Zach Edwards
@thezedwards.bsky.social
data supply auditor | privacy & ad tech expert | internet threats
Personal @ victorymedium.com
Sr Threat Analyst @ SilentPush.com
Personal @ victorymedium.com
Sr Threat Analyst @ SilentPush.com
Everything about this piece from Reuters about the scam ads on Facebook is wild -- internal Meta estimates noted they were showing these scams 15 billion times per day, scammers are not banned just forced to pay more for ads, teams internally restricted, must read: www.reuters.com/investigatio...
Meta is earning a fortune on a deluge of fraudulent ads, documents show
Meta projected 10% of its 2024 revenue would come from ads for scams and banned goods, and it internally estimates that its platforms show users 15 billion scam ads a day, company documents show.
www.reuters.com
November 6, 2025 at 8:41 PM
Everything about this piece from Reuters about the scam ads on Facebook is wild -- internal Meta estimates noted they were showing these scams 15 billion times per day, scammers are not banned just forced to pay more for ads, teams internally restricted, must read: www.reuters.com/investigatio...
fun to see my mom in this crowd shot from the No Kings rally in Houston featured by the Houston Chronicle @ www.houstonchronicle.com/projects/202...
October 19, 2025 at 4:40 AM
fun to see my mom in this crowd shot from the No Kings rally in Houston featured by the Houston Chronicle @ www.houstonchronicle.com/projects/202...
Has anyone ever successfully received data from a personal Yandex data access request? Essentially receiving what data they collect on you as required under a bunch of privacy laws?
September 19, 2025 at 3:59 AM
Has anyone ever successfully received data from a personal Yandex data access request? Essentially receiving what data they collect on you as required under a bunch of privacy laws?
I’ve got this 100+ year old copy of an old play about Abraham Lincoln’s life which was owned by someone named Alden Nash who had an interesting personal emblem that he screen printed & glued onto the cover page.
The play was shown at the Birmingham Repertory Theatre then the Hammersmith Playhouse.📚
The play was shown at the Birmingham Repertory Theatre then the Hammersmith Playhouse.📚
September 9, 2025 at 2:46 AM
I’ve got this 100+ year old copy of an old play about Abraham Lincoln’s life which was owned by someone named Alden Nash who had an interesting personal emblem that he screen printed & glued onto the cover page.
The play was shown at the Birmingham Repertory Theatre then the Hammersmith Playhouse.📚
The play was shown at the Birmingham Repertory Theatre then the Hammersmith Playhouse.📚
Our team @silentpush just dropped a definitive look at SocGholish (operated by TA569) and the initial access broker ecosystem they are facilitating. Big thanks to past researchers who have worked on SocGholish! We've got details about our visibility @ www.silentpush.com/blog/socghol... 🖖🏻
August 6, 2025 at 7:49 PM
Our team @silentpush just dropped a definitive look at SocGholish (operated by TA569) and the initial access broker ecosystem they are facilitating. Big thanks to past researchers who have worked on SocGholish! We've got details about our visibility @ www.silentpush.com/blog/socghol... 🖖🏻
If I’ve been quiet you know I’m cooking up some fire research!
Our team at @silentpush.bsky.social is out today with a big report about the admin / owner of the FUNNULL CDN – essentially a dox of all his accounts and activities on the internet for the last 15+ years.
Our team at @silentpush.bsky.social is out today with a big report about the admin / owner of the FUNNULL CDN – essentially a dox of all his accounts and activities on the internet for the last 15+ years.
July 3, 2025 at 4:56 PM
If I’ve been quiet you know I’m cooking up some fire research!
Our team at @silentpush.bsky.social is out today with a big report about the admin / owner of the FUNNULL CDN – essentially a dox of all his accounts and activities on the internet for the last 15+ years.
Our team at @silentpush.bsky.social is out today with a big report about the admin / owner of the FUNNULL CDN – essentially a dox of all his accounts and activities on the internet for the last 15+ years.
"Funnull had direct exposure to Huione Pay, for which the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) recently issued a finding and notice of proposed rulemaking (NPRM) identifying it as a primary money laundering concern" 👀
🚨Today, OFAC sanctioned Philippines-based tech firm, Funnull Technology Inc., and its administrator Liu Lizhi for their roles in facilitating crypto investment scams, commonly known as pig butchering. Read our blog to learn more: www.chainalysis.com/blog/ofac-sa...
