Lewandowski: Trump-Putin meeting advances goal of world peace

Also check out Geopolitical expert Lada Ray’s latest interpretation of the Putin-Trump Summit Helsinki 2018 

There’s hope for the future yet. What’s bad for the Deep State is great for humanity! ❤

Lewandowski: Trump-Putin meeting advances goal of world peace

President Donald J. Trump follows in the footsteps of presidents Richard Nixon and Ronald Reagan by engaging in groundbreaking talks with superpowers that traditionally were seen as enemies of the United States, as a means to find common ground on trade and foreign policy in a way that has preserved the peace today.

President Trump’s trip to Helsinki to meet with Russian President Vladimir Putin has drawn criticism from many Democrats and some “Never-Trump” Republicans. Yet, this trip serves an important purpose to open up relations between two powerful nations that do have some common interests, even though both disagree on some very important trade and foreign policy issues.

President Nixon went to communist China and was attacked by many for meeting with a communist dictator. President Reagan engaged in a summit in Reykjavik with Soviet General Secretary Mikhail Gorbachev and was attacked by many on the right and left. Now comes President Trump’s meeting with Russian President Vladimir Putin. The president is currently the subject of attacks – both partisan, from cable-news talking heads and from Never-Trump Republicans – because he wants better relations with another superpower.


In 1972, President Nixon visited Chinese Communist Party Chairman Mao Zedong. Many credit that meeting, and resulting better relations with China, as an event that shifted the Cold War balance between China, the old Soviet Union and the United States. There was enough opposition to his trip that Nixon drew a Republican presidential primary from then-Rep. John Ashbrook (R-Ohio) which failed to register much support but showed that opposition to groundbreaking, disruptive forces in politics is not a new development. One result of Nixon’s trip to China was a peaceful solution to the Taiwan question and the start of U.S.-China trade relations. The fear-mongering, that Nixon was selling out our allies, was proven false.

In 1986, President Reagan met with Gorbachev in a summit dealing with the arms-control issue. That summit did not end up concluding with a deal but later summits did end in a history-making agreement on an arms control treaty, signed in 1987. Again, Reagan was hit by some on the right and by the opposition party as engaging in appeasement with the Soviets, yet Reagan’s move to reduce Russian and American nuclear arms stockpiles was an historic achievement.

History is repeating itself. Today, some Republicans understand the need for better relations with Russia. Sen. Rand Paul (R-Ky.) wrote on July 16 that “Russia doesn’t need to be considered our friend. But we certainly have overlapping interests — Syria, Islamic terrorism and energy — that require us to have an open dialogue and relationship. I am thankful that Trump is once again willing to go against the political elite in Washington and keep the lines of communication to Moscow open.”

It is important to understand that President Trump is a disruptive force in traditional politics and he is willing to take bold actions to make American foreign policy great again.

President Trump’s meeting with NATO allies in Europe was important to push for a restructuring of the financial agreements between the allied nations to take some of the burden of defending Europe off the backs of American taxpayers. Both the NATO and Putin meetings were important to push hard to get Europeans to recognize that they need to pay more for NATO and to open up a dialogue with a nation that, traditionally, has been considered America’s staunchest opponent. Dialogue is important, and talks can only lead to better relations and a better understanding between nations. Those who denigrate talks between the U.S. and Russia ignore the history written by Presidents Nixon and Reagan.

Mere weeks ago, President Trump engaged in talks with North Korean leader Kim Jong Un that have led to progress on a lowering of tensions. Trump, who earlier had threatened North Korea with “fire and fury,” did not retreat from his tough stance by meeting with North Korea in Singapore in June. Historians will look back on the Kim Jong Un and Vladimir Putin meetings as groundbreaking moments when the United States engaged in “peace through strength” and had the confidence to meet with world leaders in a way that will forward world peace and the national security interests of the United States.

Don’t believe the hand-wringing and perpetual outrage of our news media over Trump daring to meet with world leaders. In time we shall see if these historic meetings bear the same fruit that Nixon and Reagan accomplished, yet the continuous opposition that President Trump receives domestically is not helpful. Trump’s opponents suffer from a serious case of “Trump Derangement Syndrome” that does not allow them to give President Trump credit where credit is due.

Corey R. Lewandowski (@CLewandowski) served as a campaign manager to Donald J. Trump, the 45th president of the United States. He is co-author of “Let Trump Be Trump: The Inside Story of his Rise to the Presidency,” and senior adviser to the Great America Committee, Vice President Mike Pence‘s political action committee.

