Team Jorge and private secret services

How an Israeli disinformation firm meddled in elections across the world

An investigation led by the International Federation of Journalists (IFJ) has brought a frightening private chaos and disinformation machinery to the surface of the public which can pose a threat to national security and international stability. Up to now so called Foreign Information Manipulation and Intervention, short FIMI had only been attributed to state agencies of countries such as China or Russia. The arsenal comprises disinformation campaigns, forged documents, incrimination of political adversaries, planting misleading material in a number of well-known media outlets 7, dissemination of fake reports or theft of bank documents 4 to conduct digital surveillance, hack-and-leak smear campaigns, influence operations, disinformation and election interference and suppression 10. The toolbox is open to everyone who pays for it including political, personal or business rivals as well as private companies and intelligence agencies, even if it resulted in an immediate danger to life 11.

Their salesman bragged of having conducted 33 presidential-level campaigns across Africa, South and Central America, the US and Europe, 27 of which were successful 1. According to a short TV report of the ORF (Austrian Broadcasting Corporation) in the evening news of 2023-02-15 up to 70% of the praised actions could be verified 6. Tim Cupal, their correspondent in Tel Aviv reported that Omer Benjakob from Haaretz had heard of rumors from disinformation campaigns fromout of Israel, had asked around and was then said via words of mouth he had to ask Jorge (an alias used by Tal Hanan). What followed were nine months of undercover negotiations. The so called Story Killers project was initiated and coordinated by the Paris-based organization Forbidden Stories that is dedicated to following up on the work of other journalists facing threats, prison or murder 2 with regards to the murdered Indian journalist Gauri Lankesh 4. The journalists themselves assumed false identities and secretly filmed the meetings, the undercover investigation being led by TheMarker, Radio France and Haaretz. Later on the content got investigated by the Guardian, Le Monde, Der Spiegel, Die Zeit and PaperTrailMedia.

The so called Team Jorge is part of what formerly was the Psy Group founded by Joel Zamal. After the Mueller investigations the organization was re-founded and initially called Athiri and then began to operate under a new name: Percepto International. According to Haaretz their proprietors are the brothers Tal and Zohar Hanan 4, Royi Burstien is Percepto’s CEO, Lior Chorev the company chairman and Arnon Epstein acts as a senior salesperson 2. The Israeli company Demoman International as founded in 1999 is registered and authorized as an official strategic intelligence company on a website run by the Israeli Ministry of Defense promoting defense exports 11, 1. The team was described to comprise graduates of government agencies and to operate from six offices around the world. In a fact few countries produce more highly trained and war-tested intelligence professionals coming out of the military ever year as a huge talent for hire by private companies 3. Unlike Team Jorge, Percepto is a publicly existing company which does not hide its presence, although its activity does not match the public presentation of the firm 2. There is nothing written on the door outside their office in Modi’in, half an hour from Tel Aviv 8, 10.

As already indicated this disinformation-for-hire industry is open to whomever who can pay for it. One company document reported that the cost for an average service is just about a 350,000$, as little as 175$/hour 3. The Guardian suggests that an eight-week campaign in a Latin American country for the consultancy Cambridge Analytica in 2015 had cost 160,000$ 1. Arnon Epstein is reported to have noted that “intel on the Lady and her team” – a reference to Hillary Clinton including 10 targets associated with her would cost 250,000$ 2 (according to email negotiations with Trump’s team). When the journalists asked for destabilizing Chad “Jorge” responded that for 6.4 million USD delaying elections including an explosion in a market in the capital N’Djamena wouldn’t pose a problem 4.

The company has developed a software called AIMS (Advanced Impact Media Solutions). If you don’t want to upload a spreadsheet with posts written by hired hands you can choose a negative, neutral or positive tone to let it generate tweets and posts that are hard, nay impossible, to spot as machine-generated 4. Accounts on Facebook, Twitter, Instagram, Google, LinkedIn, Youtube, Telegram 11, Whatsapp, Amazon, Airbnb, Discord, Twitch, Reddit, Netflix or gaming sites and even digital wallets are auto-generated for the so-called avatars 10 whereby the journalists had discovered several instances where the photos for the avatars came from real social media accounts of people 1. As of December 2022 AIMS controlled 39,000 avatars. An avatar can be used for more than one campaign.

They also deploy a tool called Profiler basing on OSINT, Open Source Intelligence, that means it uses data which is freely available like on the net, here in the form of online databases, that can find a SIM card’s ID (IMSI ~ international mobile subscriber identity, as opposed to the IMEI ~ international mobile equipment identifier), geolocate it via the international roaming system and intercept communication by exploiting it. A local sheikh gave them an anonymous Twitter account and they could trace it back to the dissident’s identity. The tool would also be able to collect information from less legitimate sources 10.

Loopholes in the international cellular network as well as little social engineering enables the company to find almost any phone in the world, intercept its data and gain access to its apps, according to what the company advertised 10. They generally hack Google mail accounts or also send messages from Telegram accounts in the name of their victims, as the journalists had the possibility to verify. This is called “active intelligence” since they do not only look at what is in the inbox.

In the midst of the entanglements before the last presidential elections in the USA, pro-Trump avatars joined a Facebook page of supporters of Bernie Sanders and then flooded it with links to fake news sites featuring anti-Hillary Clinton articles. “Bernie supporters had left our page in droves, depressed and disgusted by the venom.” the group administrator said 3. A tool called Blogger creates seemingly real websites which are then pushed out by avatars during a campaign 10. To add another example, operatives of the Psy Group had also created a sham think tank before a parliamentary election in a European country, or a whole news company in Burkina Faso 2. They state to have consulted government agencies around the world including Israel, North and South America, Europe, Africa and Southeast Asia 11. The investigative team also uncovered bot involvement in issues like a dispute over nuclear power in California 8. A campaign against California Governor Gavin Newsom or an infamous cyber attack to sabotage a referendum on Catalan independence in 2014 were also listed by Haaretz 10, 4.

In August 2020 the French news website Valeurs Actuelles accused the International Committee of the Red Cross (ICRC) to be a sponsor of Islamist terror 2. The campaign fanned the flames on Burkina Faso and was also covered by the Agence France-Presse news agency as well as other news outlets in France. The ICRC was denoted as “Trojan Horse”. However it was based on undisputable facts as the ICRC was in deed in touch with members of the Islamic Jihad in the Sahel: “Dialogue with armed groups is necessary to provide humanitarian assistance to a population that is living under the control of terrorists.”, ICRC president Peter Maurer was quoted by France’s Le Figaro daily. But what was the intention behind this action of Percepto International/the Psy Group?

Burstien boasted that the leader of the NGO flew over to Burkina Faso and said to their client: “I made a mistake. I’m backing off.”, and from that moment on the ICRC refrained from criticising Roch Marc Christian Kaboré, who was then voted as president of Burkina Faso in 2020 anew. However Kaboré’s image sank in June 2021 when Jihadistic militia committed a massacre in a village in the department of Solhan 138. Kaboré was arrested as part of a coup d’état, but later on released by the temporary military government so that he could return to Israel. The incident with the ICRC was not the only action that was part of the Psy campaign for Kaboré: They created an online news agency called Burkinews that was one of the top five within six months, which operated and handled 15 to 17 real journalists and was told to be super, super influential. It is doubtful they knew the real aims they were serving, although their boss was according to the sources just an avatar.

It was not the only campaign in Africa. In August 2022 they hacked Telegram accounts of five senior members of William Ruto’s team in Kenya. Two of them are now being accused of hacking the election committee in order to ‘steal’ the vote. They hacked the accounts of Itumbi and Chirchir before the eyes of the journalists typing “Hello, how are you dear,” in the name of Davis Chirchir. Other people affected by the campaign were presidential aide Farout Kibet, Ruto’s right hand, whose Gmail account was hacked, and former National Assembly member James Omingo Magara. Four more known targets were the agriculture minister Celso Ismael Correia of Mozambique, an Indonesian businessman, a Tanzanian citizen and the former senior official at the BTA Kazakhstan, Zhaxylyk Zharimbetov. Nonetheless Ruto has become president on 13th September 2022 defeating his rival Raila Odinga after judges of the country’s Supreme Court had their decision.

We have already indicated two times that the email affair against former US-presidential candidate Hillary Clinton was conducted via the Psy Group. Now a Guardian article claims it were the Russians who had achieved this 5. Now what is true? Wouldn’t the Russians have their own secret services to achieve this? In deed the author has seen a TV documentary examining the ties between Trump and the Russians examining that the Russians had saved Donald Trump from bankruptcy so that he could present himself as a successful businessmen. The Hillary affair was also mentioned in the film stating that Donald Trump’s cell phone was located together with Russian counterparts in Russia short before the emailing scandal came out. So now who has bought the Psy Group, if it weren’t the Russians directly? We assume that it was nominatively Trump's team, as anything else would hardly have made sense. The Russians as well as Trump were fine out because Muellers investigation would not like to cite an Israeli firm, especially when the ties to Russia can not be proved sufficiently convincing. The FBI had been investigating the issue, questioning their employees in February 2018 3 and finally Psy Group managed to get out of it by being shut down and refounded later on as Athiri and Percepto International.

Now while the operations of Percepto are prone to ring the alarm bells in democracies around the world they are also targeting and haunting individuals. They delivered a sex toy to the home of a politician to give his wife the false impression that he was having an affair: “Thank you my love. It was a wonderful night. Waiting for you whenever you come back. ” was attached in a note inside the parcel 10, 1.

