Rilide: A New Malicious Browser Extension for Stealing Cryptocurrencies

TheDinarian

News • Business • Investing & Finance

April 14, 2023

(Dinarian Note: Whenever possible, ALWAYS go directly to the source versus clicking on an email link or google ad. Note: When searching on Google, the first 3 or 4 results are ads, do NOT use those. Also, ALWAYS double-triple check your pasted wallet address when withdrawing funds and ALWAYS use a VPN and Antivirus-Malware program, especially when you own crypto. Having cold storage is great, but when sending-recieving funds you are vunerable. Question everything, even if it seems legit.)

Trustwave SpiderLabs uncovered a new strain of malware that it dubbed Rilide, which targets Chromium-based browsers such as Google Chrome, Microsoft Edge, Brave, and Opera.

Rilide malware is disguised as a legitimate Google Drive extension and enables threat actors to carry out a broad spectrum of malicious activities, including monitoring browsing history, taking screenshots, and injecting malicious scripts to withdraw funds from various cryptocurrency exchanges.

Rilide is not the first malware SpiderLabs has observed using malicious browser extensions. Where this malware differs is it has the effective and rarely used ability to utilize forged dialogs to deceive users into revealing their two-factor authentication (2FA) and then withdraw cryptocurrencies in the background. During our investigation into Rilide’s origins, we uncovered similar browser extensions being advertised for sale. Additionally, we found that part of its source code was recently leaked on an underground forum due to a payment dispute.

Malicious Campaigns Leading to Rilide Stealer Extension

SpiderLabs uncovered two malicious campaigns leading to the installation of the Rilide extension.

Figure 1. Infection Chains Leading to the Execution of the Rilide Extension

Campaign 1: Ekipa RAT Installing Rilide Stealer

One of the Rilide samples identified by Trustwave SpiderLabs was distributed through a malicious Microsoft Publisher file. This file is part of Ekipa RAT, a Remote Access Trojan (RAT), designed for targeted attacks and often sold on underground forums.

We previously described Ekipa RAT in one of our blogs. It is important to note that Microsoft Publisher was not affected by Microsoft's decision to block macros from executing files downloaded from the Internet. As a result, when a user attempted to open a Publisher file, they would receive a warning but could still enable the execution of malicious content by clicking the ‘Enable Macros’ button. On 14 February 2023, Microsoft issued an update that resolved the Publisher security flaw. With the implementation of the ‘Mark of the Web’ feature on the .pub file, users are now left with only one option, ‘Disable Macros,’ which should have been the case all along.

Any association between the threat actors behind Ekipa RAT and those using the Rilide infostealer remains unclear. However, it is probable that Ekipa RAT was tested as a means of distribution for Rilide, before finally switching to Aurora stealer.

Figure 2. Publisher’s macro and Document_Open procedure executing remote Excel Workbook

Three tasks were configured on the C2 server:

Download payload from hxxps://nch-software[.]info/1/2[.]exe to %temp% directory as.txt
Change downloaded file’s extension to .exe
Execute the payload.

File 2.exe is a Rust-based loader, responsible for installing the Rilide extension for Chromium-based browsers.

Campaign 2: Aurora Stealer Abusing Google Ads

Aurora is a Go-based stealer, which was initially spotted being advertised in April 2022 as a Malware-as-a-Service (MaaS) on Russian-speaking underground forums. The malware is designed to target data from multiple web browsers, cryptocurrency wallets, and local systems.

Recently, the threat actors behind Aurora have been observed abusing the Google Ads platform to spread the malware. According to a report published by Cyble, campaigns mimicking legitimate Team Viewer installers have been utilized to deploy Aurora. As reported by @1ZRR4H and @malwrhunterteam, Aurora was also spread via another campaign that imitated an NVIDIA Drivers installer. A downloaded sample was packed with Themida, a well-known commercial protector for executables. We used the UnpacMe service to unpack the sample.

Figure 3. Aurora campaign imitating the NVIDIA Drivers installer as shown in 1ZRR4H’s Twitter post

Restoring Function Names

The Aurora Stealer sample was stripped of debugging symbols, thus making the analysis harder. Since Go binaries are statically linked, which means that all the necessary libraries are included in the compiled binary, the number of potential functions to analyze is large. However, the original function names can be restored from the pclntab structure, as described in the CUJOAI Senior Threat Researcher Dorka Palotay’s post. Using the go_func.py script for Ghidra we were able to restore the functions names.

How an Aurora Module Downloaded Rilide Stealer

One of the eight grabbing modules, configured in the analyzed sample, contained a base64 encoded blob of data storing the URL for the Rilide Rust-based loader. The payload, hosted on Discord CDN, was saved to the %temp% directory with filename <10-alpahnumeric-characters>.exe and executed via start-process PowerShell cmdlet.

Figure 4. Part of Aurora Stealer routine downloading and executing Rilide loader

The Common Link Between Two Campaigns

The Rilide Rust-based loader samples analyzed as part of the Aurora campaign were packed with a VMProtect commercial packer. After unpacking the samples and analyzing strings contained in the binary, we found multiple references to Windows paths in the C:\Users\ilide\ directory. The same username was observed in the PDB Path of the Rilide sample obtained from the Ekipa RAT campaign.

Figure 5. The same username in a path found in Rilide Rust-based loaders samples from both campaigns.

Rilide Stealer Extension Targeting Chromium-Based Browsers

Rilide leverages a Rust loader used to install the extension if a Chromium-based browser is detected. Rilide mimics benign Google Drive Extensions and abuses several built-in chrome functionalities. The loader modifies LNK shortcut files opening targeted browsers, so that they are executed with parameter --load-extension pointing to the dropped malicious Rilide extension.

Figure 6. Rilide Stealer extension mimicking Google Drive and looking at its manifest revealing the configured permissions

Rilide’s background script attaches a listener to the tabs.onActivated and webRequest.onHeadersReceived events and removes the Content Security Policy (CSP) directive for all requests. This allows the extension to perform an XSS attack and load external resources that would otherwise be blocked by the CSP. The app script adds another listener to the DOMContentLoaded event and retrieves a list of targeted domains from the C2. If the current domain matches any of the listed targets, designated scripts are injected into the webpage.

Figure 7. Configuration list indicating targets such as email services and cryptocurrency exchanges.

Additionally, the background script carries out regular checks on the browsing history and exfiltrates URLs that are matched against the targeted domain list. Moreover, it is capable of capturing and exfiltrating screenshots of the currently active tabs on demand.

Figure 8. Rilide Stealer Execution Flow and Functionalities

Automatic Cryptocurrency Withdrawal

Rilide’s crypto exchange scripts support automatic withdrawal function. While the withdrawal request is made in the background, the user is presented with forged device authentication dialog in order to obtain 2FA. Email confirmations are also replaced on the fly if the user enters the mailbox using the same web browser. The withdrawal request email is replaced with a device authorization request tricking the user into providing the authorization code.

Figure 9. Withdrawal Requests replaced with Authorize New Device emails in Gmail mailbox

Figure 10. Content of the original and forged email. The verification code was extracted from the original message body.

We found no substantial variations in the code between the samples dropped by Ekipa RAT and used in the Aurora Stealer campaign. Both campaigns utilized a Rust dropper, and the functionalities of the browser plugins are nearly the same.

Figure 11. Code differences between Rilide Stealer plugin samples, both using the same C2 server

Rilide Stealer Origins

In the course of our research, we have encountered several stealer extensions for sale that advertised capabilities closely resembling those of the Rilide samples. However, we were unable to definitively link any of them to Rilide. One noteworthy finding was a botnet sale advertisement from an underground forum dated March 2022. Although the advertised functionalities matched those of Rilide, the botnet also included additional features such as a reverse proxy and ad clicker. Notably, the botnet's automatic withdrawal function supported the same exchanges observed in the Rilide samples.

Figure 12. Underground forum post advertising sale of botnet with Rilide-like capabilities

On February 27, 2023, a member of the same underground forum posted a link to the source code for the Rilide extension, reportedly due to an unresolved payment dispute. The leaked source closely resembles that used in the Aurora Stealer campaign but did not contain any of the injected scripts observed in the campaign sample.

Figure 13. Underground forum post, dated February 27, 2023, containing a link to part of the Rilide extension source code.

Notably there is one feature implemented that is missing in the later versions - swapping cryptocurrency wallet addresses in the clipboard. The list of addresses to be replaced is hard coded in the source code.

Figure 14. Clipboard hijacking routine in the analyzed sample from the forementioned forum post.

Pivoting on the Command-and-Control domain ashgrrwt[.]click hard coded in the sample, we identified additional Rilide loaders leading us to the GitHub user gulantin.

Figure 15. Github repository storing multiple Rilide loader and extension samples

Repositories created by this user contain loaders for the Rilide extension, but they are not Rust-based. The sample in the repository named ‘77’ is a .NET extension loader only for the Chrome browser, unlike the later Rust-based version that works for all Chromium-based browsers. Other loaders found in repositories 19 and 789 are based on Advanced Installer – a legitimate Windows Installer Packaging Tool for MSI installers.

Figure 16. Extension loading routine of the custom .NET loader from gulantin’s repository 77

The address contained in the domain variable that is supposed to store the C2 domain suggests that this version of a loader was still under development when submitted to GitHub.

Figure 17. Part of JavaScript configuration in the Rilide extension hosted on GitHub

Conclusions:

The Rilide stealer is a prime example of the increasing sophistication of malicious browser extensions and the dangers they pose. Disguised as a legitimate Google Drive extension, Rilide provides threat actors with the ability to carry out a wide range of malicious activities, including monitoring browsing history, capturing screenshots, and injecting malicious scripts to steal funds from cryptocurrency exchanges.

While the upcoming enforcement of manifest v3 may make it more challenging for threat actors to operate, it is unlikely to solve the issue entirely as most of the functionalities leveraged by Rilide will still be available.

Informational overload can dull our ability to interpret facts accurately and make us more vulnerable to phishing attempts. It is important to remain vigilant and skeptical when receiving unsolicited emails or messages, and to never assume that any content on the Internet is safe, even if it appears to be.

Ultimately, it is crucial to stay informed and educated about the latest cybersecurity threats and best practices to minimize the risk of falling victim to phishing attacks.

Indicators of Compromise:

Publisher File:

File name	Hash Type	Hash
Tes7777.pub	SHA256	0e31ff6406b03982581246b7dd60f3b96edcf0bd007b31766954df001fd68f69
	SHA1	e049f56198c23d86e9083142bfe80042e21d4b8e
	MD5	558104b26ccadec3d3eb2925113387a6

Aurora Stealer:

File name	Hash Type	Hash
PackageLauncher.exe	SHA256	e623984143e0dc6e35c79869ab1521c6714e588e8e648606496f8372ca0d8416
	SHA1	b1c100d5a99ae34ccb3654c7b7f8573376a44fd9
	MD5	c28a180de1f80c8c98d0904e64142bef
-	SHA256	ebd72806abd354f3162eec0991d127f993a5dde1a0c719b47087c9ee0edefeaf
	SHA1	abaaa2644b1e84e8b39119988dd711572377c839
	MD5	1baaeedd1a26edf4fa79ded370e3d19a

Rilide Loader:

File name	Hash Type	Hash
2.exe	SHA256	0f11aeecbde1f355d26c9d406dad80cb0ae8536aea31fdddaf915d4afd434f3f
	SHA1	b4b918a5898463dad1c7d823e0b3f828bac15aad
	MD5	0a4f321c903a7fbc59566918c12aca09
waBp.exe	SHA256	8342b134cddeaf34ce05bafa9e860dacf6cd01b85fd00147d90a350516c055e5
	SHA1	25f3fb6d2dab206a5e9b2c0ef26ec6d6a56c5767
	MD5	561797d7e5cf956e33735180d93be5b6

Rilide Extension:

File name	Hash Type	Hash
background.js	SHA256	4cc83be0fa496855d244050616ee2e86b044a9bc87bc5ca70b305986c1ba3bb8
	SHA1	70167e7e5d71fba7d92796324b488c0fb9727712
	MD5	766d020e902b6470d0510e5c6cfcd6e8
background.js	SHA256	55251c725e9f6f51b8db7a631b54dd85b1b59d644c3219e03ceffb0c49cd00a4
	SHA1	a39d252e7927ae1adf518e6a3dd08f37e7ee7c26
	MD5	d9cca3dd5bdaeb0466d52821b584602b
background.js	SHA256	1b01c3e554700e1282c7fdd2dcb54314516ee1f0c5eef3560cdbabc1ba776293
	SHA1	ffebf78a9692293a23f9a477ea8a79f7f6ef5aa2
	MD5	9e5f43b2dc1606e27fa0cfdfb4e363d2
app.js	SHA256	a28c623d120a76dcfeef9504eaeefabac9d33f292576ccf012fa458b8d7bc6ef
	SHA1	a46586bfe22f4d84cd9174238740af275bf50c69
	MD5	740606987f4d588c89d0a5b68648e31e
app.js	SHA256	8989f4244667626728c6c0083422ff714cb622c92c35a53f9cb1e9891f4528ff
	SHA1	5012e783b2ee29cb40b04a10d1a40d0bfda683d9
	MD5	1c54dd00bc7cc52b60ad4a46e2fb3a77
vpn.js	SHA256	170a13a7a8757336babe857804fa24b6cb20aaa9593b32546d7151f23095a510
	SHA1	eafdc35b233600ef552b87e684faa3ab3396eae9
	MD5	d54fa225b07298ec34be872cd4ebf4ae
manifest.json	SHA256	bb57a504e0b821552344cecb3da9ecdd0d61817264617a4917d6f5e64a1df7e5
	SHA1	0cb1d9c2a3c8b776ef1e3ec1316fbf595ced7863
	MD5	baee9ba0b94ea1e2b2e566fc8a615554
manifest.json	SHA256	d70e933e10e667ae7ef6e68a625c447be8aabe9b29affdad999c969bd8769003
	SHA1	84db08e3dcbe40c7cbc998a77788f7303d4a2905
	MD5	99dc4073f2fe91f48fd16bc65e7dcbc2
binance.js	SHA256	c8939f8d6237fcc17d486981a800b1e7e9974377de21d7e76677babe8ed536af
	SHA1	f689396c73055e99a06e002c39e3a74d3d402607
	MD5	2cc204564b68c5a98b1ff68d861b66c5
bitget.js	SHA256	2e310391d77022bcc708c354140319718777ca35efdfb76d6c80cb9de8c8091e
	SHA1	05536aa80f8280ddc31be5c0ac3ca995f2190a0a
	MD5	646b9404a29febe9f3741797b79e300c
blockchain.js	SHA256	4bbb0584eed0c082b5c43d3f259f37cf1a0b64eabb485e85090951a6566d98d4
	SHA1	28ae2440c56350f65b607e4e99b67a2632db873b
	MD5	253f4319673673d2bf5285558a6903df
bybit.js	SHA256	9dca66f52f31dca921fb238bd36bfc1b1a59d3e4af7b071da9bc4c6bf294e402
	SHA1	61acdad59223a9eb0b392ccd085db1e49700d65
	MD5	50e363409ba77b20fb6f0bce4eff7b1
coinbase.js	SHA256	4df0f18a7e05518bbe93758e751f1f462fef212cdc786c7217d50ddbda14efb5
	SHA1	39f546a4ec94e63e603e3c2481fecab2b5e8a475
	MD5	c1f40584e4ac391d97218ce137a63fb3
ftx.js	SHA256	ef20c929f5204b223b6e53dc406ea0bcd76d9e98c9ae4942037902883d4bb22a
	SHA1	0ead1d32ce6b15c4a90373fce58d1554035cd40f
	MD5	ebce63fdc8ef245f117f06ada3ba0f6d
huobi.js	SHA256	e1ad66cc0244fc075e0aabe0fd19502d4c9617829b90aa210e74be1d915275d2
	SHA1	2449e4b27d778f6a4ffc00bb7b73926ac2c54e8a
	MD5	4abe60d2c3506f4767e163d135f89f92
kraken.js	SHA256	a7f0fdfdfdf1ef65799fd2114bf5c1e133a8b7635b498b334553fbb64b218a05
	SHA1	ec6de82efa93e59da148f4d696efcfca851e051e
	MD5	b85c5659e946b5d7ad78410356288928
okx.js	SHA256	68278b40b59b1b0db2f814d2d864f0b9c2b4285f5795d22cabf60715f922989c
	SHA1	415d790b54ca8e374f37fdbb00090110b823ba18
	MD5	ff4e2df1a46d49862ab2a0af830a007e
gmail.js	SHA256	2f947644c7752ba014eae7971b247be60249a6088923c66ffe9886a7f5c5fe1c
	SHA1	add0d61399c8c47f8ac73dc83cc83dfa31cddeca
	MD5	c0e120778853f0a4865e006a07cd728a

Phishing Websites:

Malware	Domain
Aurora	nvidia-graphics[.]top

C2 Servers:

Malware	Domain
Ekipa RAT	nch-software[.]info
Aurora	45[.]15[.]156[.]210
Rilide	vceilinichego[.]ru
Rilide	ashgrrwt[.]click

Wallet Addresses:

Cryptocurrency	Address
BTC	bc1qkczacyp5jq29s5kaphth4asu8cv2y4u4gdgj7q
BTC	bc1qsjg8dqx6ga30h6szjd8dv2wg50ch50qrey4t7j
BTC	1KqequymujeNJuyB4gH7oJSFTB3En3Hf5n
ETH	0xDBc1330056E2F5e2FB11FB3C96dE2c44B313eA8d
LTC	LRYpzmnqBVozkbzJhTWndzYDPfjmNPyaLv
XRP	rUPTadzFN6LS662Z2d2AvNyqU1xwg2japJ
TRON	THiD8hFLiEyULVKLp3DSbBXQSbR3MQxm4X
DOGE	D5asYfjtbTtFmFkrEwqVgbJKYv9YT7Tgjh

Link

Join the TheDinarian Community

To read more articles like this, sign up and join my community today

What else you may like…

Videos

Podcasts

Posts

Articles

Dinarian888@thedinarian

February 08, 2026

🌐A radical idea was voiced on the sidelines of the WEF🌐

It's time to strictly account for the very basis of our existence. 🤔

This video touches on one of the most controversial shifts in the 2026 economic landscape: Natural Capital Accounting. The speaker, Lindsay Hooper (CEO of the Cambridge Institute for Sustainability Leadership), is a prominent voice in the movement to "rewrite the rules of the global economy" by assigning a financial value to the "services" nature provides.

The Breakdown: Putting Nature on the Balance Sheet

The Context (2026 Reality)Classifying air/water as assets. This is known as Natural Capital. The argument is that because these resources are currently "free" ($0 on a balance sheet), corporations have no financial incentive to protect them. By making them "assets," companies can be fined or taxed for depleting them.

A Global Balance Sheet: This refers to frameworks like the TNFD (Taskforce on Nature-related Financial Disclosures), which reached full institutional adoption in 2025. It requires banks and firms to ...

00:03:02

Dinarian888@thedinarian

February 08, 2026

🚨Ripple Customer Profile: Bitso 🚨

The problem → Slow, expensive cross-border payments
👉The solution → Ripple Payments powered by $RLUSD & $XRP

Bitso is transforming LATAM settlement with Ripple’s regulated stablecoin:

➡️ Near-instant U.S.–LATAM flows
➡️ Regulated, USD-denominated liquidity
➡️ No more costly pre-funding

Real-world utility. Institutional scale.

00:02:38

Dinarian888@thedinarian

February 07, 2026

🚨🇺🇸 BREAKING: SEC Chair announces LIVE on CNBC that the Crypto Market Structure Bill is on the verge of passing.

“The House has adopted it. It has passed. We’re looking forward to getting it across the finish line.”

Regulatory clarity is coming.

Trillions in capital ready to flow into $BTC $ETH $XRP 🚀

00:00:34

Dinarian888@thedinarian

October 31, 2024

👉 Coinbase just launched an AI agent for Crypto Trading

Custom AI assistants that print money in your sleep? 🔜

The future of Crypto x AI is about to go crazy.

👉 Here’s what you need to know:

💠 'Based Agent' enables creation of custom AI agents
💠 Users set up personalized agents in < 3 minutes
💠 Equipped w/ crypto wallet and on-chain functions
💠 Capable of completing trades, swaps, and staking
💠 Integrates with Coinbase’s SDK, OpenAI, & Replit

👉 What this means for the future of Crypto:

1. Open Access: Democratized access to advanced trading
2. Automated Txns: Complex trades + streamlined on-chain activity
3. AI Dominance: Est ~80% of crypto 👉txns done by AI agents by 2025

🚨 I personally wouldn't bet against Brian Armstrong and Jesse Pollak.

Dinarian888@thedinarian

2 hours ago

Meet The Navy Scientist With UFO Technology Patents

Today's American Alchemist is Navy physicist Salvatore Pais. Enjoy!

Navy scientist Salvatore Pais reveals his patents on UFO-like tech and an exotic spacetime-warping “superforce”. Are we on the brink of harnessing breakthrough propulsion once deemed science fiction? Key points below:

1. Inertial Mass Reduction: Pais describes a “P-effect” using high-frequency fields to decrease an object’s mass.
2. High-Frequency Gravity Waves: Pais links these waves to next-generation propulsion and cautions about their weaponization.
3. Room-Temperature Superconductivity: Pais sees a path to ambient superconductors, a game-changer for energy, transport and civil infrastructure.
4. Reverse-Engineering vs. Human Ingenuity: Pais suggests some UFO-like tech may be human-made dating back to Heaviside’s electromagnetic models in the 1890’s (rather than solely extraterrestrial).
5. Call for Global Unity: Pais envisions a united earth in light of very real non-human presence.
6. Physics at the ...

Dinarian888@thedinarian

9 hours ago

StorX Network - The first decentralized storage (DePIN) built on @XDCNetwork has Flipped StorJ - a leading decentralized storage platform in web3. @StorXNetwork has entered into the TOP 10 Storage projects in @CoinMarketCap

The DePIN sector is expected to perform better this year than it did last year, when it raised nearly $1 billion in capital across a total of 91 rounds, fewer than the number it took to raise the almost $700 million it achieved in 2024.

https://x.com/i/status/2020157085267456378

X.COM

XDC Network News (@XDCNetwork_News) on X

StorX Network - The first decentralized storage (DePIN) built on @XDCNetwork has Flipped StorJ - a leading decentralized storage platform in web3. @StorXNetwork has entered into the TOP 10 Storage

Dinarian888@thedinarian

9 hours ago

🌙 SpaceX Changes Focus To The Moon

For those unaware, SpaceX has already shifted focus to building a self-growing city on the Moon, as we can potentially achieve that in less than 10 years, whereas Mars would take 20+ years.

The mission of SpaceX remains the same: extend consciousness and life as we know it to the stars.

It is only possible to travel to Mars when the planets align every 26 months (six month trip time), whereas we can launch to the Moon every 10 days (2 day trip time). This means we can iterate much faster to complete a Moon city than a Mars city.

That said, SpaceX will also strive to build a Mars city and begin doing so in about 5 to 7 years, but the overriding priority is securing the future of civilization and the Moon is faster.

>>>>>>>>>>>>>>

Dinarian 📝: I wonder when THEY are going to tell him a out the Moon bases that already exist on the far side and the zero point energy the military craft are using to get there and back. Oh and what about the stargates that exist around the planet and on the ...

Dinarian888@thedinarian

February 08, 2026

🧬VINDICATED! The Epstein Files Connect Gates, Pandemics & Censorship to a Globalist Blueprint for a Biosecurity State🧬

Every warning. Every documentary. Every article. Every post that got us banned. All of it was true. Now what? What can we do? Read on, share this Substack, help us save lives! The Light is shining! ✨

Well, well, well… look what the cat dragged in.

Actually, scratch that. Look what the Department of Justice finally dragged out of Jeffrey Epstein’s email inbox and dumped on the world’s doorstep like a rotting corpse nobody wanted to claim. Yep, that’s right. The Epstein files. It’s hilarious how the “Democratic hoax” and “fantasy” client list we were all told didn’t exist suddenly became a very real, very unsealed document.

For years—years—they called us conspiracy theorists. They slapped “misinformation” labels on our posts faster than Pfizer could print liability waivers. They kicked us off platforms, lied about us in the media, and shadow-banned our reach. Meanwhile, the real conspiracy—the one typed out in black-and-white emails between billionaires, bankers, and a convicted pedophile—was sitting in a government vault, waiting to prove us right.

And now? Now the receipts are public.

The release of Jeffrey Epstein’s files has done far more than expose a network of elite pedophilia and blackmail—it has vindicated truth-tellers like us and countless others who were smeared, censored, de-platformed, and persecuted for warning about the sinister agendas of the globalist elite. The documents reveal shocking connections between Epstein, Bill Gates, pandemic planning, and the systematic suppression of anyone who dared to connect the dots.

We weren’t crazy. We were just early. And they hated us for it.

Epstein, Gates, and the Pandemic “Business Model” They Built Together

One of the most damning revelations from Epstein’s files is his partnership with Bill Gates. Forget the carefully crafted PR spin about “regretting” those meetings. These weren’t casual dinners. These were planning sessions.

Back in 2015, Gates and Epstein exchanged emails about “preparing for pandemics” and strategies to “involve the WHO.” Gates wrote: “I hope we can pull this off.”

How’s that for a chill down your spine?

This eerily foreshadowed the 2019 Event 201 simulation—a pandemic exercise hosted by the Gates Foundation, Johns Hopkins, and the World Economic Forum that just happened to model a global coronavirus outbreak… just months before COVID-19 ”mysteriously” emerged in Wuhan. Funny how that works, isn’t it?

But let’s rewind even further, to the real blueprint—the financial architecture that made the pandemic response not just possible, but profitable.

The story crystallizes in a chilling 2011 email exchange. Juliet Pullis, a JPMorgan executive under then-chairman Jes Staley, emailed Jeffrey Epstein with a list of detailed questions. The source? “The JPM team that is putting together some ideas for Gates.”

The questions were precise: What are the objectives? Is anonymity key? Who directs the investments and grants? This wasn’t JPMorgan consulting an expert; it was a trillion-dollar bank asking a convicted felon to architect a billion-dollar philanthropic fund for Bill Gates.

This wasn’t JPMorgan consulting a philanthropic expert. This was a trillion-dollar bank asking a convicted felon to architect a billion-dollar philanthropic fund for one of the richest men on Earth. Let that marinate for a moment.

Epstein’s reply was fluent and commanding. He described a donor-advised fund with a “stellar board” and ties to the Gates-Buffett “Giving Pledge.” He noted the billions already pledged and identified the gap: “They all have a tax advisor, but have no real clue on how to give it away.” His solution? “JPM would be an integral part. Not advisor… operator, compliance.“ Staley’s response: “We need to talk.”

By July 2011, the plan evolved. In an email to Staley, copying Boris Nikolic (Gates’ chief science advisor), Epstein laid out the core pitch: “A silo based proposal that will get Bill more money for vaccines.”

Not “more research for pandemics.” Not “better public health infrastructure.” “More money for vaccines.” This is the unambiguous language of capital formation, not charity. It reveals the structure’s intended output planning reached the highest levels.

In August 2011, Mary Erdoes, CEO of JPMorgan’s $2+ trillion Asset & Wealth Management division, emailed Epstein (while on vacation) with additional operational questions.

Epstein’s reply was breathtaking in scope:

Scale: “Billions of dollars” in two years, “tens of billions by year 4.”
Structure: Donors choose from “silos” like mutual funds.
The Kicker: “However, we should be ready with an offshore arm — especially for vaccines.”

An offshore arm. For vaccines. For a charitable vehicle. Let that sink in.

So, by the time the world was panicking in March 2020, the financial machinery was already built. The investment vehicles, the donor-advised funds, the reinsurance products at places like Swiss Re, and even the simulation playbooks were dusted off and ready to go.

The pandemic wasn’t an interruption to their business—it was the Grand Opening.

Epstein’s role extended far beyond trafficking; he was a facilitator and blackmail operative for the global elite. The same forces that orchestrated the COVID-19 power grab—the mask mandates, lockdowns, censorship, and coercive mRNA push—are the ones who silenced critics like us.

Gates, despite his documented ties to Epstein (multiple flights on the “Lolita Express” after Epstein’s 2008 conviction), walks freely. He’s on TV. He’s advising governments. He’s still funding “global health initiatives” and pushing digital IDs, vaccine passports, and climate lockdowns.

Meanwhile, people like our friend, Joby Weeks, are under house arrest without charges, and voices like ours were de-platformed, demonetized, and destroyed for saying this very thing.

We told you. You knew it in your gut. Now you have the emails.

Censorship: The Elite’s “Misinformation” Label to Cover Their Crimes

The Epstein files expose not just criminal behavior, but the playbook for the systematic suppression of truth. While Epstein’s powerful friends were being protected by the FBI, the DOJ, and the media, platforms like Facebook (Meta), YouTube (Google), and Twitter went to war against anyone talking about it.

Think about the sheer audacity.

We were banned from social media for calling COVID-19 a “fake pandemic” and exposing the vaccine injury data that’s now undeniable.

Below is a screenshot of the first Facebook post that was taken down and then used as “Exhibit A” in their “reports” about how bad we were, naming us the 3rd most dangerous people on earth after Dr Joseph Mercola and Bobby Kennedy in the digital hit list they called the “Disinformation Dozen.” They attacked us, lied about us, and pressured the media, social media, and population at large to do the same: attack, threaten, and cast us out.

We were labeled “dangerous” for sharing emails, documents, and research that the DOJ and the CDC have now confirmed.

It was never about “safety.” It was about narrative control.

The same institutions that turned a blind eye to Epstein’s crimes for decades—the same ones that let him “commit suicide” in a maximum-security prison with cameras conveniently malfunctioning—suddenly became the ruthless hall monitors of “acceptable discourse,” ensuring only their approved stories could be told.

Big Tech, Big Media, and Big Government are all part of the same protection racket. They shielded Epstein’s client list, and now they shield the architects of the pandemic debacle. Independent journalists, researchers, and health advocates like us, who connected these dots, were systematically de-platformed, demonetized, and destroyed.

