in hosting platforms, which are due to legal challenges, intervention by law enforcement, etc. So they did what they always do in such cases: they migrated to other far-right platforms where they continued to discuss and organize. IronMach never resurfaced, so it was eventually forgotten.

Last Wednesday, however, a user calling themselves “antifa-data” uploaded what appears to be the entire metadata and chat log archive of IronMarch on the website of the Internet Archive. The content was later removed, but not before it was downloaded by thousands of Internet Archive users, among them government agencies. The data dump reportedly includes the usernames of IronMarch members, as well as the emails associated with their individual accounts. It also contains the IP addresses of IronMarch members and even the contents of private messages that they exchanged with other members.

Some investigative websites have since reported that numerous IronMarch users were associated with email accounts belonging to American universities. Others stated in private messages that they were members of the armed forces of several countries in Europe and the Americas. At least one user appears to have run for Congress in the United States. On Friday, the American website Military Times said that United States authorities were concerned that many of IronMarch’s members said they were serving in the US Armed Forces or expressed a desire to join a military branch. A spokesman for the US Marine Corps told the Military Times that there was “no place for racial hatred or extremism in the Marine Corps”.

Author: Joseph Fitsanakis | Date: 12 November 2019 | Permalink

Turks feared Russia might bomb Erdoğan’s palace in 2015, intelligence memo shows

Hmeimim AirbaseAuthorities in Turkey were concerned that Russia might bomb the presidential palace in Ankara in 2015, to retaliate against the downing of a Russian fighter jet by the Turkish military, according to an intelligence report. On November 25 of that year, a Russian Sukhoi Su-24M attack bomber was shot down by a Turkish F-16 fighter jet over the Syrian-Turkish border. Ankara claimed that the Russian aircraft had violated Turkish airspace for longer than five minutes and had failed to respond to 10 warning messages communicated by radio. By the time the Russian plane was fired upon it was nearly 1.5 miles inside Turkish airspace, according to Turkey’s Ministry of Defense. But the Kremlin claimed that the downed aircraft had been flying a mile south of the Turkish border when it was shot down.

A few hours after the incident, Russian President Vladimir Putin described it as “a stab in the back by terrorist accomplices” and warned Ankara that Moscow would not tolerate such attacks on its armed forces. International observers expressed concern about a possible armed retaliation by Russia against the Turkish military. Now a formerly classified intelligence report suggests that Turkish authorities were concerned that Russia might bomb the country’s presidential palace in Ankara. The report was unearthed by the Nordic Research Monitoring Network (NRMN), a security-oriented research initiative staffed by Turkish experts who live in Europe and the United States.

The NRMN said the previously classified report was authored by Signals Intelligence Directorate of Turkey’s National Intelligence Organization, known as MİT. It describes an intercepted conversation that took place on December 3, 2015. The conversation involved a Syrian military officer, who was believed to be a brigadier general in the army of Syrian President Bashar al-Assad. The officer, identified in the document only as Adnan, was reportedly speaking with an unnamed Russian general, identified only as Sergei, and another unidentified senior officer in the Syrian armed forces. The discussion concerned an upcoming meeting between Syrian and Russian military officials at the Hmeimim Airbase, a Russian-operated military installation on the outskirts of Latakia.

The purpose of the meeting was for the Russian forces to officially notify the Syrians that their warplanes would be carrying a heavier payload in the future, and to explain why. At one point in the conversation the Russian general told the Syrians that part of the heavier payload would consist of “barrel bombs [that] will go to Erdoğan’s palace”. The MİT interpreted that to mean the Turkish Presidential Complex, which is located inside the Atatürk Forest Farm in the Beştepe neighborhood of Ankara. The ensuing intelligence report contains handwritten notes indicating that the information contained in it was communicated to the leadership of the Turkish Armed Forces and the Turkish General Staff.

