Press "Enter" to skip to content

DOJ Press Release Bears Questions: Did FBI/DOJ Search 200,000 U.S. and 700,000 Worldwide Computers Without A Warrant, What Really Happened and Why?

A Department of Justice press release from 29 Aug 23 indicates that the DOJ and FBI accessed, possibly searched and then altered [removed] contents from 200,000 U.S. and 700,000 worldwide computers: Qakbot Malware Disrupted in International Cyber Takedown. Examination of the facts and circumstances bears the question of whether or not DOJ/FBI violated protected rights of U.S. computer owners.

Moreover, the analysis bears further questions about intent, design, false flag operations and cover-up operations that appear to be the norm in AG Merrick Garland’s DOJ.

From the DOJ press release [emphasis added],

The Justice Department today announced a multinational operation involving actions in the United States, France, Germany, the Netherlands, the United Kingdom, Romania, and Latvia to disrupt the botnet and malware known as Qakbot and take down its infrastructure. The Qakbot malicious code is being deleted from victim computers, preventing it from doing any more harm. The Department also announced the seizure of approximately $8.6 million in cryptocurrency in illicit profits.

The action represents the largest U.S.-led financial and technical disruption of a botnet infrastructure leveraged by cybercriminals to commit ransomware, financial fraud, and other cyber-enabled criminal activity.

The Qakbot malware primarily infects victim computers through spam email messages containing malicious attachments or hyperlinks. Once it has infected a victim computer, Qakbot can deliver additional malware, including ransomware, to the infected computer. Qakbot has been used as an initial means of infection by many prolific ransomware groups in recent years, including Conti, ProLock, Egregor, REvil, MegaCortex, and Black Basta. The ransomware actors then extort their victims, seeking ransom payments in bitcoin before returning access to the victim computer networks. These ransomware groups have caused significant harm to businesses, healthcare providers, and government agencies all over the world.

Does installing an uninstaller that causes a computer to search and locate the malware it’s being instructed to purge constitute an illegal search without a warrant and does it require advance advisement and consent?

How likely is it that Qakbot is actually a product of or threaded back to the western intelligence community?

Did you know that Quakbot emerged on the same timeline as the western intelligence community’s introduction of its U.S. point man, Barack Obama?

Does Quakbot comport as a tool for asymmetrical, irregular and undeclared warfare?

If DOJ/FBI cared to target specific individuals and subjects, could it take steps to deliberately infect a subject’s computer with Qakbot to drag it into the broader “operation” where it’s obfuscated by hundreds of thousands to millions of others?

Given that Qakbot is destabilizing and has utilitarian value in it the areas of world government and healthcare [a fraudulent “pandemic” was used to overthrow a sitting U.S. President and his administration], one good way to cover ones tracks for accessing and infiltrating the computers of subjects and tactical targets is to appear as a criminal and conduct the work under the guise of criminality.

The victim computers infected with Qakbot malware are part of a botnet, which is a network of compromised computers, meaning the perpetrators can remotely control all the infected computers in a coordinated manner. The owners and operators of the victim computers are typically unaware of the infection.

Do you see the utilitarian value in remote control as applied to unwitting victims?

Consider Qakbot’s utilitarian value according to Microsoft:Multiple Qakbot campaigns that are active at any given time prove that the decade-old malware continues to be many attackers’ tool of choice, a customizable chameleon that adapts to suit the needs of the multiple threat actor groups that utilize it. Since emerging in 2007 as a banking Trojan, Qakbot has evolved into a multi-purpose malware that provides attackers with a wide range of capabilities: performing reconnaissance and lateral movement, gathering and exfiltrating data, or delivering other payloads on affected devices.

*The Microsoft source above is highly informative.

The utilitarian value is patently obvious and it opens the door to all sorts of useful angles for people with unlimited resources and capabilities.

As part of the takedown, the FBI was able to gain access to Qakbot infrastructure and identify over 700,000 computers worldwide, including more than 200,000 in the United States, that appear to have been infected with Qakbot. To disrupt the botnet, the FBI was able to redirect Qakbot botnet traffic to and through servers controlled by the FBI, which in turn instructed infected computers in the United States and elsewhere to download a file created by law enforcement that would uninstall the Qakbot malware. This uninstaller was designed to untether the victim computer from the Qakbot botnet, preventing further installation of malware through Qakbot.

I encourage you to re-read that paragraph.

The DOJ/FBI captured the network of 200,000 U.S. computers to “redirect” [root work being “direct” or to order or command] them to a domain under its total control.

From there, DOJ/FBI “instructed” [or directed, ordered or commanded] the computers to “download a file created by law enforcement that would uninstall the Qakbot malware.”

Were the computer owners who the DOJ said didn’t know they were victims of this crime notified of DOJ/FBI actions in advance?

Did DOJ/FBI circumvent Constitutional protections by sidestepping across a bridge to its subjects and targets with authority on warrants pertaining to the operators of Qakbot but not the subjects and targets themselves?

Did you note the tense and use of verbiage because it’s discreet and purposeful: “that would uninstall” and “the uninstaller was designed to”?