Why? Because we were right, and that was the greatest threat of all.

When you’re over the target, that’s when the flak gets heaviest. And brothers and sisters, we were getting shelled.

They Lied About Us While Protecting the Real Criminals

Let’s be crystal clear about what happened here.

We have spent decades exposing the cancer industry, Big Pharma’s corruption, and the suppression of natural health solutions. We produced The Truth About Cancer docu-series, reaching millions worldwide. We warned about vaccine injuries, censorship, and the coming medical tyranny years before COVID-19.

And what did they do? They called us “Conspiracy Theorists,” “Anti-Vaxxers,” and “Killers.” Dangerous.

They said we were killing people with “misinformation.”

Facebook banned us. YouTube deleted our videos. Legacy media ran hit pieces. PayPal froze our accounts.

All while Bill Gates—a man with documented ties to Jeffrey Epstein, who flew on his plane multiple times after Epstein’s conviction, who got STDs from Russian girls Epstein provided for him for which Gates asked Epstein’s help getting him antibiotics to slip secretly to his then wife, Melinda, so that she would not know about his inexcusable and perverted escapades—yes, THAT Bill Gates—was at the same time, being platformed on every major news network as the world’s health oracle.

All while Anthony Fauci—who funded gain-of-function research in Wuhan through Peter Daszak and EcoHealth Alliance, who lied under oath to Congress, who flip-flopped on masks, lockdowns, and vaccines—was treated like a saint. Time Magazine’s “Guardian of the Year.”

All while Pfizer—a company with a $2.3 billion criminal fine for fraudulent marketing, bribery, and kickbacks—was given blanket immunity from liability and billions in taxpayer dollars to produce a vaccine in record time with no long-term safety data.

Were we the dangerous ones?

No.

We were the truthful ones. And that made us the enemy.

The Weaponized Institutions: From Epstein’s Blackmail to Your Digital ID

Epstein’s operation was never just about blackmail for perversion; it was blackmail for control. The files show his cozy ties to intelligence agencies (Mossad, CIA), financial giants like JPMorgan and Deutsche Bank, and political leaders across the globe.

This is the same cabal now pushing:

The Great Reset
Digital IDs
Central Bank Digital Currencies (CBDCs)
15-minute cities
Carbon credit social scoring
Vaccine passports

Let’s connect the dots they desperately don’t want you to see:

Financial Control:

JPMorgan banked Epstein for years despite clear red flags—over $1 billion in suspicious transactions flagged internally and ignored. They knew. They didn’t care. They paid a $290 million fine and moved on.

Now, banks like Bank of America, Chase, and PayPal de-bank conservatives, truckers, health freedom advocates, and anyone who questions the narrative. Canadian truckers. Gun shops. Crypto entrepreneurs. The goal is the same: punish dissent and control economic life.

CBDCs are the endgame—a digital leash on every citizen. Programmable money that can be turned off, restricted, or expired. Social credit by another name.

Medical Tyranny:

The FDA, CDC, and WHO—utterly captured by Big Pharma—lied about:

COVID origins (Wuhan lab leak dismissed as conspiracy theory)
Vaccine efficacy (”95% effective” turned into “you need boosters forever”)
Natural immunity (ignored despite being superior)
Early treatments (ivermectin, hydroxychloroquine, vitamin D censored and mocked)

They attacked natural health advocates just as they’ve done for decades with cancer cures, detox protocols, and anything that threatens Big Pharma profits. They are not health agencies; they are profit-enforcement arms dressed in lab coats.

Political Corruption:

Epstein’s blackmail ensured elite immunity. His client list includes presidents, princes, CEOs, scientists, and media moguls.

Meanwhile, true dissidents—Julian Assange (tortured in prison for journalism), Edward Snowden (exiled for exposing mass surveillance), and journalists like us—face persecution, imprisonment, debanking, slanderous hit pieces, and/or constant character assassination.

Two systems of justice: one for them, one for you. One for Epstein’s friends, one for truth-tellers.

The Way Forward: They’re Exposed. Now It’s Time to Build.

The Epstein files are more than proof; they are a declaration that the system is rotten to its core. But here’s the beautiful part: they vindicate us completely.

Every warning. Every documentary. Every article. Every post that got us banned. All of it was true.

The globalists’ grip is weakening. The truth—the real, ugly, documented truth—is erupting from the very files they tried to hide. They labeled us liars, but the emails show they were the architects. They silenced us, they censored us, but that only made our voices more necessary.

Epstein did not kill himself. COVID-19 was not natural. The vaccines were not safe or effective. The censorship was not about protecting you—it was about protecting them.

And now? Now it’s time to use this vindication as fuel. Not for revenge, but for revolution. A revolution of truth, health, freedom, and justice.

They tried to bury us. They didn’t know we were seeds.

The Epstein files are a smoking gun. A paper trail. A confession written in emails, financial structures, and offshore accounts.

They prove what we’ve been saying all along:

The system is rigged.
The elites are criminals.
The pandemic was planned.
The censorship was coordinated.

And we were right. 👍

Source

🙏 Donations Accepted, Thank You For Your Support 🙏

If you find value in my content, consider showing your support via:

💳 Stripe:
1) or visit http://thedinarian.locals.com/donate

💳 PayPal:
2) Simply scan the QR code below 📲 or Click Here:

🔗 Crypto Donations Graciously Accepted👇
XRP: r9pid4yrQgs6XSFWhMZ8NkxW3gkydWNyQX
XLM: GDMJF2OCHN3NNNX4T4F6POPBTXK23GTNSNQWUMIVKESTHMQM7XDYAIZT
XDC: xdcc2C02203C4f91375889d7AfADB09E207Edf809A6

Read full Article

Dinarian888@thedinarian

February 08, 2026

💳Citi’s Strategy to Dominate Institutional Payments💳

Citi's Institutional Payments Strategy

Citi’s Strategy to Dominate Institutional Payments is built on a foundation of technological innovation, strategic simplification, and a laser focus on institutional clients. The bank has transitioned from a fragmented global retail bank to a streamlined provider of high-margin institutional services, with its Treasury and Trade Solutions (TTS) and Securities Services segments now considered its "crown jewel." This shift, led by CEO Jane Fraser, involved exiting 14 international consumer markets and slashing decades of "tech debt" through a multi-billion-dollar partnership with **Google Cloud**, creating a modern, unified data and cloud infrastructure.

At the core of Citi’s dominance in institutional payments is Citi Token Services, a blockchain-powered platform launched in September 2023. This service converts client deposits into digital tokens, enabling 24/7, real-time cross-border payments, automated trade finance, and just-in-time liquidity management. By using private blockchain technology managed entirely by Citi, clients avoid the need to host their own nodes. The solution has been successfully piloted with Maersk and a canal authority, demonstrating how smart contracts can reduce transaction times from days to minutes—mirroring the functions of traditional bank guarantees and letters of credit.

Citi is further strengthening its position through strategic partnerships, such as its collaboration with Coinbase to expand digital asset payment solutions for institutional clients, enabling seamless fiat-to-crypto transitions. The bank is also leveraging generative AI to automate regulatory compliance, improve cash forecasting by 50%, and reduce operational case times by 90%, directly enhancing the efficiency and reliability of its payment services.

With a global network spanning 95 countries and a focus on real-time, transparent, and programmable financial services, Citi is redefining the institutional payments landscape. Its strategy—centered on infrastructure modernization, digital asset innovation, and client-centric automation—positions it to capture market share from both traditional banks and fintechs, particularly as cross-border instant payments become the norm by 2028.

As blockchain infrastructure inches closer to the core of global finance, a consequential debate is taking shape inside banks and among institutional investors.

What form of digital money will ultimately dominate on-chain settlement?

Stablecoins have so far captured the spotlight, buoyed by rapid adoption and growing regulatory attention. But a different shift is underway inside the banking sector, where executives are increasingly confident that tokenized bank deposits, and not privately issued stablecoins, could become the preferred on-chain dollar for institutional and wholesale use.

“We don’t start with the asset,” Biswarup Chatterjee, global head of partnerships and innovation, Citi Services at Citi, told PYMNTS. “We typically start with our client need, and then we look at the pros and cons of each type of asset or financing instrument.”

For institutional money, innovation can often begin with constraint.

“When you’re dealing with money as a financial institution, you’re acting in a fiduciary capacity,” Chatterjee said, framing why safety and soundness dominate early conversations with clients.

From that perspective, the critical questions around new digital instruments are regulatory and operational before they are technological. Are these assets well-regulated? Do they operate within clearly defined legal frameworks? Can they be governed with the same rigor as traditional deposits or securities?

For institutions that manage systemic liquidity, and their clients, those questions are becoming non-negotiable. Within that context, tokenized deposits are what is emerging as a natural evolution of existing bank money.

“Within the bank’s network, tokenized deposits are an efficient way for our clients to be able to get that 24/7, always-on availability,” Chatterjee said.

The Race to Define the On-Chain Dollar for Institutional Use

By anchoring decisions in client economics and workflows, banks are positioning themselves less as promoters of specific technologies and more as integrators tasked with assembling the right mix of tools for each use case. Institutional clients are not simply looking for digital replicas of existing money; they are grappling with the friction of moving funds across use cases and jurisdictions.

“There’s this constant need to transform money across its various forms and shapes,” Chatterjee said, adding that payments, working capital and financing increasingly overlap, and inefficiencies emerge when money cannot move fluidly between those roles.

By representing deposits on distributed ledgers, banks can offer real-time movement of money across accounts, entities and geographies without leaving the regulated perimeter. For enterprises and institutions, this promises faster settlement, improved liquidity management and reduced operational friction, all without introducing new balance sheet or counterparty risks.

In this sense, tokenized deposits may turn out to be less disruptive than they appear. They modernize the plumbing of banking rather than bypassing it, extending familiar money into programmable environments.

Regulation, Interoperability and the Velocity of Money

The moment money exits a bank’s direct network, however, the strengths of tokenized deposits begin to fade. Cross-border payments, underbanked regions and counterparties outside major financial institutions can expose gaps in reach and efficiency when it comes to tokenized deposits.

This is where Chatterjee said he sees a role for stablecoins, not as competitors to banks, but as connective tissue.

“When money leaves the bank’s network and goes out into the external ecosystem, that’s where we see the role of stablecoins coming in,” he said, assuming they operate in a “very safe and sound and regulated manner.”

The result is likely to represent not a binary choice but a continuum. Just as checks, wires, cash and instant payments coexist today, digital money is likely to fragment into specialized forms optimized for different environments.

At the heart of the impact financial blockchain is having on digital money’s evolution lies a deceptively simple question: What makes money “good”?

For Chatterjee, the answer hinges on universal acceptance and trust.

“What makes a currency strong … has a lot to do with universal acceptance,” he said.

Assets that cannot be readily transferred or accepted risk becoming stranded, unable to circulate productively; while trust is fundamental to the value and stability of money, no matter its form. That logic applies equally to tokenized deposits and stablecoins. Without trust and transferability, neither is likely to function as a true institutional settlement asset.

Despite the focus on tokens and technology, Chatterjee was clear about where long-term value resides. It is not in the token itself, but in service.

“Client service and the client experience is what is going to drive the winning proposition,” he said.

Source 1

Source 2

🙏 Donations Accepted, Thank You For Your Support 🙏

If you find value in my content, consider showing your support via:

💳 Stripe:
1) or visit http://thedinarian.locals.com/donate

💳 PayPal:
2) Simply scan the QR code below 📲 or Click Here: https://www.paypal.com/donate/?business=8K3TZ2YFZ7SMU&no_recurring=0&item_name=Support+Crypto+Michael+%E2%9A%A1+Dinarian+on+Locals+Blog&currency_code=USD

🔗 Crypto Donations Graciously Accepted👇
XRP: r9pid4yrQgs6XSFWhMZ8NkxW3gkydWNyQX
XLM: GDMJF2OCHN3NNNX4T4F6POPBTXK23GTNSNQWUMIVKESTHMQM7XDYAIZT
XDC: xdcc2C02203C4f91375889d7AfADB09E207Edf809A6

Read full Article

Dinarian888@thedinarian

January 31, 2026

New Allegations Link Former National Intelligence Leaders Clapper and O’Sullivan to UFO Shoot-Down and Retrieval Program

Written by Christopher Sharp - 24 January 2026

Multiple sources have told Liberation Times that, during the Obama administration, senior intelligence figures James Clapper and Stephanie O’Sullivan oversaw a program relating to Unidentified Anomalous Phenomena (UAP) within the Office of the Director of National Intelligence.

