When I published Malign Influence Operation Safari on March 29th I had no idea we were about to knock the cover off the ball. When I published MIOS: Doin’ A FISA on April 9th it was still not certain that the story was going run.

But now Joe Menn has finished and News site editor’s ties to Iran, Russia show misinformation’s complexity is live on the Washington Post.

I helped bring this story to light, but the original work of liberating the data was done by Black Reward, an Iranian dissident group. The noses on the ground that originally preserved the leak and spent the time to understand what it meant belong to the Canine Intelligence Agency of North Atlantic Fellas Organization.

There are multiple groups that use the CIA name, so if you think you’re talking to me somewhere online, you’d better verify by connecting to Neal Rauhauser on LinkedIn.

On behalf of every Ukrainian who has been wounded or killed by a Shahed drone, the music festival attendees slaughtered by Hamas, the hostages and their families, tens of thousands of innocent civilians who’ve died in Gaza, and our Iranian friends who have been trying to change their government since in 2009, let justice be done upon anyone who, through either action or inaction, has played a part in causing this suffering.

The Leak Itself:

The data in this reporting appeared online in October of 2022. The CIA pooches spotted it, preserved it, and I got a copy shortly thereafter. Nobody really looked at it until a year after it became available. We could not obtain the 61 original PST files and Joe said he had other methods to validate the leak. I’m not privy to how he managed that.

The content of this leak includes PII such that DDoSecrets would make it Limited Distribution. I’m hoping the original files make their way to that site. I’m not sharing my copy of the leak, I will however provide enough information for someone else to validate the content if they already have a copy.

SHA256 hashes of 15,125 emails from PressTV leak.

SHA256 hashes of 17,041 attachments from PressTV leak.

Once we understood what this was, a full copy was made available to FVEYS intel agencies. Based on things heard while trying to obtain the original 61 PST files it seems likely they got it the day it was released, but being certain is for the best.

Call Logs:

There are 29 months of call detail records from an unknown enterprise PBX. Initially I thought we were really on to something, but it was just a coincidence, which I explained in False Information Seeming Accurate. Even so, the 29,855 calls in these logs are a treasure chest we’ve only begun to examine.

PressTV is a media operation, the vast majority of the nearly 5,000 U.S. calls are appearances on their shows, requests for comment, and there are a good number of academic contacts. Much of this is 1st Amendment protected activity, some of it is under the umbrella of academic freedom, and someone being called for a comment is not sufficient to construe support for the current Iranian regime. A professor who has talked to PressTV, but who also serves as a source for the Jerusalem Post, does not need to be hounded by a bunch of internet weirdos.

There are twenty five individuals and nine organizations among the 63 busiest U.S. numbers. Among them I see many sources of what is, at least to my mind, wrong headed thinking, but the combination of 1st Amendment and academic freedom are plausible defenses. We’ll leave this to the aforementioned FVEYS intel guys to work out what is and is not a real issue.

The 134 numbers called by the least busy originating extensions seems like a much better set to inspect. Among those are 23 of the 63 busiest. I’m not sure which is more interesting, the sixteen I can put a name to, or the seven that I can not(yet). If we keep poking around in here, we will find more sanctions evasion and FARA violations and whatnot.

Conclusion:

Now that we’ve proven this leak to be interesting I imagine there will be a lot more attention on it, given conditions in the Mideast right now.

The messages from this leak will end up (of course) on cia.disinfodro.me, for which you will need a proper login. As above, contact me on LinkedIn, or if you know the right pack of brain damaged cartoon dogs, they can arrange a pass for you.

And while we’re here, would anyone like an equally juicy story on a U.S. right wing organization spending seven figures to push Russian propaganda?

MIOS: Russpublicans has some additional details, without wrecking the scoop.