Source: http://thehill.com/opinion/national-security/397253-lewandowski-trump-putin-meeting-advances-goal-of-world-peace

Hacker News: Hackers Used Malicious MDM Solution to Spy On ‘Highly Targeted’ iPhone Users

Security researchers have uncovered a “highly targeted” mobile malware campaign that has been operating since August 2015 and found spying on 13 selected iPhones in India.

The attackers, who are also believed to be operating from India, were found abusing mobile device management (MDM) protocol—a type of security software used by large enterprises to control and enforce policies on devices being used their employees—to contol and deploy malicious applications remotely.

Exploiting Apple MDM Service to Remotely Control Devices


To enroll an iOS device into the MDM requires a user to manually install enterprise development certificate, which enterprises obtained through the Apple Developer Enterprise Program.

Companies can deliver MDM configuration file through email or a webpage for over-the-air enrollment service using Apple Configurator.

Once a user installs it, the service allows the company administrators to remotely control the device, install/remove apps, install/revoke certificates, lock the device, change password requirements, etc.

“MDM uses the Apple Push Notification Service (APNS) to deliver a wake-up message to a managed device. The device then connects to a predetermined web service to retrieve commands and return results,” Apple explains about MDM.

Since each step of the enrollment process requires user interaction, such as installing a certificate authority on the iPhone, it is not yet clear how attackers managed to enroll 13 targeted iPhones into their MDM service.

However, researchers at Cisco’s Talos threat intelligence unit, who discovered the campaign, believe that the attackers likely used either a social engineering mechanism, like a fake tech support-style call, or physical access to the targeted devices.

Spying Through Compromised Telegram and WhatsApp Apps


According to the researchers, the attackers behind the campaign used the MDM service to remotely install modified versions of legitimate apps onto target iPhones, which were designed to secretly spy on users, and steal their real-time location, contacts, photos, SMS and private messages from chat applications.

To add malicious features into secure messaging apps, such as Telegram and WhatsApp, the attacker used the “BOptions sideloading technique,” which allowed them to inject a dynamic library into the legitimate apps.

“The injection library can ask for additional permissions, execute code and steal information from the original application, among other things,” researchers explain.

The malware injected into the compromised versions of the Telegram, and WhatsApp applications were designed to send contacts, location, and images from the compromised device to a remote server located at hxxp[:]//techwach[.]com

“Talos identified another legitimate app executing malicious code during this campaign in India. PrayTime is used to give the user a notification when it’s time to pray,” researchers said.

“The purpose is to download and display specific ads to the user. This app also leverages private frameworks to read the SMS messages on the device it is installed on and uploads these to the C2 server.”

At this time, it is not known who is behind the campaign, who was targeted in the campaign, and what were the motives behind the attack, but researchers find evidence suggesting the attackers were operating from India, while the attackers planted a “false flag” by posing as Russian.

“Over a three-year period, the attackers remained under the radar — likely due to the low number of compromised devices. We found testing devices enrolled on the MDM with an Indian phone number and registered on an Indian provider,” Talos researchers said.

“All the technical details point to an actor based in the same country as the victims: India.”

At the time of reporting, Apple had already revoked 3 certificates linked to this campaign, and after getting informed by the Talos team, the company also canceled the rest two certificates as well.

Hacker News: BTC-e Operator, Accused of Laundering $4 Billion, to be Extradited to France

alexander vinnik btc-e money laundering

In a legal extradition tug-of-war between the United States and Russia, it seems France has won the game, surprisingly.

A Greek court has ruled to extradite the Russian cybercrime suspect and the former operator of now-defunct BTC-e crypto exchange to France, instead of the United States or to his native Russia, according to multiple Russian news outlets.

Alexander Vinnik, 38, has been accused of laundering more than $4 billion in bitcoin for criminals involved in hacking attacks, tax fraud and drug trafficking with the help of BTC-e crypto exchange.

BTC-e, a digital currency exchange service operating since 2011, was seized by the authorities right after Vinnik’s arrest in northern Greece in late July 2016 at the request of US law enforcement authorities.

Vinnik is also accused to the failure of the once-most famous Japanese bitcoin exchange Mt. Gox, which was shut down in 2014 following a series of mysterious robberies, which totaled at least $375 million in Bitcoin.

The U.S. authorities believe Vinnik “obtained” funds from the hacker or insider who stole bitcoins from Mt. Gox and sent them to a bitcoin wallet controlled by him and intentionally laundered the money through BTC-e over a period of three years.

The Greek Supreme Court earlier approved Vinnik’s extradition to the U.S. to stand trial on the charges with the operation of an unlicensed money service business, money laundering, conspiracy to commit money laundering, and engaging in unlawful monetary transactions.