May 29, 2025 at 7:02 PM
"Funnull had direct exposure to Huione Pay, for which the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) recently issued a finding and notice of proposed rulemaking (NPRM) identifying it as a primary money laundering concern" 👀
Reposted by Zach Edwards
More on Funnull in this Silent Push report from January: www.silentpush.com/blog/infrast...
These are also Funnull IPs and domains: bsky.app/profile/camp...
These are also Funnull IPs and domains: bsky.app/profile/camp...
The FBI has released pages of IOCs related to cyber scam infrastructure that has been active between October 2023 and April 2025
PDF: www.ic3.gov/CSA/2025/250...
PDF: www.ic3.gov/CSA/2025/250...
May 29, 2025 at 5:37 PM
More on Funnull in this Silent Push report from January: www.silentpush.com/blog/infrast...
These are also Funnull IPs and domains: bsky.app/profile/camp...
These are also Funnull IPs and domains: bsky.app/profile/camp...
Reposted by Zach Edwards
NEW: The U.S. government has announced sanctions against FUNNULL and its administrator.
FUNNULL is accused of providing infrastructure for pig butchering crypto scams, as well as being the company behind the Polyfill supply chain attack, which pushed malware to victims who visited certain websites.
FUNNULL is accused of providing infrastructure for pig butchering crypto scams, as well as being the company behind the Polyfill supply chain attack, which pushed malware to victims who visited certain websites.
US government sanctions tech company involved in cyber scams | TechCrunch
The Treasury said FUNNULL was involved in providing infrastructure for pig butchering crypto scams.
techcrunch.com
May 29, 2025 at 4:59 PM
NEW: The U.S. government has announced sanctions against FUNNULL and its administrator.
FUNNULL is accused of providing infrastructure for pig butchering crypto scams, as well as being the company behind the Polyfill supply chain attack, which pushed malware to victims who visited certain websites.
FUNNULL is accused of providing infrastructure for pig butchering crypto scams, as well as being the company behind the Polyfill supply chain attack, which pushed malware to victims who visited certain websites.
The last 6 months I've traveled around the world giving presentations on FUNNULL about the scams and money laundering they are facilitating -- and today -- the U.S. Treasury has sanctioned FUNNULL and we got a bunch more facts about the operation now public.
home.treasury.gov/news/press-r...
home.treasury.gov/news/press-r...
May 29, 2025 at 3:41 PM
The last 6 months I've traveled around the world giving presentations on FUNNULL about the scams and money laundering they are facilitating -- and today -- the U.S. Treasury has sanctioned FUNNULL and we got a bunch more facts about the operation now public.
home.treasury.gov/news/press-r...
home.treasury.gov/news/press-r...
The location data they will be selling will primarily be powered by Google and Apple’s Mobile Advertising ID schemes - combining that with new data lakes trying to connect scraped social media content to IPs and MAIDs is truly connecting the dots on dystopia.
The Trump administration is building a central online marketplace for the Intelligence Community to buy private information about individuals from unregulated data brokers — coming soon to www.icdata.gov
theintercept.com/2025/05/22/i...
theintercept.com/2025/05/22/i...
U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
The government wants to build a centralized platform where spy agencies can more easily buy private info about millions of people.
theintercept.com
May 22, 2025 at 7:54 PM
The location data they will be selling will primarily be powered by Google and Apple’s Mobile Advertising ID schemes - combining that with new data lakes trying to connect scraped social media content to IPs and MAIDs is truly connecting the dots on dystopia.
Adage is out with a new piece today about a data broker product targeting people in Saudi Arabia which doesn't make *any* sense to me.
I provided pushback but my comments wern't include -- the piece is "How Coke used an AI agent to target ads to 828,000 fast-food fans" adage.com/technology/a... 🧵
I provided pushback but my comments wern't include -- the piece is "How Coke used an AI agent to target ads to 828,000 fast-food fans" adage.com/technology/a... 🧵
How Coke used an AI agent to target ads to 828,000 fast-food fans
The campaign tracked users across social media, raising potential privacy concerns.
adage.com
May 21, 2025 at 4:24 PM
Adage is out with a new piece today about a data broker product targeting people in Saudi Arabia which doesn't make *any* sense to me.
