Excerpt: "How much more proof do we need that this administration is completely compromised? There is zero reason for the US to relax any offensive digital actions against Russia. If anything, we should be applying more."
Or it could be state sponsored and they didn’t think they needed to be covert as they could walk through the front door on invitation of the executive branch.
I struggle to see what Russia would gain with nlrb data, but getting caught “helping doge” furthers distrust between the two sides of our country - which is something they gain from
A list of whistleblowers at American companies who presumably don't want said companies to know the details of their work.
>furthers distrust between the two sides of our country - which is something they gain from
How?
Yeah Trump winning seems to help them in Ukraine but their need is disruption as much as different policy in the longer term.
They were accessing Github over the internet from superuser accounts they were presumably also using as their user account. Given the code quality, I doubt their opsec is put together, either.
The objective may not have been to obtain access or any useful data. The objective may have been to get the scary headlines about Russians and use the existing media and political agitprop to further destabilize the government you seek to color revolution away.
I'm not saying they didn't do that, just that it's not in line with their support for Putin and Russia. Maybe as a false flag it give Putin the cover to crack down on hacking groups that don't throat him.
Why does it increase support for AI in government?
If they're trying to exfiltrate data, they might want to rotate through IP addresses in order to obfuscate what's going on or otherwise circumvent restrictions. Using a simple ip rotator like the post talks about would maybe be an approach they'd use. If they're not careful with the IP addresses, once in a while one might get caught due to some restriction like being outside the US. It'd maybe appear as though you're getting these weird requests from Russia, but that's just because you're not logging the requests that are not being flagged from the US.
Maybe I'm reading the post incorrectly though (if so, please correct me!)
Best possible case I see would be that the whistleblower has made some mistake (or is being intentionally dishonest). Seems plausible for instance that "it appeared they had the correct username and password" based on "our no-out-of-country logins policy activating" could just be a misunderstanding of how/when the policy triggers. Not to say it's the most likely explanation, just the least concerning one.
I think less concerning than keyloggers, while still assuming the whistleblower is correct, would be that a DOGE employee was using a VPN/proxy/Tor. Probably not a great idea to have traffic going through a hostile nation state even with encryption, but less bad than keyloggers on their machines stealing and trying credentials within minutes.
Definitely concerning though, to be clear - just steelmanning/answering the question of best possible interpretation.
The alleged "Russian login attempts" were blocked by CAPs.
Russian state-sponsored actors have showned in the past that they use residential relay boxes to get around that.
If you read between the lines of the whistleblower claims, a lot of stuff doesn't add up. I especially like the conclusion that a deathnote was left on his door BEFORE he blew the whistle, and that a drone was hovering over his house.
* He could’ve gotten a death note because they suspected he might become a whistleblower, or simply because of what he knew. * This death note could have been the final straw. * Drones fly over my house all the time. If I witnessed what he did and received a death note, I may assign additional significance to it.
None of this is implausible at all.
Though with nation state actors you can't rule out Pegasus like zero-click infiltrations.
The worst possible interpretation is straightforward - they are working for the Russians as agents and let the Russians in or installed the keyloggers for Russia.