Percepto’s services are simply sold to the highest bidder smearing rivals or hyping digital currencies. Canadian fashion tycoon Peter Nygård was arrested for alleged sex crimes and “Jorge” relayed how a client paid him to help along in this regard 4, Nygård becoming called the Canadian Jeffry Epstein. Private intelligence can work in favour or against a suspect, Percepto having conducted at least two campaigns on behalf of individuals wanted for extradition like Tomás Zerón, former senior official in Mexico’s Criminal Investigation Agency. Israel refused his extradition as he was accused of torture and evidence tampering 12.

Today’s market of private intelligence dates back to the nineteen-seventies when prosecutor James Kroll was hiring FBI, Treasury Agents and CIA officers to conduct detective work on behalf of corporations with a company named that time Kroll Inc.. In the two-thousands Israeli companies entered the stage including one of the boldest, Black Cube. When the businessman Tchenguiz was arrested in March 2011 by a British anti-fraud unit, Dagan came to him and said “I can find a personal Mossad for you.”. The cooperation was successful and the office later dropped the investigation 3. Then, in 2016 two Black Cube operatives got arrested by Romanian police for illegally hacking and harassing the country’s leading anti-corruption officer. Psy Group profited from their legal troubles while the pair pleaded guilty and received probation. Others like the Archimedes Group were not sufficiently successful. They were operating dozens of faked Facebook accounts for political clients in Africa, Asia and Latin America but failed to use a residential proxy that would have provided a real regional IP address 4. Finally their Israeli IP was spotted and they were banned from the platform 10. Psy Group was much better in hiding their employee’s identities, occasionally also instructing them to go to libraries and Internet cafés where they could use so-called “white” computers that could not be traced back to the firm 3.

Unfortunately the practice of injecting all sorts of false materials on the internet, of spreading lies about individuals, conducting false flag operations with emails to people’s families and friends, to destroy the reputation of their targets and to use social sciences to manipulate online discourse and activism is not just used by private intelligence but by state-run services likewise as a JTRIG (Joint Threat Research Intelligence Group) document of the GCHQ (British agency) (“The Art of Deception: Training for Online Covert Operations.”) quoted by The Intercept reveals 9. Similar documents are used across the NSA and Five Eyes (Great Britain, Australia, USA, Canada and New Zealand).

Tal Hanan from Percepto International explained the reporters what you can do when you send messages with the account and name of a hacked person: “One of the biggest thing is to put sticks between the right people. - I can write him what I think about his wife or what I think about his last speech or you can tell him that I promised him to be my next chief of staff, OK?” 1. This is generally called a false flag operation as you do something shoving the shoes of the targeted person; people won’t know or suspect who it really was.

State services like the GCHQ vested themselves with the power to deliberately ruin people’s reputation or disrupt their online political activity even when these individuals have neither been charged with crimes or nor would have posed a national security threat. Their Human Science Operational Cell can manipulate using leaders, trust, obedience and compliance controlling, infiltrating, manipulating and warping online discourse. Tal Hanan explained things more strikingly: “After you’ve created credibility, what do you do? Then you can manipulate.” 6.

After he had sent the message with the account of Davis Chirchir, Tal Hanan said that now we deleted it to cover our tracks. Nonetheless Heiner Hoffmann, a journalist from the Spiegel succeeded in reaching one of the recipients of the messages asking him to document it. Apparently deletion may not be done or work as expected in any case. Some of Percepto’s hacking methods are also said to exploit vulnerabilities in the global signalling telecoms system S77, but nonetheless they remain limited 1.

To the extent we know from it Percepto does not undertake assassinations, nor can they control apparent offline device with StarLink or a similar system. They don’t sit at the internet backbones like state-run services do to intercept any mail or data traffic you send making it amenable to rerouting, blocking or manipulation of web and similar content. The frightening system of mass surveillance as uncovered by Edward Snowden is only available to state actors and there being attributed to Western states, the US and Five Eyes in particular. Private services are up to now not known for giving your locked home a visit while you are away; they don’t cram into your personal belongings or steal them. Nonetheless services like Percepto can pose a vital threat to individuals, the society or democracy as a whole. Be aware that according to the system of corporocracy as first revealed by John Perkins (see book: confessions of an economic hit man) also state actors can stand behind business interest.

The article about Emmanuel the Emu was just another demonstration of Percepto’s abilities to successfully spread a faked social media storm about the premature death of the beloved bird 8, 4: “He was waiting for me at the gate, very much alive and ready for cuddles.”

Finally Tal Hanan denied “any wrongdoing” in front of the journalists. Zohar Hanan said: “I have been working all my life according to the law!” 10

written by Elws. Starnight: 19th & 20th Feb 2023

written by Elws. Starnight: 19th & 20th Feb 2023