|
COMPROMISED DEVICES: HP BLACK
Before any forensics have been done on these machines, information and images of the devices have been given to multiple disconnected parties for safety and security reasons. Each machine or device has images of the drives from various times and stages, most with the memory drives & devices untouched. Quite a few I still use and put online to use and gather further interactions. Some I also set up to be observed remotely when in use. The modus operandi for getting onto these devices after looking at logs, watching interactions, and doing afterwards electronic and sometimes physical forensics, seems varied as to specific device, system and connection. Some of these crimes definitely had to be done physically, like switching cameras and connecting other devices to these computers, which were done when I was not home. Mostly though hacking wise, first a few things were required. Perpetrators root, through software or through direct ssh/powershell/terminal functions, both as an administrator on the actual device, and remotely using what appears to be hypervisor specific. After the breakin's when I was at the rock n roll shows, at least one of the machines shows signs of bios corruption. Multiple machines, which were possibly physically compromised, show possible signs of firmware hacking. Screen shot capabilities are set up or exploited, sometimes through system native software suites such as observed components being used in Microsoft Office. It appears some type of communications servers on my devices are used to forward collected data. Perpetrators set up hidden and viewable partitions, password protected, and will do the same remotely, to siphon and place data off/on my machines. Often these "miners" which are the software components which harvest and transmit data, will be set up on a schedule. Certificate Allocations: Perpetrators change bios and networking certificates so that it is virtually impossible to do some things with some devices. This seems recently to become a set of standard procedures. In effect doing this and other methods Perpetrators are locking up machines and disallowing updating or new systems being installed or repaired. Security Certificates play possible an even bigger role in cellular phone hacking. The android phones were a nightmare with excess ability ramped up through mass amounts of certificate bindings. Apple phones were not nearly as insecure in this manner. The Iphone wifi and blutooth network adapters and software had issues specifically their own. Often, files have been damaged, removed, and replaced on these devices they have accessed. Some of these machines you cannot get any data off them through burning onto cd, putting onto a usb, or transfer via applications or network connections. The attacker's goal is to make these machines unusable and destroy, corrupt, replace, and reimagine data on these machines for nefarious purposes. Most of the time, when attackers do this to a degree, you can only create symbolic links on remote data, which means nothing, you cannot transfer data off these devices, period. Only the attacker can through owner setups. IMSI catchers and other types of interactive capable electronic devices have been in heavy use during these crimes. Used in interactive mode, some types of these machines offer real time man in the middle as well as avenues onto devices. Welcome to the Era Of Fear and Lies, during the Age of Paranoia.
Please enter your passkey in the dialog box below to continue. Passkey's can be found on the DVD's received or time responsive ones posted online or via email. Resulting content is not on these servers and cannot be accessed otherwise. |
