71,000 leaked emails are in the link below. Since corporate media isn't covering the story, laymen are making discoveries that are making big waves on the internet. The emails are all searchable. I got about half way through the results for "doj" (Department of Justice!), and had to stop. If you have some spare time check it out. Break some news! http://search.hbgary.anonleaks.ch/
Search for emails from Aaron to Sandy and vice-versa. Not only is his career now wrecked it is obvious he was not doing to much better at home either. For a guy with an ego the size of Texas he didn't have a lot of 'wins' recently. I'm kinda feeling bad for him now. However, it does better explain his reckless disregard at work a little better. His company, HB Gary Federal, was also running out of cash by the end of 2010. This is why they were so desperate to win the BoA and Chamber work with Hutton and Williams at all costs. Unfortunately, just before he was nuked by Anonymous they were also in talks to sell the company with two bidders interested. Very bad timing indeed for this to happen. It almost as if he subconsciously wrecked his life by doing all this stuff at once. It would be an interesting psychological case study. I have a theory that people sometimes purposely wreck their lives subconsciously for whatever reason. You see it over and over with politicians and celebrities who seemingly have it all on the surface but are deeply unhappy even if they are viewed as being successful by others.
Need help from all ET tech people. Is this anything significant? This dude is saying he found several "hupigons" at oil giants Shell, and Baker Hughes. I looked up "hupigon" and it's a secret, backdoor entry into a computer system. What's going on here? HBGary Email Viewer greg@hbgary.com Original file: 26865 click here to show this e-mail with HTML markup From: <Shane_Shook@McAfee.com> To: <greg@hbgary.com> Date: Thu, 27 Jan 2011 17:53:02 -0800 Subject: Sandpit click here to show full headers Full headers ----- delivered-to: greg@hbgary.com received: Array return-path: <Shane_Shook@mcafee.com> received-spf: pass (google.com: domain of Shane_Shook@mcafee.com designates 67.97.80.206 as permitted sender) client-ip=67.97.80.206; authentication-results: mx.google.com; spf=pass (google.com: domain of Shane_Shook@mcafee.com designates 67.97.80.206 as permitted sender) smtp.mail=Shane_Shook@mcafee.com from: <Shane_Shook@McAfee.com> to: <greg@hbgary.com> date: Thu, 27 Jan 2011 17:53:02 -0800 subject: Sandpit thread-topic: Sandpit thread-index: Acu+jhkvNeRf5BkPSGSL68k4orjHgw== message-id: <381262024ECB3140AF2A78460841A8F703505C1A92@AMERSNCEXMB2.corp.nai.org> accept-language: en-US content-language: en-US x-ms-has-attach: x-ms-tnef-correlator: acceptlanguage: en-US content-type: text/plain; charset="iso-8859-1" content-transfer-encoding: quoted-printable mime-version: 1.0 Attachments: This e-mail does not have any attachments. Hey Greg, not sure if Stu told you but McAfee set up a sandpit to listen for the trojan from the dyndns addresses we have registered. Ryan wrote a listener service for it. I'm transferring the 5 that I know today - cia.selfip.com, bhi.thruhere.net, bakerhughes.thruhere.net, shell.is-a-chef.com, and shell.office-on-the.net I'm really interested to learn about the gray pidgeon code you have. I've got several hupigon detections at BH and Shell and want to figure out if the are related or coincidental. On another note, we now have 3 different versions of the same C&C application (zwshell.exe). 2 of them use the same password, I haven't figured out how to enter the password in the 3rd though. While our first version is c, the others are Delphi and double the size - though the same capabilities and GUI. I can send you samples. I really wish I could find the source code for it - or a published version on the net, it looks so familiar but I can find where I've seen it before. I was thinking I'd come to your office next Friday? - Shane -------------------------- Shane D. Shook, PhD Principal IR Consultant 425.891.5281 Shane.Shook@foundstone.com