Zach Edwards

Has anyone ever successfully received data from a personal Yandex data access request? Essentially receiving what data they collect on you as required under a bunch of privacy laws?

appreciate the link!

fwiw it was formerly owned by Elizabeth Wurtzel

It's possible but really no clue - got it at an estate sale from another author

Picture of a light blue book cover with a drawing of Abraham Lincoln and the text “Abraham Lincoln A Play By John Drinkwater”

A book page with a large black box glued to it with a white border in the box - the text says “ExLibris Alden Nash” and there is a strange symbol in the middle which appears to be the personal emblem of this Nash individual. The symbol has a double cross on top of a circle with a N in part of the circle. The circle is split by a horizontal line and part of the vertical line of the cross above.

I’ve got this 100+ year old copy of an old play about Abraham Lincoln’s life which was owned by someone named Alden Nash who had an interesting personal emblem that he screen printed & glued onto the cover page.

The play was shown at the Birmingham Repertory Theatre then the Hammersmith Playhouse.📚

cheers thanks very much!! 🖖

Mind map of SocGholish (Operated by TA56) infection chains. The details are complex but explained in more detail on our blog post.

Our team @silentpush just dropped a definitive look at SocGholish (operated by TA569) and the initial access broker ecosystem they are facilitating. Big thanks to past researchers who have worked on SocGholish! We've got details about our visibility @ www.silentpush.com/blog/socghol... 🖖🏻

Congrats! Very well deserved. 🖖🏻

Our team looks forward to providing updates on the FUNNULL CDN and the owner over the coming weeks and months. This network isn’t done and much stronger efforts need to be taken in the U.S. by a wide range of companies to deal w/ this ongoing persistent threat out of China. 🖖

I’ve got my own personal non-lawyer opinions (seems quite risky to host accounts for the owner of the largest CDN hosting scams targeting Americans), but I gotta assume that this is complex and there is currently a grey area that the U.S. Treasury needs to clarify.

It seems clear that serious enterprise lawyers from major tech companies may not agree on what U.S. Treasury sanctions require them to do when an individual is sanctioned who has accounts on their service.

Our research confirmed Lizhi still has active accounts on services including:
Twitter
GitHub
LinkedIn
Facebook
Google Code / Google Groups
Medium
PayPal
WordPress
HuggingFace
Gravatar / WordPress
Vercel
Deviant Art / Wix
Flickr / SmugMug
About Me / Vendasta
Tawk[.]to

Krebs put it nicely in his piece, “However, as Mr. Lizhi’s case makes clear, just because someone is sanctioned doesn’t necessarily mean big tech companies are going to suspend their online accounts.”

Do U.S. Treasury sanctions really have no teeth to require companies to ban accounts?

In this publishing process, we learned that different enterprise companies currently have different interpretations of what U.S. Treasury Sanctions / SDN processes require.

FUNNULL hosted websites have caused over $200 million in losses to U.S. victims, with an average loss of $150,000 per individual.

And yet the FUNNULL admin, who was also directly sanctioned, still has dozens of accounts on various Western enterprise services. So what gives?

FUNNULL CDN and the admin Liu Lizhi (aka Steve / Steven Lizihi) were both sanctioned by the U.S. Treasury in May 2025 – and in the announcement it was noted that “Funnull is linked to the majority of virtual currency investment scam websites reported to the FBI.”

Big Tech’s Mixed Response to U.S. Treasury Sanctions In May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment scam websites reported to the FBI. But more than a m...

Read @briankrebs.infosec.exchange.ap.brid.gy report @ "Big Tech’s Mixed Response to U.S. Treasury Sanctions" @ krebsonsecurity.com/2025/07/big-...

We found tons of interesting details including some anti-American and anti-Japanese statements on his personal blog.

Brian Krebs was also able to cover the research and helped to engage the enterprise organizations who are still hosting his accounts.

Numerous Western Companies May Still Need to Ban FUNNULL Admin Accounts to Comply with U.S. Treasury Sanctions Numerous western companies may still need to ban FUNNULL Admin accounts to comply with U.S. Treasury Sanctions.

Our SP piece can be viewed @ "Numerous Western Companies May Still Need to Ban FUNNULL Admin Accounts to Comply with U.S. Treasury Sanctions" @ www.silentpush.com/blog/funnull...

If I’ve been quiet you know I’m cooking up some fire research!

Our team at @silentpush.bsky.social is out today with a big report about the admin / owner of the FUNNULL CDN – essentially a dox of all his accounts and activities on the internet for the last 15+ years.

"Funnull had direct exposure to Huione Pay, for which the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) recently issued a finding and notice of proposed rulemaking (NPRM) identifying it as a primary money laundering concern" 👀

More on Funnull in this Silent Push report from January: www.silentpush.com/blog/infrast...

These are also Funnull IPs and domains: bsky.app/profile/camp...

US government sanctions tech company involved in cyber scams | TechCrunch The Treasury said FUNNULL was involved in providing infrastructure for pig butchering crypto scams.

NEW: The U.S. government has announced sanctions against FUNNULL and its administrator.

FUNNULL is accused of providing infrastructure for pig butchering crypto scams, as well as being the company behind the Polyfill supply chain attack, which pushed malware to victims who visited certain websites.

Infrastructure Laundering: Silent Push Exposes Cloudy Behavior Around FUNNULL CDN Renting IPs from Big Tech Infrastructure Laundering is a criminal practice of intermediaries enabling threat actors to hide infrastructure with major cloud providers.

In case you aren't familiar with Infrastructure Laundering, it's the new fad for Chinese threat actors trying to keep their infrastructure online. It's Bulletproof Hosts but through major legit providers, getting online by ~stealing accounts through illicit means. www.silentpush.com/blog/infrast...

"(Funnull) enables virtual currency investment scams by purchasing IP addresses in bulk from major cloud services companies worldwide and selling them to cybercriminals to host scam platforms and other malicious web content.

They are describing "Infrastructure Laundering" here

the man is wearing a suit and tie and clapping his hands . Alt: Leonardo Dicaprio wearing a suit and tie and clapping his hands .

"Funnull is linked to the majority of virtual currency investment scam websites reported to the FBI."

Meme Loafcat GIF Alt: Meme Loafcat GIF saying "Is there any way to do 200 million?"

The FBI partnered with the Treasury on this recent effort, and released details today including:

"Funnull has directly facilitated several of these schemes, resulting in over $200 million in U.S. victim-reported losses."

The last 6 months I've traveled around the world giving presentations on FUNNULL about the scams and money laundering they are facilitating -- and today -- the U.S. Treasury has sanctioned FUNNULL and we got a bunch more facts about the operation now public.

home.treasury.gov/news/press-r...

The location data they will be selling will primarily be powered by Google and Apple’s Mobile Advertising ID schemes - combining that with new data lakes trying to connect scraped social media content to IPs and MAIDs is truly connecting the dots on dystopia.

oh absolutely -- but they would also need to register as a Data Broker imo. And they explicitly do NOT mention any data lakes / graphs as part of this process. That's why I think it's BS marketing rhetoric. They make a magic leap from scraping social to mapping MAIDs by claiming "AI did it"