Karim

#-- A mail that caught my interest, feel i should bring to you lulztice :D --#

FOR THE LULZ OF IT! - These dude have got FBI & DOD written on the wallpaper!


###----MAIL STARTS HERE-----###

from: jsbardin@hotmail.com

subject: malware activity

to: khijazi@unveillance.com

4/8/2011 4:57 PM

Karim,

If possible, can you provide a screen shot of malware activity making it's way out of Libya by IP? I will make sure there is attribution for Unveillance and yourself. The document will go to staffers at the White House pre the below thread.

Regards,
Jeff


To: jbardin@treadstone71.com
Subject: [projectcyberdawn] Final stages of Project
Date: Fri, 8 Apr 2011 05:57:10 -0700

~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=

Team,

I had dinner with some DOD folks and White House staff members last night and I had the opportunity to talk about the work we are doing with Project Cyber Dawn. Our final report will make it to the White House. So I would like to update everybody on what I have been working on and some of the things we have to get done!


I have been editing the report and organizing the data you have posted and the data some of you send me through email. Also I have been capturing some snapshots of our data on the Palantir portal. We will have 2 versions of this report, one version is the public version with certain information omitted or blacked out, the other version will contain more attribution and it is the version going to federal agencies, COCOMS White House, etc...It is important to remember that no data from this project can be shared or posted unless through CSFI.


We are approaching the final phases of our project and I need the following:

We need to cover the topic “Vulnerabilities within Libyan SCADA Systems”. Joel, can you lead this one? The idea is to map out Libya’s Oil companies and their SCADA system’s vulnerabilities. We need to get technical here and also have an executive version. This is critical and we need this done as soon as possible.


The topic “Malicious Code Activity in Libya” needs to be done. I believe Kevin is leading this one, but of course everybody can help.


Amr is working on a Google map showing how some government websites are being hosted in the US, by mapping that out physically. This will important because of the visual aspect.

We already have identified the main hacking groups in Libya and their supporters, however, we need to do some more digging to try to get some more information on these actors, I noticed that our data on Palantir show some of these groups as Threats and some others as criminal organizations, what criteria did we use to categorize these individuals? Can we get email addresses for all of them? These are some of the questions we will be asked.


I need to know who will like to have their names on the report, I need your full name, certifications if you have any and company association (not necessary, it’s your choice)

Let’s keep up the good work everybody. We’re almost there!


Thank you for your hard work!

Paul


-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
jbardin@treadstone71.com  -  www.treadstone71.com  -  twitter.com/jsbardin  -  http://blogs.csoonline.com/blog/jeff_bardin http://www.youtube.com/user/Infosecaware?feature=mhum

The information in this electronic mail message is confidential and may be legally privileged.  It is intended solely for the addressee.  Access to this Internet electronic mail message by anyone else is unauthorized.  If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful.