Tag Archives: NSA

Did US Military Find Evidence Of 2022 Election Fraud?!

Did the US military find evidence of fraud in the 2022 midterm election?!

Take a look at the viral claim, and find out what the FACTS really are!


Claim : US Military Find Evidence Of 2022 Election Fraud!

On 9 November 2022, Real Raw News posted an article claiming that the US Army Cyber Command found evidence of fraud in the 2022 midterm election!

It is long and rambling, so please feel free to skip to the next section for the facts!

As citizens and politicians anxiously scrutinized results, so too did the White Hat partition of the U.S. military. At U.S. Army Cyber Command headquarters in Fort Gordon, Georgia, cyber security analysts began noticing election irregularities early in the day. Approximately 35% of vote tabulators—electronic devices into which ballots are fed and counted—experienced what the Maricopa County Elections Department called a “technical hiccup,” which persisted for several hours. Unbeknownst to election officials, White Hats had undercover boots on the ground as the “glitch” forced voters to cast ballots elsewhere or forego voting altogether. At least one machine had active Wi-Fi and was connected to the internet, a Cyber Command source told RRN.


Truth : US Military Did Not Find Evidence Of Fraud In 2022 Election!

The truth is – this is just another FAKE STORY created by Real Raw News, just to generate page views and money.

Everything that Real Raw News posts must be regarded as FAKE NEWS, until proven otherwise.

Fact #1 : Real Raw News Is A Fake News Website

Real Raw News is a FAKE NEWS website that capitalises on making shocking but fake stories to generate page views and money.

To protect himself from legal repercussions, the owner and writer, Michael Baxter (real name – Michael Tuffin), claims that his articles are “humour, parody, and satire“.

This disclaimer, which is not clearly mentioned in his articles, lets him keep creating fake news that will go viral, and generate him money.

His articles have been regularly debunked as fake news, so you should NEVER share anything from his website. Here are some of his fake stories that I personally debunked earlier:

As Michael Tuffin himself admitted, he writes as Michael Baxter to “indemnify [himself] against potential legal ramification“.

Fact #2 : Real Raw News Never Offer Actual Evidence

Real Raw News reports always quotes anonymous sources, and offer no evidence to back up those claims. It’s no different in this new claim of electoral fraud in the 2022 midterm election.

Michael Baxter / Tuffin wrote such a long story, and quoted anonymous sources, but when you really look carefully – there is ZERO EVIDENCE for any of his claims.

That’s not really surprising though. How likely is it for this “former English teacher” to get the “inside scoop” from so many anonymous sources from his home in Texas? And why do all his scoops always end up false?

Read more : Moderna CEO Stéphane Bancel Arrested For Murder?!

A March 2018 screenshot of Michael Tuffin, who goes by the pseudonym Michael Baxter

Fact #2 : 2022 US Election Was Protected By Three Agencies

It is important to understand that the 2022 midterm US election was not actually protected by the US Army Cyber Command, as Real Raw News claimed.

The 2022 midterm election in the United States was protected by three different agencies, from two different departments:

  • Cybersecurity and Infrastructure Security Agency (Department of Homeland Security)
  • Cyber Command (Department of Defense)
  • National Security Agency (Department of Defense)

The US Army Cyber Command is merely one part of the US Cyber Command, which oversaw the protection of the 2022 election and is based in Fort Meade.

Fact #3 : All Three Agencies Detected No Fraud Or Threat

On November 8 and 9, 2022, officials from all three agencies said that they detected no evidence of fraud or threat to disrupt the election infrastructure.

Jen Easterly, director of the US Cybersecurity and Infrastructure Agency said:

We have seen no evidence that any voting system deleted or lost votes, changed votes, or was any way compromised in any race in the country.

General Paul Nakasone who heads the US Cyber Command and NSA operation to protect the 2022 midterm election said:

We continue to refine what we learned from the 2018 and 2020 elections. We generate insight to enable defense of the homeland, and ultimately impose costs by degrading and exposing foreign adversary capabilities and operations.

Fact #4 : No Legitimate Report Of Fraud In 2022 Election

There was no remotely similar report from any legitimate news outlet, nor an official statement by any government agency.

In fact, not even Fox News, which is notorious for pushing fake claims, actually reported that there was evidence of fraud in the 2022 midterm election.

Everything that Real Raw News posts should be regarded as FAKE NEWS.

Now that you know the facts, please SHARE THIS FACT CHECK out!


Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.