I provided pushback but my comments wern't include -- the piece is "How Coke used an AI agent to target ads to 828,000 fast-food fans" adage.com/technology/a... 🧵
I provided pushback but my comments wern't include -- the piece is "How Coke used an AI agent to target ads to 828,000 fast-food fans" adage.com/technology/a... 🧵
21 year-old money launderer for a $265 million crypto theft ring was helping members exchange crypto for cash and mailing $25k in cash through the mail put inside "Squishmallow" stuffed animals www.cnbc.com/amp/2025/05/... 🫧🐰
May 17, 2025 at 5:29 AM
21 year-old money launderer for a $265 million crypto theft ring was helping members exchange crypto for cash and mailing $25k in cash through the mail put inside "Squishmallow" stuffed animals www.cnbc.com/amp/2025/05/... 🫧🐰
Wow what a mess
CrowdStrike discovered that state officials in Rhode Island had been unaware for more than five months that its VPN system, managed by Deloitte, had been hacked. Deloitte didn't know until the hackers asked for a ransom.
Now, it looks like RI will sue Deloitte.
www.bostonglobe.com/2025/05/15/m...
Now, it looks like RI will sue Deloitte.
www.bostonglobe.com/2025/05/15/m...
Cyberattacker accessed R.I.’s benefits system five months before state officials discovered the hack - The Boston Globe
State officials are in the process of notifying thousands of new victims of the data breach, and say they plan to hold Deloitte accountable.
www.bostonglobe.com
May 16, 2025 at 12:59 PM
Wow what a mess
Reposted by Zach Edwards
It's 2015. President Barack Obama has accepted a "sky palace" jumbo jet from the Qatari government, which he'll own after he leaves office. "Everybody relax," he says in an interview with the New York Times. Everyone does. The networks then televise the military parade in his honor on his birthday.
May 11, 2025 at 6:43 PM
It's 2015. President Barack Obama has accepted a "sky palace" jumbo jet from the Qatari government, which he'll own after he leaves office. "Everybody relax," he says in an interview with the New York Times. Everyone does. The networks then televise the military parade in his honor on his birthday.
mouse jail is a weird way to encourage accidental clicks victorymedium.com/mouse-jail/
mouse jail - Victory Medium
It’s a TRAP!It’s a TRAP!
victorymedium.com
May 2, 2025 at 1:49 AM
mouse jail is a weird way to encourage accidental clicks victorymedium.com/mouse-jail/
Reposted by Zach Edwards
Real-time bidding has been called the biggest data breach in history. Companies like Gravy Analytics are mining tons of personal data from RTB and selling to just about anyone. Zach Edwards @thezedwards.bsky.social explains just how bad it is.
podcast.firewallsdontstopdragons.com/2025/04/28/r...
podcast.firewallsdontstopdragons.com/2025/04/28/r...
Riding the Data Gravy Train - Firewalls Don't Stop Dragons Podcast
Data brokers are out of control. While we think of them gathering data in order to target us with ads, they can actually use...
podcast.firewallsdontstopdragons.com
April 28, 2025 at 2:44 PM
Real-time bidding has been called the biggest data breach in history. Companies like Gravy Analytics are mining tons of personal data from RTB and selling to just about anyone. Zach Edwards @thezedwards.bsky.social explains just how bad it is.
podcast.firewallsdontstopdragons.com/2025/04/28/r...
podcast.firewallsdontstopdragons.com/2025/04/28/r...
It was an honor and a pleasure to speak at Bsides SF - totally love that they had an artist draw my presentation ⬇️
April 27, 2025 at 11:58 PM
It was an honor and a pleasure to speak at Bsides SF - totally love that they had an artist draw my presentation ⬇️
Reposted by Zach Edwards
Interesting thread.
North Korea is really moving ahead to the forefront of cyber warfare, possibly moving faster than Russia.
Eyes open, ears up and pay attention to your instincts.
North Korea is really moving ahead to the forefront of cyber warfare, possibly moving faster than Russia.
Eyes open, ears up and pay attention to your instincts.
"Contagious Interview (DPRK) Launches a New Campaign Creating Three Front Companies to Deliver a Trio of Malware: BeaverTail, InvisibleFerret, and OtterCookie" www.silentpush.com/blog/contagi...
Contagious Interview (DPRK) Launches a New Campaign Creating Three Front Companies to Deliver a Trio of Malware: BeaverTail, InvisibleFerret, and OtterCookie
Contagious Interview (DPRK) have launched a new campaign involving three front companies that deliver BeaverTail, InvisibleFerret, and OtterCookie malware.
www.silentpush.com
April 25, 2025 at 2:36 AM
Interesting thread.
North Korea is really moving ahead to the forefront of cyber warfare, possibly moving faster than Russia.
Eyes open, ears up and pay attention to your instincts.
North Korea is really moving ahead to the forefront of cyber warfare, possibly moving faster than Russia.
Eyes open, ears up and pay attention to your instincts.
Reposted by Zach Edwards
NEW: North Korean hackers created and registered at least two companies in the U.S. and used them to target blockchain and cryptocurrency developers with malware. Story with @pearswick.press and Anton Zverev based on research from @silentpush.bsky.social: www.reuters.com/sustainabili...
North Korean cyber spies created U.S. firms to dupe crypto developers
North Korean cyber spies created two businesses in the U.S., in violation of Treasury sanctions, to infect developers working in the cryptocurrency industry with malicious software, according to cybersecurity researchers and documents reviewed by Reuters.
www.reuters.com
April 24, 2025 at 7:46 PM
NEW: North Korean hackers created and registered at least two companies in the U.S. and used them to target blockchain and cryptocurrency developers with malware. Story with @pearswick.press and Anton Zverev based on research from @silentpush.bsky.social: www.reuters.com/sustainabili...
Our team at Silent Push has been hard at work on the largest report we’ve ever made public – and along with Reuters – today we’re explaining how North Korean threat actors associated with the “Contagious Interview” subgroup created 3 front companies...🧵
April 24, 2025 at 7:44 PM
Our team at Silent Push has been hard at work on the largest report we’ve ever made public – and along with Reuters – today we’re explaining how North Korean threat actors associated with the “Contagious Interview” subgroup created 3 front companies...🧵
Google took down tens of millions of accounts for ad fraud -- how many of these have led to law suits by Google? hmmmm
techcrunch.com/2025/04/16/g...
techcrunch.com/2025/04/16/g...
Google used AI to suspend over 39M ad accounts suspected of fraud | TechCrunch
Google on Wednesday said it suspended 39.2 million advertiser accounts on its platform in 2024 — more than triple the number from the previous year
techcrunch.com
April 16, 2025 at 9:46 PM
Google took down tens of millions of accounts for ad fraud -- how many of these have led to law suits by Google? hmmmm
techcrunch.com/2025/04/16/g...
techcrunch.com/2025/04/16/g...
This seems like a casual way to approach internet security in the White House / Executive Buildings…
A Musk lieutenant ventured onto a roof to install Starlink. The Secret Service didn’t know he was there. The incident triggered a confrontation over conflicts of interest & cyber and physical security www.nytimes.com/2025/03/17/u...
Elon Musk’s Starlink Expands Across White House Complex (Gift Article)
Trump administration officials said the company donated the internet service, saying the gift had been vetted by the lawyer overseeing ethics issues in the White House Counsel’s Office.
www.nytimes.com
March 18, 2025 at 2:39 AM
This seems like a casual way to approach internet security in the White House / Executive Buildings…
Did you know some reporters at VOA were unable to use their real names due to fear of attacks against their family abroad? People working at VOA were true patriots and this is a big loss for the U.S..
Statement from the director of the Voice of America (who has been placed on administrative leave).
March 16, 2025 at 12:24 AM
Did you know some reporters at VOA were unable to use their real names due to fear of attacks against their family abroad? People working at VOA were true patriots and this is a big loss for the U.S..
Reposted by Zach Edwards
Two days later, everyone at VOA has reportedly been fired.
REPORTER: What about the president's plan to expel Palestinians out of Gaza?
TRUMP: Nobody is expelling any Palestinians. Who are you with?
REPORTER: I'm with Voice of America, sir.
TRUMP: Oh, no wonder.
TRUMP: Nobody is expelling any Palestinians. Who are you with?
REPORTER: I'm with Voice of America, sir.
TRUMP: Oh, no wonder.
March 15, 2025 at 3:18 PM
Two days later, everyone at VOA has reportedly been fired.