17 May 2017

Importadores de material de represión en Venezuela


Mi interés en el material de represión, que ha causado ya decenas de muertes en Venezuela, comenzó cuando recibí documentos de Zuma Seguros que evidencian una de las formas en las cuales estos guisos suceden. La investigación de los individuos y empresas involucradas (Zuma Seguros, Sinotrade, Gustavo Mendiri, Renny Calderin, Ciro Amesty, Gabriel Miño Mendoza, Giuseppe Yoffreda Yorio, Venezolana de Exportaciones e Importaciones) que publique en Twitter se ha regado como el gas lacrimógeno con el que reprimen a la población.

Y una de las consecuencias ha sido que me filtraron data de todos los importadores de material de represión en Venezuela. Desde 2009. Los montos no son muy altos: en total un poco más de 35 millones de dólares. Igualmente, analizando la data con el sistema armonizado de códigos (todas las importaciones están clasificadas en Capítulo 93 relativo a armas, municiones y sus repuestos y accesorios), he encontrado varias cosas extrañas, por decir lo menos.

Andres Mauricio Acuña Vargas, por ejemplo, aparece importando armas de caza o para uso deportivo. Ningún problema allí. Otros ejemplos:

  • Aerocamiones de Venezuela, importando pistolas y/o revólveres desde Puerto Rico.
  • Cemex de Venezuela, importando cartuchos desde EEUU.
  • Comercial Vasco Venezolana, importando munición e items clasificados como de aire comprimido (lacrimógenas?) desde España.
  • Complejo Siderurgico de Guayana, importando espadas, sables o bayonetas desde EEUU. 
  • DHL, importando todo tipo de armamento, municiones, etc. desde Panamá.
  • Zoom International, importando todo tipo de armamento, municiones, etc. desde EEUU.
  • Distribuidora Nacional Centurión, importando municiones, espadas..., e items clasificados como de aire comprimido desde España.
  • Maximo Olivieri, representante en Venezuela de Beretta, importando desde Italia.
  • Falken de Venezuela, debo agregar aqui, que Falken de Venezuela parece ser una subsidiaria de Falken S.A. de España. Esta empresa, relacionada con dirigentes del Partido Popular, es de la familia Bardisa Jorda, y vende casi exclusivamente material de represión (ver foto). Cabe mencionar que Falken comenzó a exportar sus productos a Venezuela en 2009, y su última importación fue en 2015. Es decir, le ha vendido tanto a Chavez como a Maduro, todas sus 37 operaciones -salvo tres- a cambio preferencial (2,15, 4,30 y 6,30).

En cuanto a la procedencia y numero de importaciones: Alemania (40), Austria (6), Bélgica (13), Francia (3), Italia (70), Bielorrusia (1), Brasil (4), Chile (6), Argentina (2), China (4), Arabia Saudita (1), Emiratos Arabes (1), Mexico (5), Hong Kong (1), Panama (26), Puerto Rico (6), Peru (1), Corea del Sur (1), Taiwan (1), Turquia (6), Estados Unidos (120), y España (98).

Todas las importaciones hechas a través de DHL, FEDEX o Zoom carecen de información sobre identidad del remitente. 

Contacte a los representantes de Falken, en Venezuela y España. No he recibido respuesta. Contacte también a periodistas en España, ya que la familia que controla Falken es conocida hasta cierto punto. No ha habido respuesta... 

A continuación la lista de todos los importadores, cuyos detalles pueden buscarse rápidamente en el Registro Nacional de Contratistas, bajo este formato: 


  1. C.A Venezolana De Industrias Militares 
  2. Comercializadora Verotex C.A. 
  3. Inversiones Urmon 77, C.A 
  4. Ministerio De La Defensa 
  5. Omar Jose Gimenez Zabaleta 
  6. Representaciones Doral S.A. 
  7. Venezolana de Exportaciones e Importaciones
  8. Herrera Crespo Gerardo Jose 
  9. Comercial Vasco Venezolana, C.A. 
  10. Glock De Venezuela C.A. 
  11. Inversiones Guiama C.A. 
  12. Zoom Internacional Services C. A. 
  13. Moreno Guevara Ramon Antonio 
  14. Rodriguez Madera Jorge Javier 
  15. Importadora Yinphie 
  16. Inversiones Y Suministros A & A C. A.
  17. Martinez Juarez Cesar Rafael 
  18. Prendas Militares Fotoscreen C.A. 
  19. Vieira Rodriguez Luis Manuel
  20. Vivas Castellanos Jose Gregorio 
  21. Falken Venezuela, C.A 
  22. Armas Llano C. A. 
  23. C.A. Cartuchos JK 
  24. Cartuchos Victoria, C.A. 
  25. Casa Bianca, C.A. 
  26. Distrib. Nac. Centurion, C.A. 
  27. Inversiones Cabello S. A. 
  28. Inverca S. A. 
  29. Maximo Olivieri C.A. 
  30. Acuna Vargas Andres Mauricio 
  31. Aerocamiones De Venezuela, C.A. 
  32. Anchor Fasteners C.A 
  33. Armaragua C. A. 
  34. Banco Central de Venezuela 
  35. Carlos Manuel Fleitas Cruz 
  36. Cemex de Venezuela,
  37. Complejo Siderurgico de Guayana
  38. Da Silva De Freitas Juan Oswaldo
  39. DHL Fletes Aereos C. A. 
  40. Distrimport Carabobo C.A. 
  41. DLM Logistics Venezuela, C.A. 
  42. Dual Import Export, C.A. 
  43. Federacion Venezolana De Tiro 
  44. Federal Express Holdings S.A. 
  45. Gimeno P Pedro J 
  46. Hilti Venezuela, S. A. 
  47. Huerta Carlon Gregorio Rutil 
  48. Inversiones 1511, C.A. 
  49. Inversiones Ararauna 4x4, C.A. 
  50. Inversiones Iaseteca, C.A. 
  51. Representaciones Marcos Gonzalez 
  52. Ruy Part C.A. 
  53. Schlumberger Venezuela S.A. 
  54. Servicios Y Suministros De Oriente 
  55. Supermercado Los Diaz C.A 
  56. Tactical Sports, C.A. 
  57. Zoom Internacional Services C. A. 
  58. Fapco, C.A. 
  59. Gustavo Enrique Suarez Rodriguez 
  60. Maria Pellicane Lampasona 
  61. Emporio Del Fumador, C.A. 
  62. Benedetto Parziale 
  63. Cardeport Special C.A 
  64. Pescalo A Pulmon.Com 
  65. Scarlet Gabriela Azuaje Hernandez 
  66. Scrosoppi Mar, C.A. 
  67. Srt Consultores, C.A. 
  68. Boutique Del Cazador C. A. 
  69. El Bodegon De Las Armas C. A. 
  70. Administradora Los Cortijos Verdes 
  71. Exito, C.A. 
  72. Invermil S. A. 
  73. Mg Gun Sport Internacional, C.A. 
  74. Armeria Global Gl, C.A. 
  75. Letter Express International, C.A. 
  76. Representaciones Cobarca, C.A.

1 May 2017

Francisco Convit incriminates Derwick Associates

Last week Palomo Linares died in Spain. The bullfighter and paramour of Lilia Lopez (mother of Derwick Associates' head Alejandro Betancourt) was instrumental in providing bona fides and opening doors, which led to considerable money laundering by Derwick Associates in Spain.

From left: Francisco D'Agostino, Alejandro Betancourt, Pedro Trebbau, Edgar Romero Lazo and Francisco Convit.
I taunted the bolichicos by twitting my "condolences" to Betancourt's mum and sister, for the deceased bullfighter was also father to Betancourt's sister's boyfriend. I know, I know, typical Spanish real life tattle, where father and son just happen to be involved with mother and daughter.

My tweet must have rattled Derwick's cage. Francisco Convit, according to recently leaked documents owner of 50% of Derwick Associates (below), reacted by claiming I was a "dirty rat", and, unlike Palomo who was described as an all time great, no one would remember me when I die. To that I replied that, most certainly, that would be the case, for it wasn't me who stole over one billion dollars worth of public funds in Venezuela.


The ensuing Twitter debate was very boring. The usual chavista claims regarding my being a "hired pen" and my alleged inherited mental issues were wheeled out, almost immediately. From there, it took a moment to start referencing my father's suicide, over and over again, as cause of my "depression". In chavista Venezuela, mocking people's mental issues and family tragedies is common currency.

Convit claims to know a great deal about me and my mental issues. He claims, in fact, to know my thoughts. As the tweet on the left shows, Convit said "when your mind starts telling you that you're useless, to question why would (your) daddy do what he did, or your wanting to slit your wrists."

Freud would be proud at such preeminence.

But that's not what caught my attention, after all chavistas and associated thugs have been making impossible to prove claims about me for years now, from reviving my deceased mother, to turning my sister into Hugo Chavez's lover (despite her residing permanently in another continent), to my mental issues, when not my "AIDS-spreading" homosexual adventures. It's all part of the progressive repertoire.

Convit also said however, that the break into my flat, which happened on 17 November 2014, was my own doing: an act of self promotion aimed at drawing attention to myself.

Now this does interest me. For Convit spiced up his Twitter attack with repeated questions about my alleged "unemployed status", and my alleged "living like a wealthy person in London".

How exactly does Convit know my employment status?

How can Convit possibly claim knowledge of my living "like a king... in London, the world's most expensive city"?

When I saw these tweets, I immediately contacted London's Metropolitan Police's case investigator. The spurious arguments, of my alleged terrorising my own children and staging a break in, could almost be expected from such a deranged thug. But what to make of repeated unemployment status and life style mentions?

In that respect I have my own theory. Both my family and myself were subject of illegal surveillance, in and around London, that lasted months prior to assault to our flat. My wife, children and myself, were photographed, together and separately, in different locations. Pictures of our daily commute to school and work, at different day times, were posted by anonymous individuals across a variety of websites and social platforms. I have a catalogue of such pictures and have done a tremendous amount of investigation regarding metadata, time stamps of photoshopping, etc.

I know parties in Caracas, as well as in India, were involved. Threats of sexual abuse made against my children were written and sent, twice, from Tbilisi. Defamation tasks were likely assigned through micro tasking platforms. It is highly likely that at least one of the three assaulting men resides in Spain.

Convit has all these information. He knows at what time we leave in the morning and at what time we come back in the afternoon. He's privy to location of my children's school, in fact pictures of it were posted. Defamation campaigns launched a week after break in used Convit's very same arguments, regarding my life style and alleged unemployment.

How can someone who doesn't know me, has never met me, has no common acquaintances, and lives in Caracas, claim to know what I do and how I live in London? This is the best indication, as yet, of Derwick Associates' direct involvement in theft of my laptops, terrorising my family and break in. I have documentary proof demonstrating that their procurement to Venezuelan institutions was done through nepotism and rampant corruption. Now I have public admissions, an entire Twitter collection in fact, of knowledge of details about my life that only somebody who knows me really well can know.

Even someone of Convit's intellectual calibre would realise, sooner or later, that self incrimination is not a good business practice, much less considering Venezuela's current situation, and the fact that the entire country has come to know him and his partners as epitomes of all that went wrong under chavista rule. Remember that these folks travel the world pretending they're upstanding captains of industry and capital investors now. So Convit had his Twitter account deleted. In any case, I saved copies of incriminating tweets, and passed all details to London's Metropolitan Police and to Twitter.

Convit, or his community manager, sent me an email afterwards claiming he did not have a Twitter account. Almost simultaneously, his @franciscoconvi7 Twitter account was deleted.  Just a coincidence I'm sure... I have a very accurate X-ray of Derwick Associates' operations, investments, and assets around the world. Chavismo is not going to last forever, nor will Derwick's impunity.

24 March 2017

Ramiro Helmeyer & RaFa new reputation-cleaning online technique: DDoS & IoT


UPDATED 28/03/2017 - 15:42GMT* - In the latest chapter of new and creative forms of silencing / eliminating from view, accurate and relevant information about certain characters of Venezuela's underworld, this week I've been battling with yet another DDoS attack against my first, now inactive, website: vcrisis.com. This time round, thousands of smartphones are being used, presumably without owners consent, to direct traffic (POST and GET requests) to my site. But the more interesting aspect is that most traffic comes from a handful of Google Cloud's IP addresses.

You read that right, DoSers are using Google's power to crash my server. For public benefit and future reference, abused addresses are:

104.199.239.63
104.155.223.136
35.185.97.148
35.185.71.234
104.198.44.92
104.154.156.18

The requests being made, by the thousands, look like this:

www.vcrisis.com 35.185.71.234 - - [23/Mar/2017:00:01:13 -0400] "POST /index.php?content=archive HTTP/1.1" 200 498751 "-" "Mozilla/5.0 (BlackBerry; U; BlackBerry 9900; en)

www.vcrisis.com 35.187.34.71 - - [23/Mar/2017:00:01:11 -0400] "POST /index.php?content=archive HTTP/1.1" 200 498752 "-" "Mozilla/5.0 (Linux; U; Android 2.3.3; de-ch; HTC Desire Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"

www.vcrisis.com 104.155.223.136 - - [23/Mar/2017:00:01:11 -0400] "POST /index.php?content=archive HTTP/1.1" 200 498764 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows Phone OS 7.0; Trident/3.1; IEMobile/7.0; Nokia;N70)"

www.vcrisis.com 104.155.223.136 - - [23/Mar/2017:00:01:07 -0400] "GET /? HTTP/1.1" 200 22781 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36"

www.vcrisis.com 35.187.34.71 - - [23/Mar/2017:00:01:07 -0400] "POST /index.php?content=archive HTTP/1.1" 200 498759 "-" "Opera/9.80 (J2ME/MIDP; Opera Mini/9 (Compatible; MSIE:9.0; iPhone; BlackBerry9700; AppleWebKit/24.746; U; en) Presto/2.5.25 Version/10.54"

Logs show thousands of such requests, to the extent that the server has been shut down and special measures have been put in place by my web hosting provider. I have, of course, shared relevant data with Google's Project Shield, whose staff alerted me to increased traffic towards my vcrisis.com site the other day.

One of the benefits of this new association with Project Shield is that I get to see things that I couldn't / wasn't aware of before, such as the number of removal requests made on articles posted on my website. The one reprinted below, for instance, which is a post written by blog friend, financial crime consultant Ken Rijock, seems to be causing some discomfort to criminal Ramiro Helmeyer and his community manager, also convicted criminal, RaFa the hacker

My dashboard shows that since 27 September 2016, 54 removal requests have been made on stuff posted on vcrisis.com, almost all of them to have the article below removed. Checking on removal requests made on articles posted in my other site, infodio.com, I noticed that all 368 such requests, from the first one made also on 27 September 2016, are either articles on RaFa, or those exposing his who's who list of thuggish / criminal Venezuelan clients, from convicted Helmeyer, to more recently convicted Roberto Rincon...

Some time ago I alerted Matt Cutts about RaFa's astroturfing. I guess he's having to do all the criminals' white washing again. And he's succeeding at it I reckon. Google searches for Ramiro Helmeyer return these results these days: surely David Beckham, Alec Baldwin and Jesse Eisenberg wouldn't be proud of such usage of their images.



* An update: the good folks at Project Shield sent a message saying "It was a Layer 7 HTTP flood DDoS attack." Further investigation revealed that Project Shield own IP addresses were indeed used in the DDoS attack. What interests me is the level of sophistication Venezuelan crooks are employing to scrub their reputations. Considering the staggering amounts of money they've gotten through corruption, and the kind of services employed, is not difficult to foresee that their past misdeeds will be eliminated from public domain.

24 February 2017

[UPDATED] DDoS, DMZHOST, spam, Project Shield...


This post was intended to be posted in infodio.com. Evidently, my contentment about having defeated the DDoS attack was premature... Please see updates at bottom.

It's been a busy week. As I was chatting to a source in Caracas the other day, I noticed that this site was down. Asked my web host (shout out to the excellent folks at LeaseWeb), and was informed that -yet another- DDoS attack had been launched against us. This is the third time a DDoS attack has been directed to my websites: once at vcrisis.com and twice at infodio.com

This is how it looked this morning...

 I must wonder, of course, at the reasons. Why would anyone seek to prevent the general public from learning about the stuff I publish? Is it because we expose Venezuela's rampant corruption? For those who are yet to get acquainted with the situation, Venezuela is a Spanish speaking country, of some 30 million. It is, after 17 years of chavista rule, a failed nation in the fullest sense of the term. But this site does not cater for a Venezuelan readership. It seeks to inform the wider world about who's who in the Boliburgeoisie, a new extremely wealthy and, equally, extremely inept class of 'businessmen' that could only become minted under the shadow of Hugo Chavez's so called socialist revolution. We talk about the Alejandro Betancourts of this world, the Juan Carlos Escotets, the Victor Vargas, the Danilo Diazgranados, the Francisco D'Agostinos and Luis Obertos... we investigate the origin of their newly found riches, we track their operations across many different jurisdictions, we expose those who enable, aid and abet them, like Adam Kaufmann, Glenn Simpson, Al Cardenas, or even Baltazar Garzon, we uncover their deals, in Africa, Europe, Russia, Asia, in sum, we shed a glimmer of sunlight on their otherwise opaque underworld.

It is, therefore, to be expected that such work would attract the ire of nasty, criminal, yet extremely resourceful thugs (dirty money is welcomed by everyone everywhere nowadays). Dealing with this lot exposes us to very dangerous vendettas. They operate in a world without border / immigration barriers. They criss-cross the globe in their own private jets: one day they're having Heston Blumenthal cooking for them, the next they're in St. Barths hanging with Roman Abramovich, and the third meeting with ex-WSJ hacks, former Manhattan prosecutors and leaders from America's GOP, when not cavorting with the very best of Sloanes in London. Their reach knows no constraints either. A London raid can be easily organized from Caracas, without as much as a worry of ever getting caught. That's the kind this site deals with.

The latest comes from Russia, or more specifically, an IP address controlled from Russia (191.96.249.70). A vulnerability in the Wordpress blogging platform allows the pingback method to be used to launch DDoS attacks (explanation here). Basically, someone makes use of that vulnerability to ping a target website. Checking my server logs, I noticed the following pattern:

"GET / HTTP/1.1" 200 32295 "http://infodio.com/" "WordPress/4.7.2; https://www.customescaperoom.com; verifying pingback from 191.96.249.70"


"GET / HTTP/1.1" 200 32293 "http://infodio.com/" "WordPress/4.6.3; http://www.toptasting.com; verifying pingback from 191.96.249.70"


"GET / HTTP/1.0" 200 145833 "-" "WordPress/4.0.15; http://wisecleaner.online; verifying pingback from 191.96.249.70"


When that request is repeated many thousands of times per second servers tend to collapse due to increased traffic, as was the case with mine. Thousands of such requests, as well as POST and HEAD requests, were launched from servers around the world.

However, IP 191.96.249.70, as all others, is associated to a host provider, in this case DMZHOST.CO. Said domain, as all others, is in turn registered by a person, somewhere, in this case a Christian P, with an address in the Seychelles very similar to that of Mossack Fonseca (Oliaji Trade Centre, Francis Rachel Street, Victoria Mahe, Seychelles).


Every domain has to have a person or organization responsible. In the case of DMZHOST.CO it initially had Dmzhost Limited as responsible party, but seems to have passed control to JUPITER 25 LIMITEDA search for Jupiter brings us closer to home, to 35 Firs Avenue, N11 3NE, London, United Kingdom. Please do note, in the last link, that there's a chris@dmzhost.co as contact for Jupiter. Could this be the same person as Christian P in the Seychelles? 

There are hundreds of companies registered in 35 Firs Avenue. According to Companies House data, Darren Symes is Jupiter's director, Symes is associated with over 200 companies. Others folks investigating similar attacks have had this to say about DMZHOST in the recent past:


“Bulletproof hosting” providers like DMZHOST provide VPSs that advertise themselves as outside of the reach of Western law enforcement. DMZHOST offers its clients “offshore” VPSs in a “Secured Netherland datacenter privacy bunker” and “does not store any information / Log about user activity.” At the same time, DMZHOST’s terms of service are just as concise. “DMZHOST does not allow anything (related) to the following content: – DDos – Childporn – Bank Exploit – Terrorism – NO NTP – NO Email SPAM”. 

Further investigation of IP 191.96.249.70 and Jupiter 25 Limited indicate that its DNS servers are controlled by yet another London-based company: Host1Plus. This one in turn seems to be a trading name of Digital Energy Technologies Ltd.

Bitcoin payments, obscuring identity of ultimate culprits, are readily accepted by both DMZHOST and Host1Plus. I sent a tweet to Host1Plus' Vincentas Grinius, that was replied in the most ridiculous fashion to avoid dealing with the actual DDoS question. 

I also sent an email request to chris@dmzhost.co, and got an almost immediate reply, asking for logs. Chris sends emails from somewhere around Pavia in Italy (93-36-187-144.ip61.fastwebnet.it). He claims the server used for DDoS attack "has been shutdown", but refuses to say who used the server, who contracted server services with his company, how did he get paid, and refuses to provide his full identity or that of his client/s. If he ever identifies himself fully, and provides proper explanations as to use of his platform to DDoS this site*, I shall add his comments here, alas I have no hope: while asking him to reconsider, my inbox has been rendered almost dysfunctional in a matter of minutes by an avalanche of spam (see below), which started after my third email to Chris. So the server "has been shutdown" alright, but the attack has morphed...


Despite denials, queries per second peaked minutes after
confronting Chris@dmzhost.co as per Project Shield's data.
Not all has been bad though. Right after Brian Krebs suffered the largest ever DDoS attack I remember having read about how Google had come to the rescue. Through Twitter I got in touch with Nicholas Platt, Digital Media Producer of Jigsaw, a technology incubator of Alphabet (Google's parent co) and got an invite to join Project Shield, which is the Google platform that defeated Krebs attackers. I will be forever grateful for this. The folks from LeaseWeb, my web hosting provider, must also receive my public gratitude: rather than kicking me out -after all the attack caused a lot of disruption and man hours to solve, Tom, Reece and Bagata kept their Dutch cool and were tremendously helpful.


Virtual crooks are getting more brazen by the day, though I seriously doubt they will ever reach Google's levels of computing power. The silver lining is that due to the latest DDoS attack, no amount of stolen Venezuelan money will ever be able to knock this site offline again. It is yet to be determined which of the thugs normally exposed here is behind the latest attack, though we will carry on investigating, exposing, and shedding light upon corruption and the Boliburgeoisie. The latest findings put to rest the no-bid contracts given to Derwick, Diazgranados intentions to buy a sizeable portion of Compagnie Bancaire Helvetique, Charles Henry de Beaumont's dirty dealings with Oberto and other thugs in the Caribbean, the direct links between corrupt chavistas and their preferred contractors, etc.

* Right after confronting chris@dmzhost.co this afternoon, DDoS attack against infodio.com was relaunched, with the added bonus of a huge spam avalanche in my inbox. Chris claims that neither him nor his company were behind DDoS attack, and added that he "c­ould help you on miti­gating ALL attacks. W­e are experienced on ­mitigating attack sin­ce also us receice ma­ny attacks"... (sic)



Further investigations indicate that Chris' UK proxy, Darren Symes, has had a colourful past fronting for other scam artists grouped under Claremont Partnerships and Noble Rock Partners.

UPDATE 25.02.2017 13:38GMT: My server logs are providing more clues as per nature of attack. Project Shield's visits started yesterday morning:
104.196.28.249 - - [24/Feb/2017:10:26:29 +0100] "GET / HTTP/1.1" 200 146265 "-" "Mozilla/5.0 (compatible; ProjectShield-UrlCheck; +http://g.co/projectshield)"
This continued, more or less uninterruptedly, until early afternoon and was coupled with spidering by Google bots, etc.:
35.184.90.184 - - [24/Feb/2017:14:24:36 +0100] "GET / HTTP/1.1" 200 146265 "-" "Mozilla/5.0 (compatible; ProjectShield-UrlCheck; +http://g.co/projectshield)"
Then this happened:
104.155.70.96 - - [24/Feb/2017:14:26:09 +0100] "GET / HTTP/1.1" 200 145833 "-" "WordPress/4.4.2; http://jazzjackrabbit.org; verifying pingback from 191.96.249.54
104.199.6.69 - - [24/Feb/2017:14:26:09 +0100] "GET / HTTP/1.1" 200 32299 "http://infodio.com/" "WordPress/4.7.2; https://www.virtualsunburn.com; verifying pingback from 191.96.249.54
104.199.61.249 - - [24/Feb/2017:14:26:09 +0100] "GET / HTTP/1.1" 200 32299 "http://infodio.com/" "WordPress/4.6; http://pironsecurity.com; verifying pingback from 191.96.249.54"
At 14:24, chris@dmzhost.co sent an email saying:
"Do not threat since for be clear we are not who launch you the attack. And we have take immediate action suspending the server so lawfully speaking we are total ok." (sic)
About two minutes passed between his "lawfully speaking we are total ok" and the restart of DDoS and further spam avalanche. However the IP had been changed, from previous 191.96.249.70 to 191.96.249.54, both controlled by his DMZHOST company.

Email headers suggests that his email server (mail.ru) is located in a GMT +0300 time zone (Russia) and then routes it through Italy's Fastweb. His browser appears to be configured in Italian and he visited some of my sites from a Fastweb server at around same time:


I've sent an email to abuse@corp.mail.ru, however I have little expectation of ever getting a straightforward and appropriate reply (Added: mail.ru did reply, claiming chris@dmzhost.co is not a registered client despite email header evidence to the contrary). The spamming of my inbox continues in earnest: my last email was not replied, I guess Chris did not appreciate my confronting him and details in this post (Added: eventually a couple of emails made it into my inbox over the weekend, one from usual @dmzhost.co address and the other from dmzhosts@protonmail.com, whereby our DDoSer and spammer claims "IF YOU ARE RECEIVING THIS MAIL ITS BECAUSE WE CANNOT REACH YOU FROM OUR MAIN MAIL. Please provide another mail which is not being spammed.. or skype account").

DDoS Attacks directed to the site are still crippling functionality and access, with five outages in the last seven days.



UPDATE 01.03.2017 07:46GMT: infodio.com has been back online for over 48 hours, and is updated.

Looking at the latitude and longitude details of attacking IPs 191.96.249.70 and 191.96.249.54 in Google Maps, I noticed Rosneft HQ location. Further research reveals that Rosneft.ru has exactly the same latitude and longitude details that IPs from where DDoS attack against my site were launched. Considering chavismo's relations with Russian 'state' companies, isn't that just an extraordinary coincidence?




12 January 2017

FusionGPS steps in it (again): now about Trump

Let us start with the NYT's headline "How a Sensational, Unverified Dossier Became a Crisis for Donald Trump", and a quote:
Fusion GPS, headed by a former Wall Street Journal journalist known for his dogged reporting, Glenn Simpson, most often works for business clients. But in presidential elections, the firm is sometimes hired by candidates, party organizations or donors to do political “oppo” work — shorthand for opposition research — on the side. 
It is routine work and ordinarily involves creating a big, searchable database of public information: past news reports, documents from lawsuits and other relevant data. For months, Fusion GPS gathered the documents and put together the files from Mr. Trump’s past in business and entertainment, a rich target.
Report from Guido Fawkes site.
News about the unverified dossier have gone round the world a few times by now. Buzzfeed, the site that decided to go public with the "report" produced by Fusion GPS, certainly hasn't covered itself in glory: some of the most reputed liberal media outlets (BBC, NYT, The Guardian and WaPo) refused to touch it, even though they'd love to claim Trump's scalp.

