On 8 December 2020, U.S. cybersecurity firm FireEye disclosed that a collection of their proprietary cybersecurity research tools had been stolen, possibly by "a nation with top-tier offensive capabilities."[26][27] On 13 December 2020, FireEye announced that investigations into the circumstances of that intellectual property theft revealed "a global intrusion campaign ... [utilizing a] supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute malware we call SUNBURST.... This campaign may have begun as early as Spring 2020 and... is the work of a highly skilled actor [utilizing] significant operational security."
As another Lame Cherry exclusive in matter anti matter.
The Lame Cherry is going to attempt to explain how Joe Biden had the 2020 elections stolen for him, and all of these traitors have signed onto it, and how all of this is a prelude to World War IV.
When this Lame Cherry broke the story that the breach of American Presidential and conglomerate infrastructure was from the inside, the above quote which began this proves exactly that.
FireEye disclosed that a collection of their proprietary cybersecurity research tools had been stolen,
No one just breaks into FireEye cybersecurity and steals their research tools. Just as no one broke into the CIA and stole Hammer and Scorecard for Obama to use to steal elections, and how Joe Biden stole the 2020 election. This was Birther Hussein, Joe Biden and John Brennan, taking CIA programs designed to monitor and overthrow nations to make them compliant to the United States, but were instead used by these American haters to steal elections from right wing Americans.
The Solar Wind of Bidencon Treason
When the Lame Cherry stated that Solar Winds was not just hacked, this has proven correct. The owners and management of Solar Winds have been cashing in on selling company stocks worth millions since mid November. They knew exactly what had taken place in their firm and sold shares before this story broke.
The workings of the Solar Wind's "patch" is at the center of this hacking program being blamed on Russia, but is in fact beyond anything Russia has ever created. It centers on a dll file which most of you have seen as you used to get those files missing and programs would not run on your computer.
This was not an accident. This was not a hack. This was Seth Rich copying DNC files to give to Wikileaks. This was someone in Solar Winds who wrote this program and I repeat this was a finite number of people who have the security and access at Solar Winds in Austin Texas who have the kind of security clearance to work on these patches.
When codex is written, it follows a pattern and the code writers have signatures in how they write. One simply can not write a code for a patch on a system and not have a string pop out which is a trojan. You can not hide something like this. There are protocols in place to check. There are automatic cyber security to find such things. The only way this malware was passed through the system was the system was shown a real version, and someone put a mirror of this Solar Winds in to replace it.
Even at that, the NSA, Boos Hamilton (Edward Snowden's employers) CIA and FBI all have security checks, which FireEye is, and that includes the Treasury, and all of these fortune 500 companies do too, and this virus got past them all. That is impossible. Yes you can put a sleeper chain into place which this is, but at the same time, the NSA is not some candy wrapper agency. They have the programs and experts which look at and quarantine all of these chains of codex.
Someone has to rewrite the cyber security protocols to not see this chain. I will repeat that in the reports which have been published this only hit the President and the executive offices, and fortune 500 and Wall Street. The CIA and FBI were not hit, so that would mean someone was gathering data again on President Trump, the NSA in what it knew and was picking up, and the blackmail information of Wall Street. This is what the CIA and FBI were weaponized to accomplish. Everything about this stinks of an inside job, and just as in 2016 the Russians are being blamed.
The Lame Cherry is not stating that the Russians and Chinese are not to blame, along with those cut and paste Indian curry nigs who these tech companies hire, but where you can hire Chicom PLA codex writers at Solar Winds, there still needs someone in the final end to green light this malware and have it installed, and know enough about United States security, to understand how to run a glorified PROMIS system to data mine Donald Trump's computers.
The software builds for Orion versions 2019.4 HF 5 through 2020.2.1 that were released between March 2020 and June 2020 might have contained a trojanized component. However, FireEye noted in its analysis that each of the attacks required meticulous planning and manual interaction by the attackers.
The attackers managed to modify an Orion platform plug-in called SolarWinds.Orion.Core.BusinessLayer.dll that is distributed as part of Orion platform updates. The trojanized component is digitally signed and contains a backdoor that communicates with third-party servers controlled by the attackers. FireEye tracks this component as SUNBURST and has released open-source detection rules for it on GitHub.
Once this Solar Winds was installed as a trojan, it went into sunburst as it is called, which as you know what a sunburst is, the thing like the Bill Gates mRNA injection that Biden is going to hold down and ram into your body, started rewriting codex into temporary files and set up a stealth cloaking shield which it was running behind that would show it was a normal function of the system, so it would be disregarded.
