Fake URL shortening service was part of British online spy operation

August 2, 2016 by 2 Comments

Iran protestsAn internet website that offered free URL shortening services appears to have been a front created by British intelligence in order to spread messages and monitor activists involved in protests in Iran and the Arab world. The website was used heavily during the Iranian presidential election protests of 2009, which became known as the Iranian Green Movement. After a brief hiatus, the website was used again in 2011, as the Arab Spring revolts in North Africa and the Middle East were intensifying. The information pointing to the use of the website comes from documents leaked by Edward Snowden, the American former intelligence employee who has been granted political asylum in Russia.

According to the leaked documents, the website, lurl.me, was devised by a specialist until of the Government Communications Headquarters (GCHQ), Britain’s intelligence agency that collects signals intelligence. The unit, called Joint Threat Research Intelligence Group (JTRIG), devised the website as part of an operation codenamed DEADPOOL. The leaked documents state that the purpose of the website was to operate as a “shaping and honeypot” tool, by helping disseminate messages in support of the protests while at the same time allowing the GCHQ to monitor the protesters’ online activities. Lurl.me first appeared in June 2009 as a self-described “free URL shortening service”, using the slogan: “we help you get links to your friends and family fast”. It was used repeatedly on Twitter and other social media platforms to spread messages against the government of Iran. But the vast majority of social media accounts that made use of the website, like @2009iranfree, were operational only for a short period of time, had few followers, and ceased all activity at the end of the Iranian Green Movement. By that time, hardly anyone was using lurl.me. But the website made its appearance again on social media in April of 2011, with messages against the government of Syria. According to Vice’s Motherboard website, Tweets using the lurl.me service appeared to be active only between 9 a.m. and 5 p.m. UK time, and only on weekdays.

Both in 2009 and 2011-2013, lurl.me was used to instruct anti-government activists on how to avoid being monitored by the authorities. Some links contained instructions on how to access the Internet via satellite. Others provided directions on using proxies to access websites that were blocked by the authorities. At the same time, however, the documents leaked by Snowden show that the GCHQ also used the service to track the activities of anti-government activists who clicked on the lurl.me links, and even to ‘deanonymize’ (=to establish the real identity) of these users.

IntelNews first reported on JTRIG in February 2014, when its existence was first revealed by Snowden. The specialist unit has been associated with targeting self-described ‘hacktivist’ groups like Anonymous or LulzSec, using malware, social engineering, and other techniques. JTRIG also appears to have conducted online intelligence operations against the government of Argentina.

Motherboard reports that lurl.me was last used in November 2013, shortly after Snowden began leaking files from his secret hiding place in Russia. Motherboard said it contacted GCHQ for a reaction to the lurl.me allegations, but the agency said it would “not comment on intelligence matters”.

Author: Joseph Fitsanakis | Date: 02 August 2016 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , ,

UK spied on Argentina to prevent second Falklands war, papers show

April 6, 2015 by Leave a comment

Port Stanley, FalklandsBy JOSEPH FITSANAKIS | intelNews.org
The British government carried out an extensive program of intelligence collection and psychological operations in Argentina until 2011, because it was concerned about the security of the Falkland Islands, according to newly leaked documents. In 1982, the two countries went to war over the islands, which are ruled by Britain but are claimed by Argentina. The 74-day conflict, which killed nearly 1,000 soldiers and civilians on both sides, ended in defeat for the Argentinian forces and solidified British authority in the South Atlantic territory. But Argentina continues to dispute Britain’s rule over the Falklands, which it calls Malvinas, and has repeatedly threatened to take them over.

Documents released last week by Argentine online news portal TN.com, reveal that a consortium of British intelligence units implemented a broad program of spying and propaganda operations against Argentina. The program, codenamed Operation QUITO, lasted from 2006 to 2011, and was aimed at hampering perceived efforts by the Argentine government to subvert British rule in the Falklands. The news portal said it received the documents from Edward Snowden, an American former intelligence contractor who currently lives in Russia under political asylum. According to TN.com, the secret program was implemented by the Joint Threat Research Intelligence Group (JTRIG, as reported by intelNews in February 2014). It is believed that JTRIG is an office operating under the command of the Government Communications Headquarters (GCHQ), Britain’s signals intelligence agency. Its focuses on psychological operations —known in Britain as “effects operations”— which are aimed at discrediting their targets through sabotage and misinformation campaigns.

According to the newly released documents, JTRIG launched Operation QUITO as a “long-term, far reaching” program that included the interception of communications of Argentine politicians, the planting of computer viruses on Argentine networks and the spreading of misinformation or pro-British propaganda online. As of Sunday night there had been no official response to the news report from either the Argentine or the British governments.

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , ,

News you may have missed #870

February 27, 2014 by 1 Comment

Carl LodyBy IAN ALLEN | intelNews.org
►►Documents show NZ spies taught ‘honey trap’ tricks. Members of New Zealand’s Government Communications Security Bureau were briefed by counterparts from the ultra-secret Joint Threat Research Intelligence Group, a unit of the British Signals intelligence agency GCHQ, on setting honey traps and Internet “dirty tricks” to “control, infiltrate, manipulate, and warp” online discourse, documents leaked by Edward Snowden reveal. According to the slides, JTRIG conducted “honey traps”, sent computer viruses, deleted the online presence of targets and engaged in cyber-attacks on the “hacktivist” collective Anonymous.
►►Ex-CIA analyst tells how data helped catch bin Laden. A central figure in the manhunt for Osama bin Laden, Nada Bakos spoke this week as the keynote speaker at a conference in California, on how data, big and small, led to the capture of al-Qaeda founder Osama bin Laden. “You don’t want to lead the information, you want the information to lead you”, she said, and credited the agency’s innovative gathering process that institutionalized various types of intelligence analysis —opposed to solely relying on general guidelines and best practices.
►►The story of WWI German spy Carl Lody. Towards the end of August 1914 a man checked into what is now the Balmoral Hotel in the centre of Edinburgh claiming to be an American tourist. In reality he was a German spy who had been sent to gather intelligence from the British. Carl Lody was a junior naval officer who had been forced to retire for health reasons but was looking for other ways to serve the fatherland. He was especially attractive to German naval intelligence because he had lived for years in the United States and spoke English fluently, although with an American accent.

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , , , , , , , ,