|
JTF2, FBI and RCMP Impostors on InterGOV IRC Chat Network.
We urge the public to beware that the IRC Chat Rooms operated and maintained by the International Web Police and InterGOV now play host to a group of impostors pretending to be JTF2 (Joint Task Force 2 - link is to the genuine JTF2 site) and on other occasions the FBI (Federal Bureau of Investigations) and RCMP (Royal Canadian Mounted Police). These imposters claim to be Official Government Employees and working with the International Web Police in joint operations.
The REAL JTF2 claim the below:
"The Joint Task Force Two (JTF 2) of the Canadian Forces is a Special Operations
Forces unit that is responsible for federal counter-terrorist operations."
"The mission of JTF 2 is to provide a force capable of rendering armed assistance in the resolution of an incident that is affecting, or has the potential to affect, the national interest. The primary focus is counter-terrorism (CT), however, the unit can expect to be employed on other high value strategic tasks."
The statements in italics above are from the Real JTF2 Site http://www.forces.gc.ca/dcds/units/jtf2/default_e.asp
See the highlighted text in the impostor's channel listings for more false claims HERE where their channel topic claims:
#JTF2 - JTF2 are members of Federal and International Intelligence dept Projects [Neuxus7 & Icenine ] P.I.X.Y
These individuals lurk in the International Web Police #Help_Center channel and supposedly dispense advice to the public even though they possess only the spelling and grammar skills of children. Is this maybe the Official Recognition which Peter Hampton repeatedly refers to? With the resources, training and investigative powers that the International Web Police claim to have at their disposal surely they would have soon realized that these individuals are completely bogus? Surely their screening process would have picked up on this immediately? Are the International Web Police really this gullible? Apparently so!
Their channels are now hidden from the public as they are set as mode +s which is secret mode and hides them from the public channels list. However the channels are still there.
They appear to do little more than sully the good name of genuine and legitimate agencies with their impersonations.
Nicknames of individuals who claim to be a part of this JTF2 group:
Cryptx - is FBI@relay.JTF2.src.gv.ca
l0rax - is liquid@InterGOV-USER-2F0064C5.pitt.east.verizon.net
KaNiAn - is RCMP-GRC@InterGOV-USER-3277DE5C.bchsia.telus.net * Royal Canadian Mountied Police
Fender - is FBI@relay.JTF2.src.gv.ca * John
Sp0ar - is sp0ar@InterGOV-USER-1887420E.mn.rr.com - fubar@InterGOV-USER-20F39BF2.ip.mcleodusa.net
Sp0ar - is sp0ar@relay.JTF2.src.gv.ca * sp0ar - Kernel_Sanders is connecting from *@216-43-122-134.ip.mcleodusa.net
Mallory` - is lakviewdr@relay.JTF2.src.gv.ca
Mallory` - is lakviewdr@InterGOV-USER-12CBCA15.ns.sympatico.ca
Kmart` - is lakviewdr@relay.JTF2.src.gv.ca Kmart` is the same person as Mallory`
defcon -
is defcon@InterGOV-USER-164AC127.sk * [Bw]Bloodwitness[Px] 18th-LT
defcon - is defcon@relay.JTF2.src.gv.ca * [Bw]Bloodwitness[Px] 18th-LT (Host changed a few moments after connecting)
System-X - systemx@InterGOV-USER-164AC127.sk * [Bw]Bloodwitness[Px] 18th-LT
SysTem-X is systemx@relay.JTF2.src.gv.ca * [Bw]Bloodwitness[Px] 18th-LT (Host changed a few moments after connecting)
sysx - is systemx@InterGOV-USER-AC395CA.byb47.jaring.my * [Bw]Bloodwitness[Px] 18th-LT
l0rax is apparently an individual with the below details:
Scott Clark
211 Wengler Ave Sharon,
PA
16146
724-346-4325
Works for or worked for:
Cellular One
2085 East State St Hermitage
PA
16148
800-837-5505
Below is a clear cut case of one of these individuals using the nickname Cryptx claiming to be a Government Employee and owner of the Official JTF2 Site. More on his FBI@relay.JTF2.src.gv.ca hostname below.
[06:38] <Cryptx> ok i see how this goes so ill be really nice then .. do you guys need some sort of help or you just going to idle in here ?
[06:40] <Andrej> Any policeman here?
[06:40] <Cryptx> not sure
[06:40] <Cryptx> is there something i can help you with?
[06:41] <Andrej> I nned some advice..
[06:41] <Andrej> But i'd prefer to talk to one of the Web-Police.
[06:41] <Cryptx> ask away
[06:41] <Andrej> Are you a guest here?
[06:42] <Cryptx> well if you look close at my whois i think i would be some one more better off to help you with advice but you can wait all night if you like Cryptx is FBI@relay.JTF2.src.gv.ca * Acetaminophen heart attack
Cryptx on +#HELP_CENTER
Cryptx using irc.webpolice.org InterGOV HUB Server
Cryptx is a Local IRC Operator
Cryptx has been idle 18mins 13secs, signed on Thu May 13 12:08:02
Cryptx End of /WHOIS list.
[06:43] <Cryptx> im far from a guest
[06:43] <Andrej> I was told earlier only to talk to someone with a badgenumber attached to their names..
[06:43] <Andrej> You could be anyone.
[06:45] <Cryptx> well your right in that .. but a network admiastrator with extream access here would sugest that im someone with a bit of understanding here
[06:45] <Cryptx> but you can do as you wish i have no idea what time anyone eles will be here and ill be leaving soon because im going off dutie
[06:46] <Andrej> From http://guidedvision.com/
[06:46] <Andrej> ?
[06:47] <Cryptx> 1 sec ill look
[06:47] <Cryptx> ok and what is it that im looking at there ?
[06:48] <Andrej> Thats where i go when i ype in gv.ca in my browser
[06:48] <Andrej> So you tell me.
[06:49] <Cryptx> look im tired i have been working in this office for 14 hours i deal with ever kinda call there is for the fed gov so if you dont wish to talk with me thats find because really i just would love to just go home and sleep
[06:49] <Cryptx> not to be rude just telling ou
[06:49] <Cryptx> you
[06:50] <Andrej> ok you work fo the Canadian Govenment?
[06:50] <Cryptx> http://www.forces.gc.ca/dcds/units/jtf2/default_e.asp
[06:50] <Cryptx> thats our web site
[06:50] <Cryptx> enjoy reading
[06:50] <Cryptx> actualy
[06:50] <Cryptx> can you deal with Andrej
[06:51] <Chris_03756> sure
[06:51] <Cryptx> he dosent think im important here
[06:51] <Chris_03756> how can i help Andrej
[06:51] <Andrej> Oh, I'm not sure I can gain help here with people impsting as Govt emplyees here..
[06:51] <Andrej> Good bye.
[06:51] *** Andrej has quit IRC (Quit: Andrej)
[06:51] <Cryptx> LOLOL
[06:51] <Chris_03756> haha
[06:52] <Chris_03756> 1) his name wasnt Andre
[06:52] <Chris_03756> it was Albert
[06:52] <Cryptx> well i wish i wasent working for the gov
[06:52] <Cryptx> but i hate to say
[06:52] <Cryptx> i need my bills payed
[06:52] <Chris_03756> lol
[06:52] <Chris_03756> i work for the gov its rather fun job
[06:52] <Cryptx> ell traid with me
[06:52] <Cryptx> you do anti terror |
In the whois lookup that he wanted the chatter to see while we were covertly monitoring their activity you will notice it says FBI@relay.JTF2.src.gv.ca Let's take a closer look at this and how easily it is achieved.
There are 2 ways this can be achieved on IRC on networks which run the Unreal IRCD software. InterGOV IRC Servers run:
"
Your host is irc.webpolice.org, running version Unreal3.2-beta19 "
1) By using the CHGHOST or SETHOST commands if you have IRC Operator status which Cryptx indeed does have you can set a fictitious virtual host VHOST to display to the public.
CHGHOST - Changes the hostname of a user currently on the IRC network. Only available to IRCops. Syntax: CHGHOST <nick> <host> Example: CHGHOST Cryptx relay.JTF2.src.gv.ca
SETHOST - Changes the hostname of yourself. Only available to IRCops.
Syntax: SETHOST <host> Example: SETHOST relay.JTF2.src.gv.ca
2) In the Networks file for the IRCD you can also specify a VHOST to give to an IRC Operator when they identify for IRC Operator Status.
More:
Doing a WHOIS Lookup on GV.CA will show that it is a site owned by an individual and not a Government Site and redirects to guidedvision.com. relay.JTF2.src would be a virtual host of GV.CA and an A Record Entry of GV.CA The relay.JTF2.src.gv.ca host does not really exist. We have determined that the individual who owns the GV.CA site is not involved in this deception and is merely the victim of the poor spelling ability of these impostors.