Recommended Reading

Go Back To > Cybersecurity | Fact CheckTech ARP


Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Kaspersky Lab Reveals Mokes Backdoor In NSA Leak

Kaspersky Lab just issued an update on their internal investigation into the alleged downloading of NSA hacking tools by Russian hackers, and their own team. Their update provides new insights into the hack, including their new findings on the Mokes backdoor used to gain access to the infected computer.


What’s Going On With Kaspersky Lab?

Kaspersky Lab can’t seem to get ahead of the bad publicity over the alleged downloading of NSA hacking tools from an NSA employee’s home computer. After the incident was first reported in the Wall Street Journal,  Kaspersky Lab launched an internal investigation.

They have also recently announced their Global Transparency Initiative to combat the perception that they are helping the Russian government attack Western interests.

Read : Eugene Kaspersky On The Cyberspace Survival Guide


Kaspersky Lab’s Initial Findings

Kaspersky Labs published these initial findings on 25 October :

  • On September 11, 2014, a Kaspersky Lab product installed on the computer of a U.S.-based user reported an infection of what appeared to be variants of malware used by the Equation APT group– a sophisticated cyber threat actor whose activity had already been under active investigation since March 2014.
  • Sometime after this, the user seems to have downloaded and installed pirated software on their machine, specifically a Microsoft Office ISO file and an illegal Microsoft Office 2013 activation tool (aka “keygen”).
  • To install the pirate copy of Office 2013, the user appears to have disabled the Kaspersky Lab product on their computer, because executing the illegal activator tool would not have been possible with the antivirus enabled.
  • The illegal activation tool contained within the Office ISO was infected with malware. The user was infected with this malware for an unspecified period while the Kaspersky Lab product was inactive. The malware consisted of a full-blown backdoor which could have allowed other third-parties to access the user’s machine.
  • When re-enabled, the Kaspersky Lab product detected the malware with the verdict Backdoor.Win32.Mokes.hvl and blocked this malware from calling out to a known command and control server. The first detection of the malicious setup program was on October 4, 2014.
  • In addition, the antivirus product also detected new and previously known variants of Equation APT malware.
  • One of the files detected by the product as new variants of Equation APT malware was a 7zip archive which was sent back, in accordance to the end-user and KSN license agreements, to the Kaspersky Virus Lab for further analysis.
  • Upon analysis, it was discovered that the archive contained a multitude of files, including known and unknown tools of Equation group, source code, as well as classified documents. The analyst reported the incident to the CEO. Following a request from the CEO, the archive itself, source code, and any apparently classified data were deleted within days from the company’s systems. However, files that are legitimate malware binaries currently remain in Kaspersky Lab storage. The archive was not shared with any third-parties.
  • The reason Kaspersky Lab deleted those files and will delete similar ones in the future is two-fold: first, it needs only malware binaries to improve protection and, secondly, it has concerns regarding the handling of potentially classified material.
  • Because of this incident, a new policy was created for all malware analysts: they are now required to delete any potentially classified material that has been accidentally collected during anti-malware research.
  • The investigation did not reveal any other similar incidents in 2015, 2016 or 2017.
  • To date, no other third-party intrusion aside from Duqu 2.0 has been detected in Kaspersky Lab’s networks.


The Mokes Backdoor & Other New Findings

Kaspersky Lab continued their investigation, issuing a new report that confirmed their initial findings above. It also provided additional insight into the analysis of the telemetry of suspicious activities registered on that NSA employee’s computer that was sent to their servers.

One of the major discoveries was the detection of the Mokes backdoor in that NSA employee’s computer. The Mokes backdoor is a malware that allows the hacker to remotely access the computer.

Curious Mokes backdoor background

It is publicly known that the Mokes backdoor (also known as “Smoke Bot” or “Smoke Loader”) appeared on Russian underground forums as it was made available for purchase in 2014. Kaspersky Lab research shows that, during the period of September to November 2014, the command and control servers of this malware were registered to presumably a Chinese entity going by the name “Zhou Lou”.

[adrotate group=”2″]

Moreover, deeper analysis of Kaspersky Lab telemetry showed that the Mokes backdoor may not have been the only malware infecting the PC in question at the time of the incident as other illegal activation tools and keygens were detected on the same machine.

More non-Equation malware

Over a period of two months, the product reported alarms on 121 items of non-Equation malware: backdoors, exploits, Trojans and AdWare. All of these alerts, combined with the limited amount of available telemetry, means that while Kaspersky Lab can confirm that their product spotted the threats, it is impossible to determine if they were executing during the period the product was disabled.