Neither phrases above tell what the uninstaller actually did, rather it’s a description of what it should do.

The following is also purposeful but not so discreet as DOJ moved directly to its disclaimer, which bears the next set of questions:

The scope of this law enforcement action was limited to information installed on the victim computers by the Qakbot actors. It did not extend to remediating other malware already installed on the victim computers and did not involve access to or modification of the information of the owners and users of the infected computers.

Does it seem logical that DOJ/FBI and its long and recent history of entrapment operations [Mar-a-Lago and the Capitol “insurrection”] would operate under the guise of third party criminality to remotely control the computers of its subjects and targets where it did exactly what it said it wasn’t doing in its disclaimer?

Did you note the utilitarian value found in Qakbot’s email exfiltration capabilities?

Is it reasonable to overlay the timing of the DOJ/FBI Quakbot developments with the timing of revelations about Joe Biden’s use of no fewer than 3 email pseudonyms to apparently engage in criminality related to private equity deals in energy and perhaps other illicit purposes?

Could a DOJ/FBI upload also function to identify and purge emails sent by or to other particular email accounts?

In at least 5,400 emails and during his tenure as Vice President, Joe Biden communicated as, and[Source]

That’s patented behavior for a criminal not the Vice President of an administration touting “transparency.”

Is it possible that DOJ/FBI redirected a portion of the 200,000 U.S. and 700,000 worldwide computers in order to engage in clean-up operations on the Biden email scandal?

I don’t know the answers to those questions other than saying they need to be asked and, “If the shoe fits…”

Valuable technical assistance was provided by Zscaler. The FBI has partnered with the Cybersecurity and Infrastructure Security Agency, Shadowserver, Microsoft Digital Crimes Unit, the National Cyber Forensics and Training Alliance, and Have I Been Pwned to aid in victim notification and remediation.

Did you note the presence of CISA, which I’ve analyzed in no fewer than 11 articles relative to the stolen 2020 election?

Does Zscaler’s “valuable technical assistance” amount to compartmentalizing the culpability for illegal actions into a private third party container knowing full well that DOJ/FBI can’t do what it has likely done?

Let’s take a look at Zscaler and its “valuable technical assistance”:


Note how Zscaler’s major holders break down as we take a look at who really helped DOJ/FBI in its Qakbot operation:

*Yahoo Finance

Private equity is the context for international corruption and money laundering and specifically, in energy [I took that exclusive position years ago delineating it all in this 01 Jun 21 piece: Follow the Money.]

This is especially so for Joe Biden – I’ve followed him all over the globe in this way.

In his criminality, Biden used fictitious email pseudonyms in the context of energy and private equity.

At the heart of all private equity are BlackRock and Vanguard; they literally own everything and Vanguard is private, so you can’t find out much about it.

And the DOJ felt it would be best to let a BlackRock and Vanguard owned entity that specializes in cyber security to hijack 200,000 U.S. and 700,000 worldwide computers that were vulnerable to email exfiltration just to be helpful.

And DOJ/FBI apparently did this to individuals who were unwitting about being victims of both Qakbot and the DOJ/FBI.

The FBI Los Angeles Field Office, the U.S. Attorney’s Office for the Central District of California, and the Criminal Division’s Computer Crime and Intellectual Property Section (CCIPS) conducted the operation in close cooperation with Eurojust.

Note the “close cooperation with Eurojust.”

In three articles, I recently identified Eurojust as a component to the massive global money laundering operation that fully enmeshes the Bidens and that is Ukraine:

1-INTERNATIONAL COVER-UP: AG Garland Visits The Hague for Opening of ‘International Centre for the Prosecution of the Crime of Aggression against Ukraine,’ Signals Cover-up of Global Ukrainian Money Laundering Operation
2-INTERNATIONAL COVER-UP: DOJ’s ‘War Crimes Accountability Team’ and ICPA to Veil Biden’s Biowarfare, Money Laundering, Fraud and Worse
3-Unvarnished Political Projection Makes Remarkable Merrick Garland Speech A Massive Biden Administration Confession.

It’s not by mistake that Eurojust is involved here with its “close cooperation” because these events could be an extension of the broader cover-up operations that Eurojust is already engaged in relative to Biden in Ukraine.

Otherwise and in the aggregate, we’re just left with thousands of sourced and cited coincidences that occur redundantly over time.

It appears DOJ/FBI ran its Qakbot operation at a peculiar time relative to Joe Biden’s criminality and simultaneously the ongoing targeting of Biden’s political opposition by the same DOJ/FBI.

It appears DOJ/FBI may have circumvented Constitutional protections in its interface with the computers of private citizens.

It appears that DOJ/FBI compartmentalized the actions of its operation into a third party container in Zscaler.

It appears there may be ulterior explanations to the design and execution of this DOJ/FBI operation as comporting with Garland’s brand of two-tiered justice.

In closing, it’s important to note that the positions here are not backed by anything other than the lens and analysis of the DOJ press release as supported by some cursory background research and existing analysis.

So, yes, the shoe fits and comfortably so, but that’s as far as it goes for now.


One Comment

Leave a ReplyCancel reply