NEW: the US is seeking extradition of an Israeli private spy over sprawling hack & leak operations against 🇺🇸American nonprofits.
Let me tell you a story... 
Amit Forlit's alleged customer: a US lobbying firm named DCI Group...representing oil & gas giant ExxonMobil.
IT BEGINS
The criminal case was triggered back in 2018, when US-based nonprofits targeted by hackers whom we'd been working with requested that we notify the authorities.
We'd found an absolute raft of targeting and attributed the fingers-on-keyboards to an Indian hack-for-hire operation.
THE TARGETS
Targets ranged from environmental orgs to net neutrality advocates , everyone that asked questions about massive financial fraud by payment processor WireCard & so many more.
Our friends at EFF also spotted the phishing against net neutrality orgs & reported on it, we later attributed it to the Indian group.
TIME TO NAME & SHAME
We published alongside Reuters, naming the Indian group (BellTrox) back in 2020. 
TWO ISRAELI PRIVATE SPIES...
Fast forward to today's efforts to extradite Amit Forlit, who was arrested at Heathrow last year.
He's actually the *second Israeli private investigator* charged in this massive hacking scheme.
The first, Aviram Azari, was arrested in 2019 on his way to Disney World, convicted & is serving out his sentence. 
The US accuses Forlit of serving as a go-between for Indian hack-for-hire groups.. and a global client list. 
The US doesn't name the lobbying firm or the big oil and gas company in their filing.....but Forlit's own lawyer helpfully filled in the details, as reported by Reuters. 
THE SCHEME
The operation targeting environmental groups is pretty wild, and when we timelined phishing attempts against their advocacy strategies. The targeting was smart & super-aware of relationships between the targets. 
When hacking is corporate, they make memos.
And email about them.
"Why the *** was he sending e mails what a dumb arse"
Epic line: The kind of message that prosecutors of...
TAKEAWAY
Today, many legal fights, including attacks on nonprofits & civil liberties groups, have a secret undercurrent of hacking-for-hire. 
The powerful interests that commission the hacking & benefit from the often-manipulated 'leaks' escape consequences.
But if you are around these issues, you may get targeted too.
This case goes further up the chain than any before. We'll see just how high, but it is great to see some consequence brought to this shady ecosystem.
I'll keep folks here updated.
Reading list:
Our Citizen lab investigation:https://citizenlab.ca/2020/06/dark-basin-uncovering-a-massive-hack-for-hire-operation/
EFF report on targeting of net neutrality orgs: https://www.eff.org/deeplinks/2017/09/phish-future
Report on Forlit hearing: https://www.reuters.com/world/israeli-private-eye-wanted-us-over-alleged-hacking-exxon-lobbyist-lawyer-says-2025-01-22/
Aviram conviction story: https://www.reuters.com/technology/cybersecurity/israeli-private-detective-sentenced-us-6-23-years-hacker-for-hire-scheme-2023-11-16/
Today, many legal fights, including attacks on nonprofits, have a secret undercurrent of hacking.
Working to convert it to run on seed oil.
I just got zaps for the first time last night 😉
Wait, people can support me in real value, not just magic internet points that are revokable without notice?
Zaps just blew my mind.
Europe is preparing for another assault on encryption.
having spent some time unscientifically but persistently comparing LLM censorship in response to the same prompts with CN and US models I'd say that some CN models I've explored have galaxies of off limits outputs. however they are different. so you need to ask the kinds of questions that get these answers. Which means you need to focus on censored themes in China. Like the five poisons...
We need #encryption backdoors to 'enforce' democracy says Europol chief.
Says anonymity "not a fundamental right"
I disagree.
#Anonymity is part of the bedrock of protecting healthy dissent.
Forcing total government access to private communications lays the technical groundwork for undermining democracy.
But here we are. It's a new year, so cops & governments are taking fresh swings at encryption.
Only the scare tactics change.
Welcome to a new, cynical chapter in the fight to protect privacy.
Demanding them... when the worst recent national security breaches in the US happened... when #China hacked government-mandated backdoors... is also absurd.
There's every reason to believe something similar may have happened in #Europe , we just don't know it yet.
Shortsighted and cynical stuff.
Story: https://www.ft.com/content/1e6a600d-8620-4ed6-a4cd-5c454d6247ba
Heard about a big breach over at Volkswagen?
Here's whats going on. Every major car company collects your driving data. And everything I've learned about this subject makes me want to go into the dash and start pulling wires out.
100% of car companies collect unnecessary data
84% share/sell it
92% provide insufficient control over data.
(Data: Mozilla Foundation investigation)
Most pour it into the shady data-broker ecosystem.
Where it goes to god-knows who. And represents a really exciting stream of surveillance data for governments and everybody else.
Most also turn it over to governments.
And insurance companies.
We got here because, in search of new revenue streams, these car mfrs turned to mining owners for movement data.
Their disrespect for your #privacy is a through-line, and is reflected in just how sloppy they can be about protecting it.
Unsecured AWS? Ugh. But this is just the tip of the iceberg.
This massive data exposure happens to be Volkswagen, but the story tracks for every major car company.
When companies do offer some sort of opt-out... your car might break. Or so they warn you.
We are still in earliest days of people investigating and pointing this out, but things are bound to get worse with electronic vehicles.
Reading list:
Mozilla Foundation's key investigation: https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/
CSO Oline report on VW:
Nissan breach report:
NEW: #China gov hackers breached #TreasuryDept
Not a ton of clarity on what was taken yet.
Sounds like it went like this:
STEP 1:Targeted Treasury security vendor #BeyondTrust
STEP 2: Stole BT's key for support platform
STEP3: tech support platform becomes backdoor on #Treasury machines
Ouch.
Analogy-ish: burglar breaks into plumber's office & steals master keys to the buildings they service...
Given BeyondTrust's big client list, presumably with many juicy targets for the #PRC it makes you wonder who else may have been targeted.
Talented reporting crew of Raphael Satter & AJ Vicens point to a recent posting by BeyondTrust about an incident that identified a series of vulnerabilities in their remote support tools.
Sure sounds like this is it...
Tom Hegel rightly points out the longstanding pattern of hackers from #China targeting trusted 3rd party platforms (hello cybersecurity, identity & authentication vendors!) to go after big targets.
Pulling back a bit, this is a good reminder that #cybersecurity for most institutions today is heavy with services from 3rd party vendors.
Which means a complex layer of threat for defenders who also have to worry about the first order problems the #infosec vendor products seek to address...
Good times for the gov-backed #hacker class.
Beyond Trust: https://www.beyondtrust.com/remote-support-saas-service-security-investigation
VPN advertising is the most common source of security misinformation I encounter.
The industry is a scourge.
Hello, world.