There's already some talk about the similarities between Hugo Chavez and Donald Trump, especially in the way the president-elect treats non-compliant media. But I digress.

What I'm finding remarkable about this, is that Fusion GPS was in the news in the past for, precisely, its ethical and moral deficit. Here's a quote attributed to Simpson:

"We’re hoping that people who have an interest in bringing things out, to do something about corruption, fraud, will come to us."

Well, if attempting to destroy Republican donors -or its perceived GOP enemies- doesn't work, there's always a gig to be had with the Democrats. It does crack me up however, to read, in The Guardian no less, stuff like: "Fusion GPS, led by former journalists skilled in digging up secrets on public figures." Skilled?

I know better. Fusion GPS were (may still be?) in the employ of Derwick Associates, without a shred of a doubt one of the most corrupt group of thugs ever to have come out of Venezuela. The sort of "businessmen" that have no qualms in stealing over one billion USD from an almost destitute country. Fusion's "former journalists", of course, don't have a problem with corruption, so long as billable hours keep adding up.

Glenn Simpson managed to get a few quid from the Derwick thugs. He dispatched his sidekick Peter Fritsch to Caracas once upon a time, along with another equally contemptible and disgusting former "prosecutor", basically to impede journalists from carrying on with, erm, corruption reporting.

Fusion GPS's Peter Fritsch's record of visit to Hotel Lido in Caracas in July 2014.
I happen to know one of the "skilled" journalists at Fusion GPS, Tom Catan. He covered Venezuela's 2006 presidential race for The Times of London, and as I was shadowing the opposition candidate, I was asked to organise an interview. We met a few years later, in Spain, when, again, I helped with another interview. I invited the guy to my house for dinner, we broke bread together, talked, had a few drinks with my family... He seemed, then, a decent enough person. Imagine my surprise when I found out that his firm was retained to destroy me on behalf of Derwick Associates. I confronted him with the kind of tactics they so readily employ with their targets. His reply dispelled my doubts as to his integrity.

But then, Derwick thugs decided to crank it up a little. My family was the subject of illegal surveillance in London. We were photographed going about our daily affairs for months. The operation culminated with a break into my flat, theft of my laptops, and threats of sexual abuse against my daughters. Now that I read about Simpson's connection to a former British MI6 agent, I wonder: did Fusion GPS participated in the attack against my family? Did it subcontract former British intelligence officers to track me down in London?

To be frank, I doubt that British spooks -regardless of how spineless and money driven they may be- could be as inept as to allow themselves to be caught in CCTV in the process of carrying out criminal activity. However, it is entirely feasible -considering its clients- that Fusion GPS asked its British counterparts for my whereabouts, and once determined the information was passed along to other more (let's say) blunt operatives, who may have been sent from Venezuela, or Spain, to assault my flat in broad daylight. I will carry on digging, though I guess, for really skilled hacks like Fusion's, there's always the possibility of joining Russia Today, or better yet, Wikileaks.

The story about Venezuelan monumental corruption is, still, to play out. One thing seems certain though, when it does, Fusion GPS hacks will find impossible to justify their association with criminals.

Addendum: just read this morning a piece by David Satter, regarding Fusion GPS's and Christopher Steele's kompromat fabrications, which included "reporting" Trump having been filmed with prostitutes, doing "golden showers", etc. Did I mention that whoever masterminded the attack against me also took the trouble to spread online totally unsubstantiated stories about my alleged "connection" to drug trafficking, extortion, car theft, and (a Russian favourite) "involvement" in paedophilia? The most implausible of all was of course an accusation regarding my mother, who having died of cancer in 1983 was somehow revived and placed, by my creative accusers, as the leader of a drug cartel in 2006!