Fi 🏳️‍⚧️23h ago

So, I haven't seen anyone else remark on this yet, but -

if they got into his gmail, then they presumably had the ability to get into his google account -generally-, including things like "backups" and "findmyphone."

Show threadFi 🏳️‍⚧️23h ago
Consider the level of exposure involved here, and the complete silence on -how long- they had this access.
Show threadFi 🏳️‍⚧️23h ago

Consider how many emails they could have sent from his account too.

And how many other places he used those login credentials.

Show threadFi 🏳️‍⚧️23h ago

You know, if they had access to his phone and the ability to install apps, there's really nothing stopping them from using his phone to connect to whatever local wifi and gain access to resources on that.

I wonder how many networks his phone was a trusted device on.

Show threadFi 🏳️‍⚧️23h ago
'cuz if I were a competent threat, I'd only release the taunting document dump -after- I'd used his phone to establish footholds in various otherwise secured networks persistently.
Show threadFi 🏳️‍⚧️23h ago
I'm doing this threat modeling as a blue teamer with 3h of sleep and not enough coffee today, so pretty sure this would have occurred to everyone else involved who's actually awake.
Show threadFi 🏳️‍⚧️
I'd make a joke about 'more lateral movement than' some football team or other but I don't know what team is currently reknowned for throwing lateral passes, so assume I did the clever thing.
Mar 27 at 10:29pmWeb
Show threadFi 🏳️‍⚧️23h ago

Anyway hugops to whatever remaining infosec personnel exist at DOJ.

I'mma see about taking a nap until the girls I'm teaching lockpicking to show up.