Author Archives: Steve McIntyre

Arrest of the “Lurk” Banking Trojan Gang

On June 2, 2016, in a major police operation in Russia, 50 hackers from the Lurk banking trojan gang were arrested following 86 raids (Security Week here). Their malware was used for bank fraud (especially in Russia) and ransomware all over the world. The full extent of their activities became clear only after their arrest. In […]

US East Coast Sea Level Rise: An Adjustocene Hockey Stick

In 2011, Andy Revkin wrote an article (archive) entitled “Straight Talk on Rising Seas in a Warming World” (among other articles on the topic), in which he optimistically sought guidance on the topic from a then recent study of U.S. East Coast sea level coauthored by Mann (Kemp et al, 2011).  Joshua Willis told Revkin “that, […]

New Antarctic Temperature Reconstruction

Stenni et al (2017), Antarctic climate variability on regional and continental scales over the last 2000 years, was published pdf this week by Climate of the Past.  It includes (multiple variations) of a new Antarctic temperature reconstruction, in which 112 d18O and dD isotope series are combined into regional and continental reconstructions. Its abstract warns that […]

Reconciling Model-Observation Reconciliations

Two very different representations of consistency between models and observations are popularly circulated. On the one hand, John Christy and Roy Spencer have frequently shown a graphic which purports to show a marked discrepancy between models and observations in tropical mid-troposphere, while, on the other hand, Zeke Hausfather, among others, have shown graphics which purport […]

Part 2- The TV5 Monde Hack and APT28

In his attribution of the DNC hack, Dmitri Alperovitch, of Crowdstrike and the Atlantic Council, linked APT28 (Fancy Bear) to previous hacks at TV5 Monde in France and of the Bundestag in Germany: FANCY BEAR (also known as Sofacy or APT 28) is a separate Russian-based threat actor, which has been active since mid 2000s […]

From Nigerian Scams to DNC Hack Attribution – Part 1

In Crowdstrike’s original announcement that “Russia” had hacked the DNC, Dmitri Alperovitch said, on the one hand, that the “tradecraft” of the hackers was “superb” and their “operational security second none” and, on the other hand, that Crowdstrike had “immediately identified” the “sophisticated adversaries”.  In contrast, after three years of investigation of Climategate, UK counter-intelligence had […]

Guccifer 2: From January to May, 2016

Within the small community conducting technical analysis of the DNC hack, there has been ongoing controversy over whether Guccifer 2 (G2) was a false flag for the Russians, whether G2 was located in the US rather than Russia, whether the G2 files were copied locally rather than hacked, whether G2 was a false flag for […]

Guccifer 2 and “Russian” Metadata

The DHS-FBI intel assessment of the DNC hack concluded with “high confidence” that Guccifer 2 was a Russian operations, but provided (literally) zero evidence in support of their attribution.  Ever since Guccifer 2’s surprise appearance on June 15, 2016 (one day after Crowdstrike’s announcement of the DNC hack by “Russia”), there has been a widespread […]

Guccifer 2 Email Time Zone

One of the major differences between Mr FOIA and Guccifer 2 is the latter’s use of email to correspond to journalists. G2 contacted Gawker and Smoking Gun on June 15, corresponding further with Smoking Gun on June 21 and June 27. He corresponded with Vocativ on July 4-5 and with the Hill on July 11 […]

Time Zone of Guccifer 2 cf.7z

In a recent post, I observed that the majority of the emails in the Wikileaks DNC archive were sent AFTER Crowdstrike installed their anti-Russian software on May 6.  In today’s post, I’ll look at a metadata issue concerning Guccifer 2, who was, with “high confidence”, attributed by the US intel community to be Russian, supposedly […]