{"id":49228,"date":"2022-11-09T13:31:59","date_gmt":"2022-11-09T13:31:59","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34020\/Mysterious-Company-With-Government-Ties-Plays-Key-Internet-Role.html"},"modified":"2022-11-09T13:31:59","modified_gmt":"2022-11-09T13:31:59","slug":"mysterious-company-with-government-ties-plays-key-internet-role","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/","title":{"rendered":"Mysterious Company With Government Ties Plays Key Internet Role"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.washingtonpost.com\/wp-apps\/imrs.php?src=https:\/\/arc-anglerfish-washpost-prod-washpost.s3.amazonaws.com\/public\/I4GMEJCJZEI63AKTS3XJPMQY2I.jpg&amp;w=1440\" class=\"ff-og-image-inserted\"><\/div>\n<div class=\"wpds-c-grBDNq hide-for-print mb-sm undefined\">\n<div class=\"PJLV PJLV-iAjpuP-css flex items-center\" config=\"[object Object]\" data-qa=\"article-actions\">\n<div class=\"wpds-c-fLphcs\">\n<div class=\"wpds-c-jmLDag wpds-c-jmLDag-bywHgD-variant-primary wpds-c-jmLDag-biynoz-density-compact wpds-c-jmLDag-hZSyid-isOutline-true wpds-c-jmLDag-ejCoEP-icon-left wpds-c-jmLDag-futxca-cv wpds-c-jmLDag-iknmtxO-css\"><button aria-label=\"Comment\" class=\"PJLV PJLV-iPnDcc-css\"><svg viewBox=\"0 0 16 16\" fill=\"currentColor\" aria-hidden=\"true\" focusable=\"false\" role=\"img\" class=\"wpds-c-kKAfCG wpds-c-efqEZa focus-highlight flex items-center justify-center brad-lg pointer transition-400 ease-in-out transition-colors\" aria-label=\"Comment on this story\"><title>Comment on this story<\/title><path d=\"M14 14V2H2v9.47h8.18L12.43 13ZM3 10.52V3h10v9.23l-2.5-1.66Z\" \/><\/svg><\/button><\/p>\n<p>Comment<\/p>\n<\/div>\n<\/div>\n<div class=\"wpds-c-fLphcs\">\n<div class=\"wpds-c-jmLDag wpds-c-jmLDag-bywHgD-variant-primary wpds-c-jmLDag-biynoz-density-compact wpds-c-jmLDag-hZSyid-isOutline-true wpds-c-jmLDag-ejCoEP-icon-left wpds-c-jmLDag-futxca-cv wpds-c-jmLDag-iknmtxO-css\">\n<p>Gift<!-- --> <span class=\"PJLV PJLV-ikqOWxF-css\">Article<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"teaser-content grid-center\" readability=\"34.739273927393\">\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"36\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">An offshore company that is trusted by the major web browsers and other tech companies to vouch for the legitimacy of websites has connections to contractors for U.S. intelligence agencies and law enforcement, according to security researchers, documents and interviews.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"40\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">Google\u2019s Chrome, Apple\u2019s Safari, nonprofit Firefox and others allow the company, TrustCor Systems, to act as what\u2019s known as a root certificate authority, a powerful spot in the internet\u2019s infrastructure that guarantees websites are not fake, guiding users to them seamlessly.<\/p>\n<\/div>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"37\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">The company\u2019s Panamanian registration records show that it has the identical slate of officers, agents and partners as a spyware maker identified this year as an affiliate of Arizona-based Packet Forensics, which public contracting records and company documents show has sold communication interception services to U.S. government agencies for more than a decade.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\">\n<div class=\"cb dn db-ns\" data-qa=\"article-body-ad\">\n<div aria-hidden=\"true\" class=\"hide-for-print relative flex justify-center content-box items-center b bh mb-md mt-none pt-lg pb-lg\">\n<div data-testid=\"placeholder-box\" class=\"w-100 h-100 absolute flex flex-column justify-center border-box bg-offwhite\">\n<div class=\"flex flex-column justify-center font-sans-serif center font-xxs light gray-dark lh-md\">\n<p>Advertisement<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"31.838150289017\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">One of those TrustCor partners has the same name as a holding company managed<b> <\/b>by Raymond Saulino, who was quoted in a 2010 Wired article as <a href=\"https:\/\/www.wired.com\/2010\/03\/packet-forensics\/\" target=\"_blank\" rel=\"noopener\">a spokesman <\/a>for Packet Forensics.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"30.509734513274\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\"><a href=\"https:\/\/www.tampabay.com\/news\/military\/2021\/04\/24\/pentagon-mystery-with-a-florida-connection-is-solved-sort-of\/\" target=\"_blank\" rel=\"noopener\">Saulino also surfaced in 2021<\/a> as a contact for another company, Global Resource Systems, that caused <a href=\"https:\/\/www.washingtonpost.com\/technology\/2021\/04\/24\/pentagon-internet-address-mystery\/?itid=lk_inline_manual_9\" target=\"_blank\" rel=\"noopener\">speculation in the tech world when it briefly activated and ran<\/a> more than 100 million previously dormant IP addresses assigned decades earlier to the Pentagon. The Pentagon <a href=\"https:\/\/www.washingtonpost.com\/technology\/2021\/09\/10\/pentagon-internet-protocol-addresses-trump\/?itid=lk_inline_manual_9\" target=\"_blank\" rel=\"noopener\">reclaimed the digital territory<\/a> months later, and it remains unclear what the brief transfer was about, but researchers said the activation of those IP addresses could have given the military access to a huge amount of internet traffic without revealing that the government was receiving it.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"36\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">The Pentagon did not respond to a request for comment on TrustCor. After this story\u2019s publication, a TrustCor executive said the company had not cooperated with any government information requests or assisted with a third party\u2019s monitoring of its customers on behalf of others. Mozilla demanded more detailed answers and said it might remove TrustCor\u2019s authority.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"0\">\n<p><span class=\"font--article-body font-copy hide-for-print ma-0 pb-md db italic interstitial\"><a data-qa=\"interstitial-link\" href=\"https:\/\/www.washingtonpost.com\/technology\/2021\/04\/24\/pentagon-internet-address-mystery\/?itid=lk_interstitial_manual_11\">Minutes before Trump left office, millions of the Pentagon\u2019s dormant IP addresses sprang to life<\/a><\/span><\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"37\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">TrustCor\u2019s products include an email service that claims to be end-to-end encrypted, though experts consulted by The Washington Post said they found evidence to undermine that claim. A<b> <\/b>test version of the email service also included spyware developed by a Panamanian company related to Packet Forensics, researchers said.<b> <\/b>Google later banned all software containing that spyware code from its app store.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\">\n<div class=\"cb dn db-ns\" data-qa=\"article-body-ad\">\n<div aria-hidden=\"true\" class=\"hide-for-print relative flex justify-center content-box items-center b bh mb-md mt-none pt-lg pb-lg\">\n<div data-testid=\"placeholder-box\" class=\"w-100 h-100 absolute flex flex-column justify-center border-box bg-offwhite\">\n<div class=\"flex flex-column justify-center font-sans-serif center font-xxs light gray-dark lh-md\">\n<p>Advertisement<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"36\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">A person familiar with Packet Forensics\u2019 work confirmed that it had used TrustCor\u2019s certificate process and its email service, MsgSafe, to intercept communications and help the U.S. government catch suspected terrorists.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"36\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">\u201cYes, Packet Forensics does that,\u201d the person said, speaking on the condition of anonymity to discuss confidential practices.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"33\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">Packet Forensics counsel Kathryn Tremel said the company has no business relationship with TrustCor. She declined to say whether it had had one previously.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"33\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">The latest discovery shows how the technological and business complexities of the internet\u2019s inner workings can be leveraged to an extent that is rarely revealed.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"34\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">Concerns about root certificate authorities, though, have come up before.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"34.828402366864\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">In 2019, a security company controlled by the government of the United Arab Emirates that had been known as DarkMatter applied to be upgraded to top-level root authority from intermediate authority with less independence. That followed <a href=\"https:\/\/www.reuters.com\/investigates\/special-report\/usa-spying-raven\/\" target=\"_blank\" rel=\"noopener\">revelations <\/a>about DarkMatter hacking dissidents and even some Americans; Mozilla denied it root power.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\">\n<div class=\"cb dn db-ns\" data-qa=\"article-body-ad\">\n<div aria-hidden=\"true\" class=\"hide-for-print relative flex justify-center content-box items-center b bh mb-md mt-none pt-lg pb-lg\">\n<div data-testid=\"placeholder-box\" class=\"w-100 h-100 absolute flex flex-column justify-center border-box bg-offwhite\">\n<div class=\"flex flex-column justify-center font-sans-serif center font-xxs light gray-dark lh-md\">\n<p>Advertisement<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"29.117021276596\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">In 2015, Google <a href=\"https:\/\/thenextweb.com\/news\/google-to-drop-chinas-cnnic-root-certificate-authority-after-trust-breach\" target=\"_blank\" rel=\"noopener\">withdrew the root authority<\/a> of the China Internet Network Information Center (CNNIC) after it allowed an intermediate authority to issue fake certificates for Google sites.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"35.853820598007\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">With Packet Forensics, a paper trail led to it being identified by researchers twice this year. Mostly known for selling interception devices and tracking services to authorities, the company is four months into a $4.6 million <a href=\"https:\/\/www.usaspending.gov\/award\/CONT_AWD_HB000122C1003_9700_-NONE-_-NONE-\" target=\"_blank\" rel=\"noopener\">Pentagon contract <\/a>for \u201cdata processing, hosting and related services.\u201d<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"40\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">In the earlier spyware matter, researchers Joel Reardon of the University of Calgary and Serge Egelman of the University of California at Berkeley found that a Panamanian company, Measurement Systems, had been paying developers to include code in a variety of innocuous apps to record and transmit users\u2019 phone numbers, email addresses and exact locations. They estimated that those apps were downloaded more than 60 million times, including 10 million downloads of Muslim prayer apps.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\">\n<div class=\"cb dn db-ns\" data-qa=\"article-body-ad\">\n<div aria-hidden=\"true\" class=\"hide-for-print relative flex justify-center content-box items-center b bh mb-md mt-none pt-lg pb-lg\">\n<div data-testid=\"placeholder-box\" class=\"w-100 h-100 absolute flex flex-column justify-center border-box bg-offwhite\">\n<div class=\"flex flex-column justify-center font-sans-serif center font-xxs light gray-dark lh-md\">\n<p>Advertisement<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"38\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">Measurement Systems\u2019 website was registered by Vostrom Holdings, according to historic domain name records. Vostrom filed papers in 2007 to do business as Packet Forensics, according to Virginia state records. Measurement Systems was registered in Virginia by Saulino, according to another state filing.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"29.446428571429\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">After the researchers shared their findings, Google <a href=\"https:\/\/www.wsj.com\/articles\/apps-with-hidden-data-harvesting-software-are-banned-by-google-11649261181?page=1\" target=\"_blank\" rel=\"noopener\">booted all apps<\/a> with the spy code out of its Play app store.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"33\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">Tremel said that \u201ca company previously associated with Packet Forensics was a customer of Measurement Systems at one time\u201d but that there was no ownership stake.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"35.551601423488\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">When Reardon and Egelman looked deeper at Vostrom, they found it had registered the domain name <a href=\"http:\/\/trustcor.co\/\" target=\"_blank\" rel=\"noopener\">TrustCor.co<\/a>, which directed visitors to the main TrustCor site. TrustCor has the same president, agents and holding-company partners listed in Panamanian records as Measurement Systems.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\">\n<div class=\"cb dn db-ns\" data-qa=\"article-body-ad\">\n<div aria-hidden=\"true\" class=\"hide-for-print relative flex justify-center content-box items-center b bh mb-md mt-none pt-lg pb-lg\">\n<div data-testid=\"placeholder-box\" class=\"w-100 h-100 absolute flex flex-column justify-center border-box bg-offwhite\">\n<div class=\"flex flex-column justify-center font-sans-serif center font-xxs light gray-dark lh-md\">\n<p>Advertisement<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"39\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">A firm with the same name as one of the holding companies behind both TrustCor and Measurement Systems, Frigate Bay Holdings, filed papers to dissolve this March with the secretary of state in Wyoming,<b> <\/b>where it was formed. The papers were signed by Saulino, who listed his title as manager. He could not be reached for comment.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"37\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">TrustCor has issued more than 10,000 certificates, many of them for sites hosted with a dynamic domain name service provider called No-IP, the researchers said. That service allows websites to be hosted with constantly changing Internet Protocol addresses.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"34\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">Because root authority is so powerful, TrustCor can also give others the right to issue certificates.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"36\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">Certificates for websites are publicly viewable so that bad ones should be exposed sooner or later.<b> <\/b>There have been no reports so far that the TrustCor certificates have been used inappropriately, for example by vouching for impostor websites. The researchers speculated that the system is only used against high-value targets within short windows of time. The person familiar with Packet Forensics\u2019 operations agreed said that was in fact how it has been used.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\">\n<div class=\"cb dn db-ns\" data-qa=\"article-body-ad\">\n<div aria-hidden=\"true\" class=\"hide-for-print relative flex justify-center content-box items-center b bh mb-md mt-none pt-lg pb-lg\">\n<div data-testid=\"placeholder-box\" class=\"w-100 h-100 absolute flex flex-column justify-center border-box bg-offwhite\">\n<div class=\"flex flex-column justify-center font-sans-serif center font-xxs light gray-dark lh-md\">\n<p>Advertisement<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"36\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">\u201cThey have this position of ultimate trust, where they can issue encryption keys for any arbitrary website and any email address,\u201d Egelman said. \u201cIt\u2019s scary this is being done by some shady private company.\u201d<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"37\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">The leadership page of the TrustCor\u2019s website lists just two men, identified as co-founders. Though that page does not say so, one of them died months ago, and the other\u2019s LinkedIn profile says he left as chief technology officer in 2019. That man declined to comment.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"40\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">The website site lists a contact phone number in Panama, which has been disconnected, and one in Toronto, where a message had not been returned after more than a week. The email contact form on the site doesn\u2019t work. The physical address in Toronto given in its auditor\u2019s report, 371 Front St. West, houses a UPS Store mail drop.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\">\n<div class=\"cb dn db-ns\" data-qa=\"article-body-ad\">\n<div aria-hidden=\"true\" class=\"hide-for-print relative flex justify-center content-box items-center b bh mb-md mt-none pt-lg pb-lg\">\n<div data-testid=\"placeholder-box\" class=\"w-100 h-100 absolute flex flex-column justify-center border-box bg-offwhite\">\n<div class=\"flex flex-column justify-center font-sans-serif center font-xxs light gray-dark lh-md\">\n<p>Advertisement<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"37\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">TrustCor adds another layer of mystery with its outside auditing firm. Instead of using a major accounting firm that rates the safety of internet infrastructure companies, TrustCor selected one called Princeton Audit Group, which gives its address as a residential townhouse in Princeton, N.J.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"37\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">In its comments Tuesday to an email list for Mozilla developers, TrustCor executive Rachel McPherson said that her company had been the victim of complex attacks that involved the registration of companies with names similar to those of its shareholders, perhaps to help set up some sort of phishing attack. She said she would research why some of the people were listed as officers.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"35.649635036496\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">In addition to TrustCor\u2019s certificate power, the firm offers what purports to be end-to-end encrypted email, <a href=\"http:\/\/msgsafe.io\/\" target=\"_blank\" rel=\"noopener\">MsgSafe.io<\/a>. But researchers said the email is not encrypted and can be read by the company, which has pitched it to a variety of groups worried about surveillance.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\">\n<div class=\"cb dn db-ns\" data-qa=\"article-body-ad\">\n<div aria-hidden=\"true\" class=\"hide-for-print relative flex justify-center content-box items-center b bh mb-md mt-none pt-lg pb-lg\">\n<div data-testid=\"placeholder-box\" class=\"w-100 h-100 absolute flex flex-column justify-center border-box bg-offwhite\">\n<div class=\"flex flex-column justify-center font-sans-serif center font-xxs light gray-dark lh-md\">\n<p>Advertisement<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"32.875471698113\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">MsgSafe has touted its security to a variety of potential customers, including Trump supporters upset that <a href=\"https:\/\/twitter.com\/msgsafeio\/status\/1349472528364949508?s=20&amp;t=359290iMznlcrwYVdHYrTQ\">Parler had been dropped<\/a> by app stores in January 2021, and to users of encrypted mail service Tutanota who were blocked from signing on to Microsoft services.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"32.608187134503\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">\u201cCreate your free end-to-end encrypted email today with over 40 domains to choose from and are guaranteed to work with Microsoft Teams,\u201d the company <a href=\"https:\/\/twitter.com\/msgsafeio\/status\/1556707976311934976?s=20&amp;t=359290iMznlcrwYVdHYrTQ\">tweeted <\/a>in August.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"34\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">Reardon sent test messages over MsgSafe that appeared unencrypted in transmission, meaning MsgSafe could read them at will. Egelman ran the same test with the same result.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"37\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">Jon Callas, a cryptography expert at the Electronic Frontier Foundation, also tested the system at The Post\u2019s request and said that MsgSafe generated and kept the private key for his account, so that it could decrypt anything he sent.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"33\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">\u201cThe private key has to be under the person\u2019s control to be end-to-end,\u201d Callas explained.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"32\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">Packet Forensics first drew attention from privacy advocates a dozen years ago.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"35\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">In 2010, researcher Chris Soghoian attended an invite-only industry conference nicknamed the Wiretapper\u2019s Ball and obtained a Packet Forensics brochure aimed at law enforcement and intelligence agency customers.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"33\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">The brochure was for a piece of hardware to help buyers read web traffic that parties thought was secure. But it wasn\u2019t.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"37.163434903047\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">\u201cIP communication dictates the need to examine encrypted traffic at will,\u201d the brochure read, according to <a href=\"https:\/\/www.wired.com\/2010\/03\/packet-forensics\/\" target=\"_blank\" rel=\"noopener\">a report in Wired<\/a> that quoted Saulino as a Packet Forensics spokesman. \u201cYour investigative staff will collect its best evidence while users are lulled into a false sense of security afforded by web, e-mail or VOIP encryption,\u201d the brochure added.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"33\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">The brochure told customers they could use a decryption key provided by a court order or a \u201clook-alike key.\u201d<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"34\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">Researchers thought at the time that the most likely way the box was being used was with a certificate issued by an authority for money or under a court order that would guarantee the authenticity of an impostor communications site.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"32\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">They did not conclude<b> <\/b>that an entire certificate authority itself might be compromised.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"34\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">Obtaining trusted root certificate authority takes time and money for the infrastructure and for the audit that browsers require, experts say.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"32.167664670659\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">Each browser has slightly different requirements. At Mozilla\u2019s Firefox, the process takes <a href=\"https:\/\/wiki.mozilla.org\/CA\/Application_Process\" target=\"_blank\" rel=\"noopener\">two years<\/a> and includes crowdsourced and direct vetting as well as an audit.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"35\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">But all of that typically focuses on formal statements of technological steps, rather than mysteries of ownership and intent. The person familiar with Packet Forensics said the big tech companies probably were unwitting participants in the TrustCor play: \u201cMost people aren\u2019t paying attention.\u201d<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"36\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">\u201cWith enough money, you or I could become a trusted root certificate authority,\u201d said Daniel Schwalbe, vice president of technology at web data tracker DomainTools.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"33\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">Mozilla currently recognizes 169 root certificate authorities, including three from TrustCor.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"34\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">The case gives new focus to problems with that system, in which critical tech companies outsource their trust to third parties with their own agendas.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"38\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">\u201cYou can\u2019t bootstrap trust, it has to come from somewhere,\u201d Reardon said. \u201cRoot certificate authorities are the kernel of trust from which it is all built on. And it will always be shaky, because it will always involve humans, committees and decision-making.\u201d<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"34\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">Reardon and Egelman alerted Google, Mozilla and Apple to their research on TrustCor in April. They said they had heard little back until Tuesday.<\/p>\n<\/div>\n<div class=\"article-body\" data-qa=\"article-body\" readability=\"38\">\n<p data-qa=\"drop-cap-letter\" data-el=\"text\" class=\"wpds-c-cYdRxM wpds-c-cYdRxM-iPJLV-css font-copy\">After publication of this story, Mozilla gave TrustCor two weeks to respond to a series of questions, including about its relationships with Measurement Systems and Packet Forensics, the shared officers, and how the banned spyware code from Measurement Systems got into an early MsgSafe app.<\/p>\n<\/div>\n<div class=\"flex mt-md\">\n<div class=\"mb-lg-mod ml-sm\"><button class=\"inline-flex items-center justify-center lh-md overflow-hidden border-box min-w-btn transition-colors duration-200 ease-in-out font-sans-serif font-bold antialiased bg-white hover-bg-gray-lighter focus-bg-gray-lighter offblack b-solid bw bc-gray-light hover-bc-gray-light focus-bc-gray-darkest-alpha-50 gift-share hide-for-print brad-lg pl-md pr-md h-md pt-0 pb-0 pointer\" aria-haspopup=\"true\" id=\"gift-share-shortcut\" data-qa=\"gift-share-shortcut\"><\/p>\n<div class=\"flex justify-center h-100 items-center\">\n<div class=\"flex items-center mr-xs\"><svg class=\"content-box fill-current\" width=\"16\" height=\"16\" viewBox=\"0 0 16 16\" aria-hidden=\"true\" focusable=\"false\" role=\"img\"><title>GiftOutline<\/title><path d=\"M11.18 4.88l.17-.06a2 2 0 001.3-1.53 1.91 1.91 0 00-.73-1.85 2.08 2.08 0 00-1.73-.39A2 2 0 008.8 2.11L8 3.68l-.8-1.57a2 2 0 00-1.39-1.06 2.1 2.1 0 00-1.73.39 1.91 1.91 0 00-.73 1.85 2 2 0 001.3 1.53l.17.06H1v4.5h1.17V15h11.66V9.38H15v-4.5zM9.84 2.6a.87.87 0 01.6-.45.68.68 0 01.2 0 .88.88 0 01.55.19.81.81 0 01.31.79.86.86 0 01-.56.66l-2.06.74zm-5.34.51a.84.84 0 01.31-.8.93.93 0 01.55-.18.68.68 0 01.2 0 .87.87 0 01.6.45l1 1.91-2.1-.72a.86.86 0 01-.56-.66zM2.17 6h5.25v2.25H2.17zm1.16 3.38h4.09v4.5H3.33zm5.25 4.5v-4.5h4.09v4.5zm5.25-5.63H8.58V6h5.25z\" fill-rule=\"nonzero\" \/><\/svg><\/div>\n<p>Gift Article<\/p>\n<\/div>\n<p><\/button><\/div>\n<\/div>\n<section class=\"dn-ns hide-for-print\" data-testid=\"mostRead\" subscriptions-section=\"content\"><\/section>\n<div class=\"b bh mb-lg-mod pt-lg pb-lg hide-for-print\">\n<div data-qa=\"newsletter\" class=\"hide-for-print relative \">\n<div class=\"dib w-100\">\n<div>\n<p><svg aria-labelledby=\"react-aria-1-aria\" role=\"img\" viewBox=\"0 0 100 80\"><title id=\"react-aria-1-aria\">Loading&#8230;<\/title><rect role=\"presentation\" x=\"0\" y=\"0\" width=\"100%\" height=\"100%\" clip-path=\"url(#react-aria-1-diff)\" \/><defs><clipPath id=\"react-aria-1-diff\"><rect x=\"0\" y=\"0\" rx=\"0\" ry=\"0\" width=\"100\" height=\"80\" \/><\/clipPath><linearGradient id=\"react-aria-1-animated-diff\"><stop offset=\"0%\" stop-color=\"#e9e9e9\" stop-opacity=\"1\" \/><stop offset=\"50%\" stop-color=\"#e9e9e9\" stop-opacity=\"1\" \/><stop offset=\"100%\" stop-color=\"#e9e9e9\" stop-opacity=\"1\" \/><\/linearGradient><\/defs><\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34020\/Mysterious-Company-With-Government-Ties-Plays-Key-Internet-Role.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":49229,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[10275],"class_list":["post-49228","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinegovernmentprivacyusaspywarecryptography"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Mysterious Company With Government Ties Plays Key Internet Role 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Mysterious Company With Government Ties Plays Key Internet Role 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-11-09T13:31:59+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.washingtonpost.com\/wp-apps\/imrs.php?src=https:\/\/arc-anglerfish-washpost-prod-washpost.s3.amazonaws.com\/public\/I4GMEJCJZEI63AKTS3XJPMQY2I.jpg&amp;w=1440\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mysterious-company-with-government-ties-plays-key-internet-role\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mysterious-company-with-government-ties-plays-key-internet-role\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Mysterious Company With Government Ties Plays Key Internet Role\",\"datePublished\":\"2022-11-09T13:31:59+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mysterious-company-with-government-ties-plays-key-internet-role\\\/\"},\"wordCount\":1945,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mysterious-company-with-government-ties-plays-key-internet-role\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/11\\\/mysterious-company-with-government-ties-plays-key-internet-role.jpg\",\"keywords\":[\"headline,government,privacy,usa,spyware,cryptography\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mysterious-company-with-government-ties-plays-key-internet-role\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mysterious-company-with-government-ties-plays-key-internet-role\\\/\",\"name\":\"Mysterious Company With Government Ties Plays Key Internet Role 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mysterious-company-with-government-ties-plays-key-internet-role\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mysterious-company-with-government-ties-plays-key-internet-role\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/11\\\/mysterious-company-with-government-ties-plays-key-internet-role.jpg\",\"datePublished\":\"2022-11-09T13:31:59+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mysterious-company-with-government-ties-plays-key-internet-role\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mysterious-company-with-government-ties-plays-key-internet-role\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mysterious-company-with-government-ties-plays-key-internet-role\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/11\\\/mysterious-company-with-government-ties-plays-key-internet-role.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/11\\\/mysterious-company-with-government-ties-plays-key-internet-role.jpg\",\"width\":200,\"height\":133},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mysterious-company-with-government-ties-plays-key-internet-role\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,government,privacy,usa,spyware,cryptography\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinegovernmentprivacyusaspywarecryptography\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Mysterious Company With Government Ties Plays Key Internet Role\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Mysterious Company With Government Ties Plays Key Internet Role 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/","og_locale":"en_US","og_type":"article","og_title":"Mysterious Company With Government Ties Plays Key Internet Role 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-11-09T13:31:59+00:00","og_image":[{"url":"https:\/\/www.washingtonpost.com\/wp-apps\/imrs.php?src=https:\/\/arc-anglerfish-washpost-prod-washpost.s3.amazonaws.com\/public\/I4GMEJCJZEI63AKTS3XJPMQY2I.jpg&amp;w=1440","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Mysterious Company With Government Ties Plays Key Internet Role","datePublished":"2022-11-09T13:31:59+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/"},"wordCount":1945,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/11\/mysterious-company-with-government-ties-plays-key-internet-role.jpg","keywords":["headline,government,privacy,usa,spyware,cryptography"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/","url":"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/","name":"Mysterious Company With Government Ties Plays Key Internet Role 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/11\/mysterious-company-with-government-ties-plays-key-internet-role.jpg","datePublished":"2022-11-09T13:31:59+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/11\/mysterious-company-with-government-ties-plays-key-internet-role.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/11\/mysterious-company-with-government-ties-plays-key-internet-role.jpg","width":200,"height":133},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/mysterious-company-with-government-ties-plays-key-internet-role\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,government,privacy,usa,spyware,cryptography","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinegovernmentprivacyusaspywarecryptography\/"},{"@type":"ListItem","position":3,"name":"Mysterious Company With Government Ties Plays Key Internet Role"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/49228","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=49228"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/49228\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/49229"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=49228"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=49228"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=49228"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}