At the end no attack took place. In June of the following year President Erdoğan sent a letter to his Russian counterpart, in which he expressed his condolences for the family of the Russian pilots who were killed when their aircraft was shot down. Following the July 2016 coup, the two Turkish pilots who had shot down the Russian aircraft were arrested on suspicion of being involved in the attempt to topple Erdoğan. This, in association with the Turkish president’s letter of sympathy, were seen by Moscow as goodwill gestures from Ankara. Relations between the two countries were eventually restored.

Author: Joseph Fitsanakis | Date: 11 November 2019 | Permalink

Saudi king hosts CIA director a day after US charges two Saudis with espionage

Gina HaspelA day after the United States Department of Justice charged two Saudi citizens with engaging in espionage on American soil, Saudi officials hosted the director of the Central Intelligence Agency in Riyadh, reportedly to discuss “the longstanding Saudi-US partnership”.

According to the Federal Bureau of Investigation, two Saudi men, both employees of the US-based company Twitter, were instructed by a member of the Saudi royal family to surrender the personal information of at least 6,000 Twitter users who posted criticism of the Saudi government on social media. As intelNews reported on Thursday, one of the men is under arrest, while the other managed to evade US authorities and is thought to be sheltered by the Saudi government.

It is believed that the member of the Saudi royal family who instructed the two men to carry out espionage was no other than Mohammed bin Salman, the oil kingdom’s crown prince. Wednesday’s developments marked the first time that US authorities have publicly filed espionage charges against Saudi nationals in America.

A day after the charges were filed in the US state of California, Gina Haspel, the director of the Central Intelligence Agency, was reportedly hosted by Saudi Arabia’s king Salman in Riyadh. In addition to Salman and Haspel, the meeting was attended by several senior Saudi officials, including Khalid al-Humaidan, who directs the kingdom’s General Intelligence Directorate. Saudi Arabia’s foreign minister, Prince Faisal bin Farhan, was also present at the meeting.

A tweet by the Saudi Arabian embassy in Washington said that the meeting between Haspel and the Saudi officials revolved around “the longstanding Saudi-US partnership”. It also said that participants discussed “a number of regional and international developments”, but gave no further information. The state-owned Saudi Press Agency said simply that the meeting focused on “a number of topics of mutual interest”, but did not elaborate.

Author: Joseph Fitsanakis | Date: 08 November 2019 | Permalink

FBI charges Twitter employees with working as spies for Saudi Arabia

TwitterUnited States authorities have charged two employees of the social media firm Twitter and a member of staff of Saudi Arabia’s royal family with spying for Riyadh. The Federal Bureau of Investigation filed a complaint on Wednesday in San Francisco, accusing the three men of “acting as unregistered agents” for Saudi Arabia. The phrase is used in legal settings to refer to espionage.

According to the FBI, the charges stem from an investigation that lasted several years and centered on efforts by the oil kingdom to identify and silence its critics on social media. In 2015, the Saudi government allegedly reached out to Ali Alzabarah, a 35-year-old network engineer working for Twitter, who lived in San Francisco. The complaint alleges that Ahmed Almutairi (also known as Ahmed Aljbreen), who worked as a “social media advisor” for Saudi Arabia’s royal family, arranged for Alzabarah to be flown from San Francisco to Washington to meet with an unidentified member of the Saudi dynasty.

Alzabarah, along with another Twitter employee, 41-year-old Ahmad Abouammo, were given money and gifts by the Saudi government in return for supplying it with private information about specific Twitter users, according to the complaint. The information provided by the two Twitter employees to the Saudi authorities allegedly included the email addresses, IP addresses and dates of birth of up to 6,000 Twitter users, who had posted negative comments about the Saudi royal family on social media.

Special Agents from the FBI’s Settle field office arrested Abouammo at his Seattle home on Tuesday. However, Alzabarah is believed to have fled the United States along with his family before the FBI was able to arrest him. He is currently believed to be in Saudi Arabia and is wanted by the FBI, which has issued a warrant for his arrest. The Saudi government has not commented on the case. Twitter issued a statement on Wednesday, saying it planned to continue to cooperate with the FBI on this investigation.

Author: Joseph Fitsanakis | Date: 07 November 2019 | Permalink