Kaspersky Lab’s Conclusions

Their current investigations conclude thus far that :

  • The Kaspersky Lab software performed as expected and notified our analysts of alerts on signatures written to detect Equation APT group malware that was already under investigation for six months. All of this in accordance with the description of the declared product functionality, scenarios, and legal documents which the user agreed to prior to the installation of the software.
  • What is believed to be potentially classified information was pulled back because it was contained within an archive that fired on an Equation-specific APT malware signature.
  • Beside malware, the archive also contained what appeared to be source code for Equation APT malware and four Word documents bearing classification markings. Kaspersky Lab doesn’t possess information on the content of the documents as they were deleted within days.
  • Kaspersky Lab cannot assess whether the data was “handled appropriately” (according to U.S. Government norms) since our analysts have not been trained on handling U.S. classified information, nor are they under any legal obligation to do so. The information was not shared with any third party.
  • Contrary to multiple media publications, no evidence has been found that Kaspersky Lab researchers have ever tried to issue “silent” signatures aimed at searching for documents with words like “top secret” and “classified” and other similar words.
  • The Mokes backdoor infection and potential infections of other non-Equation malware point to the possibility that user data could have been leaked to an unknown number of third-parties as a result of remote access to the computer.

Go Back To > Articles | Home


Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

How Kaspersky Lab Plans To Counter Alleged Ties To Russian Intelligence

Alleged Ties To Russian Intelligence

Kaspersky Lab can’t seem to get rid of the stigma of being a Russian company. Even after Eugene Kaspersky publicly declared that Russian President Vladimir Putin is not his friend, and offered to show his source codes to the US government, he can’t shake off the perception that he’s helping the Russian government attack Western interests.

It did not help that Israeli government hackers provided the US National Security Agency (NSA) with evidence that Russian hackers used Kaspersky Lab software to scan for American classified programs. They also found NSA hacking tools in the Kaspersky Lab network, the same tools that the NSA later confirmed were in Russian intelligence hands.

That was what led to the US General Services Administration directive to remove Kaspersky Lab from its list of approved vendors, and the US Senate to call for a government-wide ban.

There is no evidence that Kaspersky Lab itself was complicit in helping Russian intelligence scan for American classified programs, or obtain the NSA hacking tools. It is entirely possible that the Russian intelligence hackers merely exploited the same flaws in Kaspersky Lab software that the Israelis used to gain access to their network and software.

However, all these controversies have greatly undermined Kaspersky Lab’s credibility and sales worldwide.


The Kaspersky Lab Global Transparency Initiative

The Kaspersky Lab Global Transparency Initiative attempts to prove and assure their customers (and potential customers) that there are no backdoors in their software. Under this initiative, Kaspersky Lab will make their source codes, including software updates and threat detection rules, available for independent review and evaluation.

Their Global Transparency Initiative will kick off with these actions :

  1. Kaspersky Lab will offer their source codes for an independent review by Q1 2018, with similar independent reviews of their software updates and threat detection rules to follow.
  2. An independent assessment of the Kaspersky Lab development lifecycle processes, and its software and supply chain risk mitigation strategies, will begin by Q1 2018.
  3. Additional controls to govern Kaspersky Lab data processing practices, with verification by an independent party, will be developed by Q1 2018.
  4. Three Transparency Centers will be established in Asia, Europe and the US to address security issues with Kaspersky Lab partners, customers and government stakeholders. They will also serve as a facility for “trusted partners to access reviews on the company’s code, software updates and threat detection rules“. The first Transparency Center will open by 2018, with the rest by 2020.
  5. Kaspersky Lab will increase their bug bounty awards up to $100,000 for the most severe vulnerabilities found under their Coordinated Vulnerability Disclosure program by the end of 2017.

Kaspersky Lab will later announce the next phase of the Global Transparency Initiative, after engaging with their stakeholders and the cybersecurity community.


What This Does Not Address

[adrotate group=”2″]

The initial phase of the Kaspersky Lab Global Transparency Initiative will help verify, and assure their customers, that there are no backdoors in their software. However, it does not address a major concern for the US government – the fact that their data is routed through Russian Internet service providers that are subject to the Russian intelligence surveillance system called SORM (System of Operative-Investigative Measures).

Kaspersky Lab has said that customer data sent to their Russian servers are encrypted, and they do not decrypt it for the Russian government. But it would be impossible for them to prove it. Perhaps they will address this concern in the next phase of their Global Transparency Initiative.

Don’t forget to read our interview with Eugene Kaspersky on his alleged ties with Russian President Vladimir Putin and the Kremlin.

Go Back To > Articles | Home


Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!