The U.S. Government has informed the Court of Appeals that the civil forfeiture case against Megaupload and Kim Dotcom was launched as a last resort. The authorities feared that Dotcom and his colleagues would regain possession of the millions in seized assets and argue that they are properly labeled as “fugitives.”
Well over three years have passed since Megaupload was shutdown, but there is still little progress in the criminal proceedings against the operation.
The United States hopes that New Zealand will extradite Kim Dotcom and his colleagues, but the hearings have been delayed several times already.
Meanwhile, several domain names including the popular Megaupload.com and Megavideo.com remain under the control of the U.S. Government. At least, that should be the case. In reality, however, they’re now being exploited by ‘cyber criminals.’
Instead of a banner announcing that the domains names have been seized as part of a criminal investigation they now direct people to a Zero-Click adverting feed. This feed often links to malware installers and other malicious ads.
One of the many malicious “ads” the Megaupload and Megavideo domain names are serving links to a fake BBC article, suggesting people can get an iPhone 6 for only £1.
And here is another example of a malicious ad prompting visitors to update their browser.
The question that immediately comes to mind is this: How can it be that the Department of Justice is allowing the domains to be used for such nefarious purposes?
Looking at the Whois records everything seems to be in order. The domain name still lists Megaupload Limited as registrant, which is as it was before. Nothing out of the ordinary.
The nameserver PLEASEDROPTHISHOST15525.CIRFU.BIZ, on the other hand, triggers several alarm bells.
CIRFU refers to the FBI’s Cyber Initiative and Resource Fusion Unit, a specialized tech team tasked with handling online crime and scams. The unit used the CIRFU.NET domain name as nameserver for various seized domains, including the Mega ones.
Interestingly, the CIRFU.NET domain now lists “Syndk8 Media Limited” as registrant, which doesn’t appear to have any connections with the FBI. Similarly, CIRFU.BIZ is not an official CIRFU domain either and points to a server in the Netherlands hosted by LeaseWeb.
It appears that the domain which the Department of Justice (DoJ) used as nameserver is no longer in control of the Government. Perhaps it expired, or was taken over via other means.
The National Security Agency and its closest allies planned to hijack data links to Google and Samsung app stores to infect smartphones with spyware, a top-secret document reveals.
The surveillance project was launched by a joint electronic eavesdropping unit called the Network Tradecraft Advancement Team, which includes spies from each of the countries in the “Five Eyes” alliance — the United States, Canada, the United Kingdom, New Zealand and Australia.
The top-secret document, obtained from NSA whistleblower Edward Snowden, was published Wednesday by CBC News in collaboration with The Intercept. The document outlines a series of tactics that the NSA and its counterparts in the Five Eyes were working on during workshops held in Australia and Canada between November 2011 and February 2012.
The main purpose of the workshops was to find new ways to exploit smartphone technology for surveillance. The agencies used the Internet spying system XKEYSCORE to identify smartphone traffic flowing across Internet cables and then to track down smartphone connections to app marketplace servers operated by Samsung and Google. (Google declined to comment for this story. Samsung said it would not be commenting “at this time.”)
As part of a pilot project codenamed IRRITANT HORN, the agencies were developing a method to hack and hijack phone users’ connections to app stores so that they would be able to send malicious “implants” to targeted devices. The implants could then be used to collect data from the phones without their users noticing.
Previous disclosures from the Snowden files have shown agencies in the Five Eyes alliance designed spyware for iPhones and Android smartphones, enabling them to infect targeted phones and grab emails, texts, web history, call records, videos, photos and other files stored on them. But methods used by the agencies to get the spyware onto phones in the first place have remained unclear.
The newly published document shows how the agencies wanted to “exploit” app store servers — using them to launch so-called “man-in-the-middle” attacks to infect phones with the implants. A man-in-the-middle attack is a technique in which hackers place themselves between computers as they are communicating with each other; it is a tactic sometimes used by criminal hackers to defraud people. In this instance, the method would have allowed the surveillance agencies to modify the content of data packets passing between targeted smartphones and the app servers while an app was being downloaded or updated, inserting spyware that would be covertly sent to the phones.
We learned recently from Paris that the Western world is deeply and passionately committed to free expression and ready to march and fight against attempts to suppress it. That’s a really good thing, since there are all sorts of severe suppression efforts underway in the West — perpetrated not by The Terrorists but by the Western politicians claiming to fight them.
One of the most alarming examples comes, not at all surprisingly, from the U.K. government, which is currently agitating for new counterterrorism powers, “including plans for extremism disruption orders designed to restrict those trying to radicalize young people.” Here are the powers which the British Freedom Fighters and Democracy Protectors are seeking:
They would include a ban on broadcasting and a requirement to submit to the police in advance any proposed publication on the web and social media or in print. The bill will also contain plans for banning orders for extremist organisations which seek to undermine democracy or use hate speech in public places, but it will fall short of banning on the grounds of provoking hatred.
It will also contain new powers to close premises including mosques where extremists seek to influence others. The powers of the Charity Commission to root out charities that misappropriate funds towards extremism and terrorism will also be strengthened.
In essence, advocating any ideas or working for any political outcomes regarded by British politicians as “extremist” will not only be a crime, but can be physically banned in advance. Basking in his election victory, Prime Minister David Cameron unleashed this Orwellian decree to explain why new Thought Police powers are needed: “For too long, we have been a passively tolerant society, saying to our citizens ‘as long as you obey the law, we will leave you alone.’” It’s not enough for British subjects merely to “obey the law”; they must refrain from believing in or expressing ideas which Her Majesty’s Government dislikes.
New Zealand spies teamed with National Security Agency hackers to break into a data link in the country’s largest city, Auckland, as part of a secret plan to eavesdrop on Chinese diplomats, documents reveal.
The covert operation, reported Saturday by New Zealand’s Herald on Sunday in collaboration with The Intercept, highlights the contrast between New Zealand’s public and secret approaches to its relationship with China, its largest and most important trading partner.
The hacking project suggests that New Zealand’s electronic surveillance agency, Government Communications Security Bureau, or GCSB, may have violated international treaties that prohibit the interception of diplomatic communications.
New Zealand has signed both the 1961 Vienna Convention on Diplomatic Relations and the 1963 Vienna Convention on Consular Relations, international treaties that protect the “inviolability” of diplomatic correspondance. The country’s prime minister, John Key, said in a recent speech on security that New Zealand had an obligation to support the rule of law internationally, and was “known for its integrity, reliability and independence.”
Last year, Key said that New Zealand’s relationship with China, worth an estimated $15 billion in annual two-way trade, had “never been stronger.” The relationship was not just about “purely trading,” he said, “it is so much broader and much deeper than that.”
In 2013, Key described a meeting with top Chinese officials in Beijing as “extremely warm” and told of how he was viewed as a “real friend” by the country’s premier, Li Keqiang.
At the same time, as minister in charge of the GCSB, Key was overseeing spying against China – which included the top-secret planned operation in Auckland, aimed at the Chinese consulate.
The hacking project is outlined in documents obtained by The Intercept from NSA whistleblower Edward Snowden.
As Internet users demand more freedom online alongside an ability to consume media in a manner of their choosing, tools allowing them to do so are gaining in popularity.
Notable has been the rise of VPN services, which not only provide an increased level of privacy but also allow users to appear in any country they choose. This opens up a whole new world of content availability – such as better service from Netflix – often at better prices than those offered on home turf.
While popular with consumers, this behavior is frowned upon by distribution companies that spend huge sums of money on content licensing deals specific to their regions of coverage. Losing customers to overseas providers isn’t part of their plan and now some are doing something about it.
Earlier this month media companies SKY, TVNZ, Lightbox and MediaWorks told several Kiwi ISPs that if they don’t stop providing VPN services to their subscribers, legal trouble would be on the horizon.
Within days one of their targets, Unlimited Internet, pulled its VPN service after receiving a letter from a lawfirm claiming breaches of the Copyright Act. However, CallPlus and Bypass Network Services have no intention of caving in to the media giants’ demands.
“To receive without warning a grossly threatening legal letter like that from four of the largest companies in New Zealand is not something we are used to,” wrote Bypass CEO Patrick Jordan-Smith in a letter to the media companies.
“It smacks of bullying to be honest, especially since your letter doesn’t actually say why you think we are breaching copyright.”
Pulling no punches and describing his adversaries as a “gang”, Jordan-Smith likens the threats to those employed by copyright trolls in the United States.
“Your letter gets pretty close to the speculative invoicing type letters that lawyers for copyright owners sometimes send in the US ‘pay up or shutdown or else were are going to sue you’! Not fair,” he writes.
“We have been providing the Global Mode facility for 2 years. In all that time, none of your Big Media Gang have ever written to us. We assumed they were OK with Global Mode and we continued to spend money innovating the facility and providing innovative NZ ISPs with a service that their customers were telling them they wanted – a service that lets people pay for content rather than pirate it.”
The response from Bypass hasn’t been well received by the media companies who now say they will carry through with their threats to sue over breaches of copyright.
“Our position has not changed and unless they remove the unlawful service we will begin court action in the next few days,” says TVNZ chief executive, Kevin Kenrick.
“Each of our businesses invests significant sums of money into the rights to screen content sourced legitimately from the creators and owners of that copyrighted material. This is being undermined by the companies who profit from promoting illegitimate ways to access that content.”
Claiming that the action is aimed at defending the value of content rights in the digital world, Kenrick says that the legal action is not consumer focused.
“This is not about taking action against individual consumers or restricting choice, indeed each of our businesses are investing heavily in more choice so New Zealanders can have legitimate access to the latest TV shows and movies,” the CEO concludes.
While the commercial position of the TVNZ chief is understandable, his claim that this legal action isn’t aimed at reducing choice simply doesn’t stack up. Kiwis using Netflix locally get access to around 220 TV series and 900 movies, while those using a VPN to tunnel into the United States enjoy around 940 TV series and 6,170 movies, something which Bypass Networks believes is completely legal.
“[We provide our service] on our understanding that geo-unblocking to allow people to digitally import content purchased overseas is perfectly legal. If you say it is not, then we are going to need a lot more detail from you to understand why,” Jordan-Smith informs his adversaries.
“Simply sending us a threatening letter, as frightening as that may be, does not get us there and is not a fair reason for us to shut down our whole business.”
While VPN services have always been associated with privacy, in recent years they have bloomed into tools providing much more than a simple way to stay cloaked online.
For a relatively small fee, users of the most popular VPN services can tunnel out of their country of origin and reappear in any one of dozens of countries around the world. This opens up a whole new world of media consumption opportunities.
Citizens of the United States, for example, can access BBC iPlayer just like any other Brit might, while those in the UK looking to sample the widest possible Netflix offering can easily tunnel right back into the U.S.
This cross-border content consumption is not popular with entertainment companies and distributors. It not only undermines their ability to set prices on a per-region basis, but also drives a truck through hard-negotiated licensing agreements.
Tired of dealing with ISPs including Slingshot who offer a dedicated ‘global mode‘ VPN service for customers, last week media companies in New Zealand ran out of patience.
“We pay considerable amounts of money for content rights, particularly exclusive content rights. These rights are being knowingly and illegally impinged, which is a significant issue that may ultimately need to be resolved in court in order to provide future clarity for all parties involved,” Lightbox, MediaWorks, SKY, and TVNZ said in a joint statement.
“This is not about taking action against consumers; this is a business-to-business issue and is about creating a fair playing field.”
Before being granted limited local access to Netflix just last month, Kiwis were required to level their own playing fields by paying for a VPN service and an account at an overseas supplier in order to legally obtain a decent range of premium content. However, the media companies now want to bring an end to that free choice via legal action. Today they claimed their first scalp.
This morning Unlimited Internet became the first ISP to respond to media company pressure by pulling its geo-unblocking service known as “TV VPN” after receiving a warning letter from a lawfirm.
The letter, which has been sent out to several local ISPs, informs Unlimited Internet that its VPN service infringes the Copyright Act of 1994.
