[dinoqqq]

It also raised my suspicion.

What I generally don't get, is that in so many hacks they state "this came from a Russina|Chinese|Iranian IP address", hinting that it came from that country probably.

Can someone in the security industry maybe elaborate if this makes sense or not?

[athrowaway3z]

As a technical problem to correlate # bytes @ time is just a very simple and you don't need a PhD to solve. Its a matter of how many measurement points on the network you have available.

Having said that. I doubt they checked and who cares where it landed? Its out.

Occam's Razor on doge (and the admin as a whole) points to opportunist amateurs, fraternizing on bravado & loyalty while willing to entertain treason by jumping through hoops for why it can't bother them.

Looking for deeper layers is a distraction. Nostalgic even.

I can empathize.

[nonrandomstring]

Something worth knowing is that "attribution" is extremely difficult.

Also "attribution engineering" is really quite easy and difficult to see through.

Often the purpose of a hack is not to exfiltrate data or sabotage systems but is exactly to direct blame (or sometimes distract/misdirect)

Indeed in vault 5 of Snowden's NSA leaks an "attribution engineering toolkit" was a interesting find. Malware is almost always engineered to throw forensic investigators off the scent.

That all said, I think this incident happening in US gov, in the current climate, without immediate urgent investigation is scandalous and in itself an indicator of deeper and very serious skulduggery.

[hsbauauvhabzb]

Not really. I am not a doge supporter, but if was and I wanted to troll the left, I would route traffic through a rented vps with a Russian IP.

It’s possible to route traffic such that assuming the crypto is perfect, the actual vps is not able to decrypt data.

I also think that it I were a doge member and _wanted_ to leak data to Russia, this is the exact opposite of how I’d go about doing it.

[SketchySeaBeast]

We're firmly in the realm of 1984-type arguments: "The Party told you to reject the evidence of your eyes and ears".

It makes me sick we're even considering "trolling" as a motivation here but, given that we are, it's clear we're at the level of stupid that they would brazenly leak data to Russia. These people are not the best, they are not the brightest, and there's no reason to assume they are playing 4D chess when checkers is working for them.

[hsbauauvhabzb]

That’s a naïve assumption that underestimates the capability of a party you clearly disagree and/or think poorly of. I’m not saying it’s happening, but I think it’s not an impossible scenario.

You really think DOGE as a whole couldn’t muster up the ability to route traffic via Russia? The engineers on the floor need to follow a relatively straightforward playbook.

[SketchySeaBeast]

Could they do it? Sure, it's not an impossible scenario, but what would be the reason for it outside of "trolling"? Both Occam's and Hanlon's razor fit easily here.

[hsbauauvhabzb]

I think it’s reasonable to assume that a substantial portion of doge employees have roots in /pol/ which itself has roots in /b/. Elon literally carried a sink into Twitter on his first day, I’m sure there’s plenty of similar antics elsewhere.

[freen]

Why go through the effort of sneaking in the back door if the front is wide open?

[const_cast]

This administration is almost blatantly pro-Russia. I don't think there's any need for a leak, you can just... be on their side. I mean, that's what the literal president does and no America-loving cowboys seem to care.