However, a Greek lower court in the northern city of Thessaloniki agreed Monday to extradite Vinnik to France, where he is facing charges for defrauding thousands of people worldwide, including about 100 French nationals, through his bitcoin platform and laundered 133 million euros using 20,643 bitcoins.

Russia is also seeking Vinnik to face $11,000 worth of fraud charges, very low as compared to accusations made by other countries, although a hearing date for the Russian extradition request has not yet been set.

However, Vinnik, who is in Greece jail, being insolent denying all the charges made by the United States, Russia, or France.

The Russian Foreign Ministry has criticized the Greece extradition decision in a statement, saying:

“Yielding to external pressure, the Greek authorities continue to complicate relations with Russia. Several days after taking an unfriendly decision to expel Russian diplomats and to deny entry to several Russian citizens, they have adopted a decision to extradite Russian citizen Alexander Vinnik to France. It is obvious that Russia cannot leave these actions unanswered.”

However, reportedly Greece’s justice minister can still overturn the court ruling and decide where Vinnik ends up—the United States, Russia or France.

Vinnik’s Greek lawyer Ilias Spyrliadis told Russian news agency TASS that he is planning to appeal against the court’s decision in the Greek Supreme Court.

Hacker News: 21-Year-Old Creator of LuminosityLink Hacking Tool Pleads Guilty


As it was speculated that the author of LuminosityLink RAT was arrested last year, a plea agreement made available to the public today confirmed the news.

Back in September last year, Europol’s European Cybercrime Centre (EC3) and National Crime Agency began the crackdown on the LuminosityLink RAT, targeting sellers and users of the malware, which resulted in the seizure of a considerable number of computers and internet accounts across the world, and complete takedown of the threat.

Colton Grubbs, a 21-year-old man from Kentucky, the developer of the LumunosityLink RAT has pleaded guilty to federal charges of creating, selling and providing technical support for the malware to his customers, who used it to gain unauthorized access to thousands of computers across 78 countries worldwide.

First surfaced in April 2015, the LuminosityLink RAT (Remote Access Trojan), also known as Luminosity, was a hacking tool that was sold for $40, marketing itself as a legitimate tool for Windows administrators to “manage a large amount of computers concurrently.”

However, in reality, LuminosityLink was a dangerous remote access trojan designed to disable anti-virus and anti-malware protection installed on a victim’s computer in order remain undetected, and then began its other nefarious activities, which included:

  • activating the webcam on the victim’s computer to spying on video feeds,
  • accessing and viewing documents, photographs, and other files,
  • recovering passwords,
  • injecting an aggressive keylogger in almost every running process on the infected computer to automatically record all the keystrokes entered by the victim.
Colton Grubbs luminositylink rat malware

Moreover, a simple search on Google about LuminosityLink would land you to a public filing page at the Kentucky Secretary of State office, which shows Grubbs also incorporated a company named “Luminosity Security Solutions LLC” on 7 June 2016 (about 2 years ago) in an attempt to label his tool as a legitimate service.

Grubbs, who was using online moniker of ‘KFC Watermelon,’ marketed and sold LuminosityLink on his luminosity.link website and public internet forum HackForums.net. The malware was sold to more than 6,000 individuals, who used it maliciously to take over tens of thousands of computers in 78 countries.

Previously Grubbs claimed that LuminosityLink was legitimate software for system admins, but in Monday’s plea agreement, the author admitted that he knew some of its customers were using it to illegally hack into victims’ computers without their knowledge or permission.

“Defendant’s marketing emphasized these malicious features of LuminosityLink, including that it could be remotely installed without notification, record the keys that a victim pressed on their keyboard, surveil victims using their computer cameras and microphones, view and download the computer’s files, steal names and passwords used to access websites, mine and earn virtual currency using victim computers and electricity, use victim computers to launch DDoS attacks against other computers, and prevent anti-malware software from detecting and removing LuminosityLink,” the plea agreement signed by Grubbs reads.

Grubbs also admitted that when he learned of an FBI raid on his apartment in July last year, he tried to hide evidence—including his laptop, hard drives, a debit card associated with his bitcoin account and a phone storing his bitcoin information—before the authorized search.

Three days later, Grubbs also transferred more than 114 bitcoin (around $273,000 at the time) from his LuminosityLink bitcoin address to six new bitcoin addresses.

Grubbs has now pleaded guilty to 3 counts of invasion of privacy, conspiracy, and causing loss of at least $5,000 to the protected computers, which carry punishments of up to 25 years in prison and fines of $750,000.

%d bloggers like this: