CICO-SILO14 Moved Beyond Hacking Computers and Phones
1 August 2020
(AGN News) – UPDATE 2: CICO-SILO14 has moved beyond hacking computers and cellphones. CICO-SILO14 has evolved into teams, sections or divisions to carry out special tasks in addition to their regular duties. They have expanded their malign activities. The new “Division” has been dubbed “CICO-SILO7” or “Team 7” by OMS Cyber Security. OMS Cyber Security Team alleges the following is a history of what has happened.
What is “Team 7”?
According to OMS, who first identified CICO-SILO14 on May 6 and May 19 after tracking their malign activities for 6 years, including the July 31st attack at 9:11 pm (MT) and the 7:45 am (MT) or 3:45 pm London Time attack today, August 1st) said the Command and Control Center is divided between their Phoenix and La Jolla “Team 14” location and their Scottsdale and Glendale “Team 7” location. However, their “agents” are also “working at home” using AXXXX products as their preferred hacking platform according to OMS Security Teams.
OMS identified “Team 7” as a group of young, dedicated and newer “employees” or “contractors” under the leadership of a “Manager” who work nights (11 pm to 7 am) and tasked with “Special Missions” given to the team by an experienced IT professional generally working “Night Missions” between 11:00 pm and 4:00 am and from 6:00 am to 7 am when their shift ends, hacking phones and computers for the “Day Shift” to analyze the illegally acquired data.
CICO-SILO14 creates CICO-SILO7 or “Team 7”.
OMS reports “Team 7” is now handling all hacking activities on a 24 hour, 7 days a week basis answerable to only 3 “Managers”, using employees in legitimate businesses on all shifts. In addition to their regular duties, they are tasked with using sophisticated hacker “tools” to hack into phones of target victims during the midnight to 1 am hour.
On a recent “mission” given to “Team 7”, the team used their “Hacking Tools” to hack into the phones of several volunteers supporting startups and the new veterans training programs.
OMS reports stepped up hacking efforts.
OMS noted a massive hacking attack occurred on July 11, 2020 at 4:28 am (MT). On July 3rd at 11:22 pm a hacking attack on a volunteer computer was carried out by “Team 7” using a “spear phishing malware attack”.
On July 19 at 12:10 am “Team 7” hacked a victim’s phone and downloaded the entire contents of the phone. This was a “Special Mission” entrusted to the senior most “Team 14” hacker according to OMS Security with a specific purpose. “Team 7” has been tasked with the responsibility to hack into the email accounts of all known volunteers.
Using hacked phone data.
Using a “phone spear phishing attack” and a “Fake” phone number, (XXX) XXX-XXXX, at 8:18 am on July 20th, a CICO-SILO14’s “Team 7” agent sent a “warning” message to their target to intimidate their target in an effort to acquire credentials. Over the past 3 years, CICO-SILO14 has used this “phone spear phishing attack” tactic as a “We’re watching you” warning.
“Team 7” given added responsibility.
Today, August 1, 2020 CICO-SILO14 has not deviated from their main objective to hack into and destroy web projects. Today, CICO-SILO14, assigned “Team 7” to carry out specific tasks. This group of hackers (Team 7) has reached a record high of 74,068 phishing emails and over 30,024 hacking cyber attacks (as of July 29th) to gain access to “Login Credentials” and destroy websites or gain access to sites created by startups and veterans using sophisticated hacking tools.
Not content with a “spear phishing email attack” on volunteers, “Team 7” began a “spear phishing phone attack” on everyone in the contact list of the compromised phones. For six years this “spear phishing phone attack” has continued without letup using text messages or phone calls.
Some of these new “victims” were family and friends of the volunteers. Some reported, they were told the caller (s) were law enforcement officials investigating crimes, which lowered the victims guard.
CICO-SILO14 has reportedly used the real names of local police officers and detectives to solicit help from unsuspecting contacts found in the cellphones. Knowing people will often Google the name and see that is a real person and lower their guard and supply information on the location of the volunteer web developers helping the startups.
Once they obtain this information, “Team 7” were given “orders” to locate and harass the victims using whatever means at their disposal. Here’s where the physical and cyber stalking begins.
Cyber stalking is their most used tool.
Cyber stalking these victims on their devices using location data appears to be their favorite. Once they locate the IP address of their “target”, they use “popups” to trick the target into clicking the popup. CICO-SILO14 leadership authorized the use of “Out of Memory” popups with the message, “Close programs to prevent information loss”. “Your computer is out of memory. Save your files and close these programs.” This popup comes with two buttons or tabs. One option is “Close Programs”. The second is “Cancel”. Do not click on these tabs. They will install malware on your computer.
Having found their home or business address they forwarded this information to “Team 7” “Street Team” to physically stalk the victim (s) and their family and or friends. On multiple occasions this “Street Team” burglarized (1) a home and stole documents and (2) a car to install tracking devices while other CICO-SILO17 team members watched the victims leave home and followed them. There mission was to alert the “burglary team” of the imminent arrival of the target. Upon arriving home they realized their home had just been burglarized.
At one point CICO-SILO14 ordered a hosting company server administrator to shutdown the server containing some of the programs until the assigned developer emailed the home or business IP address not a “hot spot” IP address being used to access the server. This “blackmail” continue for several days until the IP address was sent. The problem was the volunteer was out of town when the message was received. Within 5 minutes of sending the IP address of the computer to the hosting company server administrator the computer was destroyed with malware using a “critical malware attack” that lasted, without letup, for 10 minutes.
Why the victims did not call the police.
Knowing the involvement of local investors in CICO-SILO14 related companies and/or friends of these cyber criminals were perhaps in law enforcement (current or former) may put them at greater risks. Their worst dream came true.
Not knowing if that was true and these were current or former officers would be monitoring police reports would be a strong deterrent to calling the police especially looking at the less than favorable climate in the country.
One of the volunteers reportedly were run off the road on an interstate highway twice the same day while going to visit friends and family. It is believed that “Team 7” was listening to the phone calls that outlined the route and “agents” were waiting on the side of the road. As they passed, the vehicle tried to run them off the road into a drainage ditch. It was like a message, “We’re watching you”.
Independent “contractors” working for “Team 7” have been observed “stalking” some of the volunteers while away from home taking care family business.
AGN News: “Why would they do all of this?”
OMS Critical Threat Team stated there could be several reasons why they believe these sustained attacks have occurred. One, to prevent these programs from launching in favor of a competitor. With all of the programming involved CICO-SILO14 may want to acquire the programs for themselves or some unknown person or group.
Secondly, it appears greed is the main driver of this entire group of cyber criminals. Hacking computers and cellphones to acquire the data contents could prove to be profitable if used or sold.
Thirdly, it appears to be race (hate crimes) based (OMS uncovered a racial slur used as a “admin” in one account), since some of these volunteers are minority citizens and veterans. CICO-SILO14 may just want to destroy all these websites as their malign actions are still active.
Lastly, CICO-SILO14 agents are being paid by someone to destroy these training platforms. OMS stated, “To put this much effort into harassing innocent victims for nearly 7 years. Destroying websites at-will with the help of on-the-clock professional employees of well-known companies who have invested so much time in education and training.
“It is a monumental violation of trust placed in these companies to have had these personnel to use company resources to aid and abet these criminal behaviors”, said OMS.
OMS: “These individuals or “employees” were violating the trust placed in them by their families during this COVID-19 pandemic has to be profitable for all concerned since no one in their right mind would spend years committing cyber crimes of this magnitude. The fact that they registered dozens of command and control domains (domains cost money) we uncovered reflects monetary motives.”
OMS Critical Threat Team reported that this is an interstate team of on-location hackers working regular jobs during regular hours using company assets, server administrators, domain company supervisors, website security managers and agents, investors and people who have access to law enforcement databases, “professional stalkers”, and cyber criminals.
How OMS discovered these cyber crimes.
OMS confirmed the initial attacks started with placing malware into the “Contact Us” form on websites in late 2014. Sometime later in March 2015 CICO-SILO14 agents contacted their agents in a well-known a domain company. They were instructed to “lock” the domain accounts of the programs until they could acquire the identities of all of the principles of the domain owners of the programs. Having followed these “orders” the domain supervisor place those orders into the domain company system as a requirement to “unlock” the domain accounts.
Next, in 2016 CICO-SILO14 agents working for a well-known domain hosting company “conspired” with agents in a “website security” company to harvest the credentials and setup new “Login Admins”. With these “login credentials” CICO-SILO14 agents were able to login and begin the process of destroying over 60 and then several hundred websites on the servers over and over again (totaled over 600).
Having failed to keep these training applications “offline”, CICO-SILO14 agents began “critical malware attacks” on the entire server system. Using their embedded hosting “server administrators” the servers were locked or taken offline until the “malware” was removed. Volunteers removed the malware and access to the servers were still denied for days by CICO-SILO14 agents. When access was restored, all of the websites were destroyed and/or totally unusable. Every website had to be rebuilt.
Thanks to many good-hearted volunteers who worked tirelessly for weeks to restore most of the websites.
CICO-SILO14 Multi-State Cyber Criminals.
These hackers are running a sophisticated network out of legitimate businesses in La Jolla, San Diego, and Santa Clara County, California, Glendale, Phoenix, Scottsdale, and Tucson, Arizona that has destroyed hundreds of websites, mobile applications, cellphones, and computers. Command and Control centers are being run out of “legitimate businesses” in Phoenix and Scottsdale according to OMS Cyber Team.
OMS Cyber Security group was able to locate this team of hackers even though they tried to hide their true identity and location using VPN. This group has been operating “under the radar” for nearly six years.
CICO-SILO14 Have Weaponized the Internet.
OMS is confident of one main fact: There are many victims of these cyber criminals who weaponize the internet to hack websites, destroy web projects, harass and threaten citizens online, weaponize the telecommunication networks, weaponize the email system, multi-state phone campaign to destroy the reputation of individuals, use of “aggravated stalking” to intimidate victims, burglarize cars and homes, and placing tracking devices on cars parked in driveways.
OMS said, “CICO-SILO14 and CICO-SILO7 represent a clear and present danger to the victims mentally, physically and financially. A volunteer was recently hospitalized near death over the stress at seeing his phone weaponized by these criminals (hundreds of calls and emails for over 5 years at all hours of the day and night). There has to be justice for these victims!”
Justice for victims is coming.
OMS says, “Now having some of CICO-SILO14 activities exposed gives hope to victims that the end of their pain is near”. As award winning writer, Zora Neale Hurston once wrote, “If you are silent about your pain, they’ll kill you and say you enjoyed it.”
CORONAVIRUS ALERT!
For more information on local responses to the novel coronavirus also called … COVID-19, contact your local healthcare provider or visit coronavirus.gov, or cdc.gov for the United States response to the coronavirus.
News you can use! Enjoy the best of news from your community by Alphabet Global News.
ALPHABET GLOBAL NEWS
Reliable. Trusted. Local. News.
On Mobile … Fast!
Written by
AGN.News Team
Disclaimer: This post does not represent the views or viewpoint of the owner of AlpLocal.com, AGN News or its representatives or reporters. Any content which references any person, entity or group with similar names, descriptions, or business interest in any geographical location or similar businesses is merely a coincidence and not directed at said business. AGN News is compiled from submissions by contributors or other sources.