The backdoor uses multiple obfuscated blocklists to identify forensic and anti-virus tools running as processes, services, and drivers."
The backdoor was used to deliver a lightweight malware dropper that has never been seen before and which FireEye has dubbed TEARDROP. This dropper loads directly in memory and does not leave traces on the disk. Researchers believe it was used to deploy a customized version of the Cobalt Strike BEACON payload. Cobalt Strike is a commercial penetration testing framework and post-exploitation agent designed for red teams that has also been adopted and used by hackers and sophisticated cybercriminal groups.To avoid detection, attackers used temporary file replacement techniques to remotely execute their tools. This means they modified a legitimate utility on the targeted system with their malicious one, executed it, and then replaced it back with the legitimate one.
The above his how the hackers were spying on the President or stealing the election for Biden. Take for example you have a game on your computer, say chess from Microsoft. What Solar Winds was engaged in, was it downloaded onto the memory the trojan. The trojan then was used to place it's tools into the chess exe files, which then began the data mining. These operations were run behind operational screens, and at off times. High speed computer and internet would not show the drag. Once the information was communicated, the trojan removed the data mining tools and replaced them with the original chess exe.
The way FireEye detected this after eight months of spying was the log files were showing activity which was not supposed to be there.
APT29 is being blamed for this. This is that same shadowy group in Russia which is known by different names like Cozy Bear and you will remember Hillary Clinton's fraud cyber security group out of Ukraine in CrowdStrike fingered them for hacking the DNC which was a damned lie as Seth Rich copied the files. In that lie, someone was putting Russian fingerprints into servers when it was not the Russians at all, as Robert Mueller indicted them.
In this period numbers of NSA viruses were stolen it was reported. NSA was found hacking into George election computers too in this era. There has been a great deal of cover up and blaming of Russia, when the Russiagate fraud was traced to MI6, Mosaad and Obama having stolen CIA hacking tools.
The only way Solar Winds could have happened was from the inside, inside the United States.
The Russians have rudimentary programs like the one John Podesta supposedly clicked on in a phishing email which opened a trojan install. The Russians have a model which is a trojan install which then uses a drop off new infection to infect the system. That is what happened in Solar Winds, but it was the difference between a burger and fries and a seven course meal.
This is the kind of operation which happens when MI6, Ottawa, Tel Aviv are running an operation to cripple the United States, start another world war for their benefit and blame the Russians and Chinese in their ham fisted attempts, while the real perpetrators were inside the American system and using American codex.
The CozyDuke malware utilises a backdoor and a dropper. The malware exfiltrates data to a command and control server. Attackers may tailor the malware to the environment.[1] The backdoor components of Cozy Bear's malware are updated over time with modifications to cryptography, trojan functionality, and anti-detection. The speed at which Cozy Bear develops and deploys its components is reminiscent of the toolset of Fancy Bear, which also uses the tools CHOPSTICK and CORESHELL
Cozy Bear, classified as advanced persistent threat APT29, is a Russian hacker group believed to be associated with one or more intelligence agencies of Russia. The Dutch General Intelligence and Security Service (AIVD) deduced from security camera footage that it is led by the Russian Foreign Intelligence Service (SVR).[4] Cybersecurity firm CrowdStrike also previously suggested that it may be associated with either the Russian Federal Security Service (FSB) or SVR.[2] The group was given other nicknames by other cybersecurity firms, including Office Monkeys, CozyCar,[5] The Dukes (by Volexity), and CozyDuke[6][7] (by F-Secure).
The last sentence of the first paragraph says it all.
the work of a highly skilled actor [utilizing] significant operational security.
That is not a Russian or Chinaman. That is the kind of work which comes out of London, Berlin, Tel Aviv or Langley.
These stories are far too complicated for 99.9% of the public and the information produced is meant to confuse. When one sifts through though you do find the gems which reveal the group behind this. The information says this came from the inside, and that means inside America in traitors, foreign assets and foreign intelligence were involved, and that includes Five Eyes which was plugged into this and that is the access.
When Birther Hussein wanted Stuxnet, he had the Jews write it and the Germans stick it into the Iranian nuclear program. What Solar Winds is, did not happen because the Russians hacked in as they did not hack into Solar Winds and this was not the Chinese programmers writing malicious code at Solar Winds. This codex was created with help from the inside and installed with help from the inside.
This is once again another Lame Cherry exclusive in matter anti matter.
Nuff Said
agtG