Doing a WHOIS Lookup on GC.CA which is a real Canadian Government site
[06:50] <Cryptx> http://www.forces.gc.ca/dcds/units/jtf2/default_e.asp
[06:50] <Cryptx> thats our web site
that he claims is his web site reveals the below. Notice that the entry for NS1 which is the Primary Nameserver is relay.srv.gc.ca Can you spot the difference here? Notice their spoofed host is src.gv and the official site is srv.gc can you spot their mistake now? Of course you can, they have the c and the v the wrong way around. This now proves that the hostname they are using on IRC is completely bogus and was generated entirely by themselves to mislead the public. Also their IRC servers mask hostnames as below:
johnb is Web_Page_G@46A8278.D79AE22E.62CFAD6D.IP and you would only see a full hostname of a user if it had been changed using the CHGHOST or SETHOST command.
whois gc.ca
Status: EXIST
Registrar: Internic.ca Corp.
Registrar-no: 29
Registrant-no: 23868
Domaine-no: 23868
Subdomain: gc.ca
Renewal-Date: 2005/04/19
Date-Approved: 2000/10/18
Date-Modified: 2004/05/03
Organization: Government of Canada/Gouvernement du Canada
Description: The Government of Canada consists of federal government
departments, agencies, commissions and boards responsible
for implementing the policy and programs as defined by the
government in power and Parliament. The Government
Telecommunications and Informatics Services organization
(GTIS) is an organization responsible for providing
information technology infrastructure for the Government of
Canada and for supplying competitively priced
telecommunications and informatics services for the federal
government community. Le gouvernement du Canada est compose
de ministeres, organismes, commissions et conseils federaux
qui sont responsables de la mise en oeuvre des politiques
et programmes definis par le gouvernement au pouvoir et le
Parlement. Services gouvernementaux de telecommunications
et d'informatique (SGTI) est un organisme charge d'assurer
une infrastructure de technologie de l'information au
gouvernement du Canada et de dispenser a la collectivite
federale des services de telecommunications et
d'informatique a des prix competitifs.
Admin-Name: Jacqui Cole
Admin-Title: Registrar - GoC
Admin-Postal: Government of Canada
11 Laurier Street
Hull QC K1A 0S5 Canada
Admin-Phone: +1 (819) 956-1746
Admin-Fax: +1 (819) 956-5357
Admin-Mailbox: registry@gc.ca
Tech-Name: Joyce LeBlanc
Tech-Title: DNS Administrator
Tech-Postal: Government Telecommunications and
11 Laurier Street
Hull QC K1A 0S5 Canada
Tech-Phone: +1 (819) 956-4856
Tech-Fax: +1 (819) 956-3427
Tech-Mailbox: registry@gc.ca
NS1-Hostname: relay.srv.gc.ca
NS1-Netaddress: 192.197.83.1
NS2-Hostname: mag2.magmacom.com
NS2-Netaddress: 206.191.0.140
NS3-Hostname: rusty.srv.gc.ca
NS3-Netaddress: 198.103.97.1
NS4-Hostname: ns1.drenet.dnd.ca
NS4-Netaddress:
NS5-Hostname: dns1.magma.ca
NS5-Netaddress:
NS6-Hostname: dns2.magma.ca
NS6-Netaddress:
More intelligent quotes from these impostors:
Below they are discussing taking down, hacking and defacing www.leeclerk.org which is an Official US Government site for the Clerk of the Lee County Court in Florida USA. They also claim to not believe one thing on the site. We wonder if the depths of their stupidity really are bottomless?
[22:40] <Winston_04113E> The site seems so real though
[22:40] <Winston_04113E> They must be talented
[22:40] <Timmy_00015> meh amatuers
[22:40] <Winston_04113E> But I wouldnt beleive not one thing on it
[22:40] <Cryptx> i sould put a new page up on there site saying HACKED BY Cryptx
[22:40] <Cryptx> :)
[22:40] <MsLinda_00008> Laughing Out Loud
[22:40] <Timmy_00015> yeahhhhh do it
[22:40] <Cryptx> be eazy to do
[22:40] <Winston_04113E> lol
[22:40] <Winston_04113E> Do it
[22:41] <Cryptx> give me a sec lets see how secure thay are |
More Impersonations:
[03:11] <Cryptx> naw i have to say one thing since JTF2 has been back we have seen a lot of good things here since last time congrsats guys keep up the good work
[03:11] * Adrian_03789E is only good at math and science not english :P
[03:11] <Jeff_03828> thank you Cryptx
[03:12] <Adrian_03789E> yeah wat he said :)
[03:12] <Jeff_03828> we're making some sort of progress
[03:12] <Cryptx> you guys are doing awsome |
Further false claims. They also constantly claim in chats that they are on the phone with their official bosses and sat working in Government offices while working. We doubt any Government Agency would have representatives in public chat rooms with such nicknames, poor behavior or public relations skills. Let alone talking nonsense, publicly discussing committing crimes against Government owned sites and using appalling childlike spelling. We doubt any official agency of any kind would unleash these imberciles on the public as their representatives. Supposedly they are top secret and undercover operatives but go to much trouble to make their hostnames look like that of the Primary NameServer for GC.CA without even being able to get that right.
[03:23] <Cryptx> man i have like 8000 ppl on irc working for out unit i think i have to manny ppl working
[03:23] <Cryptx> i need to fire them all
[03:23] <Cryptx> haha
[03:23] <SysTem-X> oh i see how it is
[03:24] <Cryptx> lol
[03:24] <Cryptx> no you dont |
Speaking Absolute Nonsense to appear official and tech savvy:
[21:29] <Cryptx> Fender umm that data packet was picked up by Ds3 com did you get the information feed packet line because i can track it can you ?
[21:30] <Fender> i need to poke a hole thru my firewall
[21:31] <Fender> Well, let me boot the Gentoo proxy
[21:31] <Cryptx> k
[21:32] * Fender kisses his GNU powered box
[21:33] <Cryptx> NIce work Fender see thats why you get payed so much you make my job eazy man :)
[21:33] <Cryptx> i have full link now
[21:33] <Cryptx> thx :) |
For those that have recovered from laughing: Apparently he appears to have heard some technical terminology somewhere yet doesn't know what a VXD (Virtual Device Driver) is as he apparently repeatedly refers to it as a VDX throughout all of his IRC conversations.
[22:16] * Timmy_00015 watches Cryptx in action
[22:18] <Cryptx> if it was up to me i would just drop his hosting box or be really nice to him and send him a file saying IM sorry so so sorry and have it embed his hard drive every time he hits a key it just VDX's his system then gos into the dot box of his hdd were all start up access controls are
[22:18] <Cryptx> but hay thats me |
We could go on and list many more laughable quotes from this Ultra Elite Hacker according to Timmy_00015
<Timmy_00015> welcome to the team
btw i checked out that leeclerk.org site earlier
<Timmy_00015> yes
your Cryptx friend doesn't want to be messing with that
Registrant ID:24127160-NSI
Registrant Name:Lee County Clerk of Circuit Co
Registrant Organization:Lee County Clerk of Circuit Co
Registrant Street1:1700 Monroe Street
Registrant City:Fort Myers
Registrant State/Province:FL
Registrant Postal Code:33901
Registrant Country:US
Registrant Email:bbernard@CLERK-OF-COURT.CO.LEE.FL.US
<Timmy_00015> yeah he is ultra elite
hmmmm
i don't think so
else he might have taken the time to see who owned it
<Timmy_00015> he is messing with that site
<Timmy_00015> he knows who it is
<Timmy_00015> he is messing with the ppl who are sending the links
<Timmy_00015> it is andre and his friends
it is a government site
<Timmy_00015> uh huh
<Timmy_00015> again he isnt going after them
<Timmy_00015> cryptx works for the US govt
the US gov sit in irc chat rooms and talk nonsense about hacking?
<Timmy_00015> search JTF2 on google
I'm doubting it
<Timmy_00015> lol
<Timmy_00015> ok
yes i did search JTF2
and jtf2 are canadian military
joint task force 2 |
We have written to the real JTF2 and alerted them to these impostors who are imitating them on IRC. You can also submit a complaint HERE if you feel public spirited enough to do so. We see these nefarious activities as not only grossly misleading and dishonest but also as criminal activity on the part of these individuals.
Mailing Address:
General Inquiries
Department of National Defence
National Defence Headquarters
Major-General George R. Pearkes Building
101 Colonel By Drive
Ottawa, Ontario, Canada
K1A 0K2
Phone: 613-995-2534
Facsimile: 613-995-2610
1 800 467-9877 *
information@forces.gc.ca
Above are further contact details for the Genuine JTF2 Special Operations Forces Unit.
It is of grave concern the Peter Hampton's InterGOV & International Web Police organisations are using the hosting services of Verio to harbor and facilitate law enforcement impersonators to mislead the public. We strongly suggest that anyone who shares the same concerns sends an email of complaint to abuse@verio.com.
We believe that these people as a whole represent a danger to the public and do more harm than they could ever do good. They seem to believe that it is ok to mislead the public and break the law by impersonating the police. We are sure that most decent folk will share the same sentiments and concerns as ourselves.
|
