CrowdStrike, The DNC’s Security Firm, Was Under Contract With The FBI

a reply to: JinMI

Check my edit above ...crowdstrike was involved in the analysis .And probably more .

a reply to: the2ofusr1

Not following.

What is that source meant to imply?

a reply to: JinMI

Not following. What is that source meant to imply?

This thread about crowdstrike and the other thread about Platt River where Hillary had her servers connect .Crowdstrike worked on the Platt river servers and the Podesta Email discussing the servers also links .Plus the Russian narrative also links . I am thinking that Hillary and Podesta after getting millions of dollars from Russia over the years were also planning on throwing them under the bus as well .

a reply to: the2ofusr1

You'll have to point it out for me. I'm not running on all cylinders tonight. Where does it show CrowdStrike worked on Platte River systems?

ETA: Oh, I see. CS already did an eval on the server before the FBI got in touch with the DNC.

Thant's something to ponder.

a reply to: JinMI

Read this part which names crowdstrike ......"The companies are Fidelis Cybersecurity and Mandiant. They base their analysis on five malware samples used in the hacking attack. Fidelis executive Michael Buratowski says, “Based on our comparative analysis, we agree with CrowdStrike and believe that the Cozy Bear and Fancy Bear…groups were involved in successful intrusions at the DNC [Democratic National Committee] . […] The malware samples matched the description, form and function that was described in the CrowdStrike blog post. In addition, they were similar and at times identical to malware that other [research firms] have associated to these actor sets.”

Crowdstrike looked into the platt river servers and Fidelis executive Michael Buratowski says, he agrees

a reply to: the2ofusr1

."The companies are Fidelis Cybersecurity and Mandiant. They base their analysis on five malware samples used in the hacking attack. Fidelis executive Michael Buratowski says, “Based on our comparative analysis, we agree with CrowdStrike and believe that the Cozy Bear and Fancy Bear…groups were involved in successful intrusions at the DNC [Democratic National Committee]

That's not indication that Platte River used Crowdstrike. Platte RIver is where HRC backed up her files to. Not the DNC server.

If I'm understanding this correctly.

a reply to: JinMI

The statements by the Platt River security analysis agreeing with Crowdstrike were before the DNC hacks .Platt River was over the Bengazie hearings well before the election .

a reply to: JinMI

Qatar used Crowdstike the FBI for their recent hack. So did Sony. Anyone mention Dimitri from Crowdstrike is a Senior Fellow with The Atlantic Council?

a reply to: D8Tee

Not thus yet, but I remember seeing something about it.

Nato's fingers run deep.

Any chance this will become relevant now?

originally posted by: JinMI
Any chance this will become relevant now?

It looks like these connections are going to be scritunized, which is good.

Thre is so much that could be there.

But as I said on another thread, the DNC used the same lw firm to hire Fusion GPS as they did to hire crowdstrike.

This means that all of the evidence about the hack of the server, and all of the evidence about Trump on the dossier are formulated by DNC employees.

That is incredibly troubling.

a reply to: Grambler

Astounding. Both firms have direct ties to the FBI and the CIA via former and current employees and financing. All backing the democratic party.

a reply to: JinMI

I am going to put the latest Climate Audit link climateaudit.org...-23471 Its deep and be sure to check the comment section . I have some catching up to do myself and see what I can scrape up. found this bit

Posted Oct 12, 2017 at 4:01 PM | Permalink I think we can exclude sloppiness. This is what they know. This is what they these people do, every day. If this X-Tunnel binary is really from the group associated with APT28, then they would not redeploy an outdated version ‘by accident’, surely? Of course one could assume that APT28/Fancy Bear/Sednit (etc) doesn’t care. That can work assuming they have a way that X-Tunnel knows where to get a good IP address for its C&C when the hard-coded one isn’t responding. That would still be very odd, because it is very easy for them to change the IP address to one that works and then simply recompile. In April 2016 it was almost a year ago that the old C2 IP stopped working in May 2015; surely even when they are lazy they will have recompiled at least once in the meantime ?! So I see three options (with a few variants 🙂 ): 1. Re-use of an X-Tunnel binary by another group (not APT28) but that only works when that group knows how to use the binary by changing the C&C IP, say by overwriting in memory or by using startup parameters. Otherwise it is misdirection and we have option 2b below.
2. Misdirection (by either APT28 or another group) 2a. Misdirection by APT28 – unlikely but say they really want to be found, so they reuse an outdated binary in order to … ? 2b. Misdirection by another group (not APT28), like say a state or non-state entity who likes to make people mad at Russia or to drive a wedge between them and the US. 3. CrowdStrike lied (with two sub-options) 3a.
CS lied about the time of infection; this binary is really from APT28, but it was present at the DNC since May or June 2015, not since April 2016 as they (CS) claimed 3b. CS lied. There was no hack by APT28 at all, instead they (CS) deployed this binary to make it look like it was. IMHO 2a is very unlikely, what would be their motive? Options 1 and 2b mean that there was a malware binary, but it wasn’t APT28 and hence unlikely to be ‘The Russians’ (as in Russian government). Option 3b also means that it wasn’t ‘The Russians’. Option 3a still means that CS has some explaining to do, because they were quite adamant that APT28 did not enter the DNC before April 2016. Also do we have any evidence for a leak or hack before April 2016? I guess it is possible, but at this moment I’m not buying it.