Unlimited Internet director Ben Simpson says that while his company doesn’t necessarily agree with that assertion, it has taken down the service nonetheless.
“Geo-unblocking services are a direct result of consumer demand for access to content that is not made available to the New Zealand market,” Simpson says.
“To be on the safe side, we have taken legal advice on this matter and I have made a firm call that we will sit on the sideline until a legal precedent has been set.”
New Zealand’s spy agency watchdog is launching an investigation into the scope of the country’s secret surveillance operations following a series of reports from The Intercept and its partners.
On Thursday, Cheryl Gwyn, New Zealand’s inspector-general of intelligence and security, announced that she would be opening an inquiry after receiving complaints about spying being conducted in the South Pacific by eavesdropping agency Government Communications Security Bureau, or GCSB.
In a press release, Gwyn’s office said: “The complaints follow recent public allegations about GCSB activities. The complaints, and these public allegations, raise wider questions regarding the collection, retention and sharing of communications data.”
This month, The Intercept has shined a light on the GCSB’s surveillance with investigative reports produced in partnership with the New Zealand Herald, Herald on Sunday, and Sunday-Star-Times.
The reports, based on information from National Security Agency whistleblower Edward Snowden and other sources, have revealed how the GCSB has been intercepting communications in bulk across a variety of neighboring South Pacific islands, raising concerns that New Zealand citizens’ emails and phone calls are being swept up in the dragnet.
The reports have also shown how the GCSB is funneling data into the NSA’s XKEYSCORE internet surveillance system from a surveillance base in the Waihopai Valley and is spying on about 20 countries across the world, predominantly in the Asia-Pacific region, including major trading partners such as Japan, Vietnam and China. The most recent stories have revealed that GCSB used XKEYSCORE to spy on emails about candidates vying to be the director general of the World Trade Organization and target top government officials and an anti-corruption campaigner in the Solomon Islands.
Following the disclosures, several of New Zealand’s opposition political leaders have criticized the surveillance and filed complaints with Gwyn, the inspector-general of intelligence and security.
In her statement on Thursday announcing the initiation of an inquiry, Gwyn said she would be conducting “a focused review of a particular area of GCSB or New Zealand Security Intelligence Service practice.”
She added: “I have today notified the acting director of the GCSB of my inquiry and of my intention in this inquiry to provide as much information to the public on my findings as I can, withholding only that information that cannot be disclosed without endangering national security. The director has assured me of the Bureau’s full co-operation.”
John Key, New Zealand’s prime minister, last year claimed that “there has never been any mass surveillance and New Zealand has not gathered mass information and provided it to international agencies.”
However, after The Intercept’s recent reports, former GCSB chief Bruce Ferguson admitted that the agency had been engaged in “mass collection” of data and said it was “mission impossible” to eliminate New Zealand citizens’ communications from being vacuumed up.
Responding to the news about the inspector general’s inquiry on Thursday, Prime Minister Key told the media he was “not fearful in the slightest” about its findings.
“That’s the reason we beefed up the inspector-general and, in fact, we’ve been talking to her,” Key said. “We’ve got absolutely no concerns about it.”
This also ensures that Dotcom won’t have money to defend himself…
Following the 2012 raid on Megaupload and Kim Dotcom, U.S. and New Zealand authorities seized millions of dollars in cash and other property.
Claiming the assets were obtained through copyright and money laundering crimes, last July the U.S. government launched a separate civil action in which it asked the court to forfeit the bank accounts, cars and other seized possessions of the Megaupload defendants.
Megaupload’s defense heavily protested the request but was found to have no standing, as Dotcom and his colleagues can be seen as fugitives.
A few hours ago District Court Judge Liam O’Grady ordered a default judgment in favor of the U.S. Government. This means that the contested assets, which are worth an estimated $67 million, now belong to the United States.
“It all belongs to the U.S. government now. No trial. No due process,” Dotcom informs TF.
More than a dozen Hong Kong and New Zealand bank accounts have now been forfeited including some of the property purchased through them. The accounts all processed money that was obtained through Megaupload’s alleged illegal activities.