Do Telegram Nazis Dream of Electric Reichs?

*epilepsy warning* |Hatemail: Newsletter and intel from the LaBac Hacker Collective

Hello! Hello! This week a member of the collective is sharing field notes from their work with Tech Against Fascism, a team of programmers closely monitoring fascist internet communities. 

The Online Trends of Nazi Telegram

Us very-online-folks know a secret truth we hide from normal people: There are so many fucking nazis on the internet.

From Hitler-waifus on 4chan and violent chatroom fascists to the alt-right reply guys of YouTube, it’s hard to go anywhere on the internet these days without kicking a hornet’s nest of palingenetic ultranationalism. At least in the ol’ days before Trumpism, all the fascists stayed in one place (ahem … Stormfront) and war criminals bothered with making (albeit flimsy) excuses instead of being openly proud.

But what do the fascists actually talk about? Do they swap bread recipes using only unfiltered, pure white flour? Debate the relative merits of open violent insurgency versus more PR-friendly methods to start race wars? Make and share unfunny, violently antisemitic and racist memes? (Spoiler alert: It’s mostly the last one).

As part of the efforts of Tech Against Fascism, the team and I have spent the last several months collecting data from fascist hangouts across the web, from Voat to Telegram to YouTube.

Here Are the Trends We’re Noticing (Specifically on Telegram):

  • The most popular Telegram channels are ones that disseminate some sort of propaganda (news stories, racists vignettes, Q-drops, et cetera). 

  • There’s a significant degree of platform and community cross-pollination. Many users have link-trees (a site with links to one’s profiles on other platforms) associated with their profiles. The majority posts on most channels or chats are forwarded from other chats or users across different platforms. There are also channels that act as clearinghouses, dedicated to listing and categorizing other channels.

  • Most major alt-right categories have “intel channels” that act as news feeds where they share what’s happening in the communities they’re active in, what they find to be objectionable, and how they aim to politically organize. 

  • There are a lot of meme channels built around every major alt-right idea. Let’s call it Rule 34.F of the internet: If you can imagine it, Nazis have an unfunny and repugnant meme about it. 

  • Misogyny. Misogyny everywhere. 

  • Most militia groups (with the exception of the Proud Boys) don’t really know how to use platforms effectively. More savvy users, however, are preoccupied with recruitment.

It’s not all doom, gloom, and eugenics, however. I once witnessed a “bold patriot” spam a chatroom with what was apparently their entire archive of furry porn (and creating new accounts every time they got banned). The chat was entirely unusable for a few hours. Not all heroes wear capes, some wear fursuits.

Even with the recent – and commendable, if woefully overdue – spat of deplatforming, the internet Nazis are here to stay. In fact, they've been there since the beginning. Their presence will rise and fall with the popularity of fascist movements themselves. One thing we can do is use the choice of their social media platforms on popular sites like Facebook and on more niche hubs such as AryanFriendFinder[.]com as a barometer for where American and global fascism is at. For now, the fire has been put out but the coals are still hot and there’s plenty of tinder. 

National Security and Tech Infrastructure

  • [The New Yorker] Cybersecurity journalist Nicole Perlroth writes about how governments shop at online ‘zero day markets’ that specialize in the selling of unknown vulnerabilities to parties interested in exploiting them and the geopolitical implications of these purchases on the cyber arms race.

  • [NPR] A backdoor in the software update of a Texas-based network monitoring company, known as Solarwinds, led to a major breach of the U.S. government's networks. U.S. officials believe this breach is tied to an espionage campaign backed by the Russian intelligence service, SVR (Russian: СВР РФ).

  • [MIT Technology Review] The Tech Transparency Project released a report earlier this week that found right-wing content now banned from Facebook (such as “Stop the Steal” and violent, pro-Trump militia content) has continued to grow on the platform under the guise of the ‘Patriot Party.’ The report also noted that much of the content openly violates Facebook’s user policies. 

  • [IFRI] This week the French Institute of International Relations released a case study report on the success of using disengagement methods to deradicalize individuals. The study observed several French reintegration programs that actively use disengagement methods and found promising results. 

Online Harassment, Scams, and Exploits 

  • [Protocol] BlockParty is an interesting new approach that enables users to get more granular trust and safety controls while on Twitter. The app essentially intakes user-defined preferences to restrict unwanted interactions from being seen by the user. We are of the opinion that these great gestures should already be natively part of the Twitter experience.

  • [Verge] Last week Apple released IOS 14.4 and IPadOS 14.4 updates that patched a major vulnerability in their operating system. Apple may have patched the vulnerability as soon as they discovered it, but reporting suggests the company has evidence that someone has already taken advantage of it. 

  • [New York Times] Tech journalist Kashmir Hill reports on a shocking story of online harassment campaigns launched by one woman against dozens of individuals (even whole families) and investigates the devastating impact on the victims’ lives.

  • [ThreatPost] Federal law enforcement charged California resident John DeMarr for his involvement in an elaborate securities fraud scheme that encouraged investors to back a fake cryptocurrency called “Bitcoiin.” DeMarr reportedly went through great lengths to concoct the $11 million dollar scheme and at one point hired actor Steven Seagal to promote the currency. 

On Our Radar...

  • [Verge] A new Google union alliance called Alpha Global was announced last week causing friction among members of the Alphabet Workers Union (AWU) which launched just a few weeks earlier. AWU members say they weren’t consulted by their principal affiliate, the large Communications Workers of America (CWA), in the decision to join up with the alliance. The move has some AWU members calling to disaffiliate with CWA. 

  • [Los Angeles Times] Amazon will now have to pay over $61.7 million following a settlement over claims that the company has been withholding tips from delivery workers and using the money to offset workers’ base pay. The settlement comes nearly two years after the Los Angeles Times first exposed Amazon’s practice of dipping into workers’ tips for operational costs. 

  • [Politico] [Verge] Facebook’s Oversight Board – an independent group that has been charged with reviewing and reversing decisions related to the platform’s banned content – is currently accepting public comments on Facebook’s decision to ban Trump from the site. The board will make the final decision on whether or not Trump will be permitted to return to Facebook and has already overturned several previous content decisions made by Facebook. 

Hate speech website: thetruereporter[.]com

Who hosts: Cloudflare, GoDaddy, Namecheap

Today’s site is thetruereporter[.]com. The site aggregates news and recontextualizes it with a far-right and often conspiratorial spin. In the past week it was one of the top 10 linked to sites in far-right Telegram chats.

True Reporter uses Cloudflare to protect its infrastructure. We have observed that True Reporter’s site has previously resolved to an IP address hosted by GoDaddy and an IP address hosted by NameCheap, at 184.168.221[.]34 and 68.65.120[.]150 respectively.

Historical Progression of Cyber Strategy (Friday, Feb. 12, 1pm ET) - A look at how US defense cyber strategy has evolved over the last ten years and what paradigms might guide future strategy. [Hoover Institute]

Women Unite Over CTF 3.0 (Saturday, Feb. 13, 8am ET) - This is a large Capture the Flag event and one of the biggest of the year! Registration is free. [It Takes a Human

Training Opportunities

WISP x IAPP Privacy Protection Training and Certification Scholarship \ Deadline: Feb. 28 Application: (link), Original Source: (Twitter link) - Women In Security and Privacy (WISP, @wisporg, in collaboration with International Association of Privacy Professionals (IAPP, @PrivacyPros, are teaming up to offer 10 scholarships for IAPP data protection training and certification. This is a great opportunity for folks in adjacent fields like information security to skill up on privacy.

Share hatemail