The sources allege the effort involved the shootdown and recovery of exotic vehicles thought to be of non-human origin.

Three separate sources told Liberation Times that Clapper allegedly ran the program alongside O’Sullivan, dating back to his tenure as Under Secretary of Defense for Intelligence from 2007 to 2010

During that period, O’Sullivan led the CIA’s Directorate of Science and Technology before being promoted in 2009 to become the agency’s third-most senior officer.

One source alleged to Liberation Times that Clapper and O’Sullivan oversaw a program codenamed ‘Golden Domes,’ which the source claimed was jointly run by the CIA and the United States Air Force (USAF), where Clapper previously served.

The source further alleged that the program could detect and track UAP even when ‘cloaked’ and as they physically manifested.

The same source claimed the program employed a mix of electronic and laser-based capabilities intended to bring down what the source described as ‘exotic non-human vehicles.’

Sources were unable to offer Liberation Times a clear explanation for why the U.S. government would choose to engage UAP, including whether any such actions were taken routinely, in specific circumstances, or in relation to any potential understandings or rules of engagement involving other purported non-human factions.

In the recently released documentary ‘The Age of Disclosure’, James Clapper alleged that a secretive USAF program had been actively monitoring UAP, particularly over the highly classified Area 51 facility in Nevada - an epicentre of cutting-edge military development and testing.

Clapper, a former Chief of USAF Intelligence, stated:

“When I served in the Air Force, there was an active program to track anomalous activities that we couldn’t otherwise explain - many of them connected with ranges out west, notably Area 51.”

In a recent interview with journalist Megyn Kelly, former intelligence official, USAF veteran, and UAP whistleblower David Grusch claimed that James Clapper managed a UAP program, stating:

“I'm a little bit disappointed as a fellow Air Force officer…. That's all he said in the documentary: that there was a program he was aware of.

“In fact, without being inappropriate, I will say that General Clapper was well aware of the crash retrieval issue, managed the crash retrieval issue, and, when he was a DNI [Director of National Intelligence], USDI [Undersecretary of Defense for Intelligence and Security], DIA [Defense Intelligence Agency], he placed people in critical roles to manage this issue, both publicly - and I'll just say not publicly as well - and I'll allow the audience to distill what I'm saying at the, at the risk of being inappropriate or going too far with my discussion.

“So General Clapper, Stephanie O’Sullivan, other folks in the IC [Intelligence Community] that are well aware of this issue, that were in rooms discussing this issue, I ask you to be greater leaders on this. I should not be the only former military officer and intelligence official that is being completely candid with the information that they were exposed to.”

Grusch’s lawyer, Charles McCullough III served as the Intelligence Community Inspector General, reporting directly to then–Director of National Intelligence James Clapper.

In that role, according to his biography, McCullough ‘oversaw intelligence officers responsible for audits, inspections, and investigations. Furthermore, he was responsible for inquiries involving the Office of the Director of National Intelligence as well as the entire Intelligence Community.’

***Above: Charles McCullough, III and James Clapper***

Grusch, in that same interview, also alleged that former Vice President Dick Cheney, who has since died, was the “closest person” to a “mob boss,” exerting “central leadership” over UAP-related activities.

Notably, Dick Cheney’s wife, Lynne Cheney, served on Lockheed Corporation’s board of directors from 1994 to 2001.

Against that backdrop, in written testimony to Congress, Lue Elizondo, the former director of the Pentagon’s Advanced Aerospace Threat Identification Program, claimed that Naval Air Station Patuxent River in Maryland was among the sites prepared in connection with an alleged transfer of UAP materials to Bigelow Aerospace from Lockheed Martin - an organisation long accused of involvement in an alleged UAP reverse-engineering program.

In a 2013 Fox News interview, Dick Cheney said he first met James Clapper around 25 years earlier, when Clapper was serving as a USAF intelligence officer in Korea.

James Clapper served as the fourth Director of National Intelligence under President Obama from August 2010 to January 2017. Before that, he was Under Secretary of Defense for Intelligence from 2007 to 2010 under President George W. Bush and Vice President Dick Cheney.

Clapper also previously served as Director of the National Geospatial-Intelligence Agency and Director of the Defense Intelligence Agency.

In his book Facts and Fears, he recounts how he was assigned as the USAF senior resident officer at the National Security Agency (NSA) to represent Air Force interests. In February 1980, then-NSA Director Vice Admiral Bobby Inman presided over Clapper’s promotion to colonel, as he assumed responsibility for all Air Force personnel stationed at the NSA.

Clapper writes in his book that he served as an intermediary for Vice Admiral Bobby Inman, whom he describes as “an icon and a legend” and who has also been alleged to be a UAP gatekeeper.

Inman was clearly aware of the link between O’Sullivan’s former office and UAP-related matters. In a now-public phone call with NASA engineer Bob Oechsler, Inman said that Everett Hineman, then Deputy Director of the CIA’s Directorate of Science and Technology, would be “the best person” to ask whether any recovered UAP vehicles might be made available for technological research outside military channels.

Notably, former NSA administrator Mike Rogers has recalled in an interview that, while serving as Director of National Intelligence, Clapper unexpectedly ordered him and his team to review the NSA’s files and provide everything relating to UFOs.

Upon being nominated as Director of National Intelligence by President Obama in 2010, Clapper was described as having developed close ties to the intelligence community during his long career and is particularly close to senior managers at the CIA.

In 2011, Clapper recommended that President Obama nominate Stephanie O’Sullivan as Principal Deputy Director of National Intelligence (PDDNI).

Before her nomination, O’Sullivan served as the CIA’s Associate Deputy Director from December 2009 to February 2011, working alongside the Director and Deputy Director to provide overall leadership of the agency, with a particular focus on day-to-day management.

Before that, she served as the CIA’s Deputy Director of Science and Technology for 4 years. According to Liberation Times sources, the CIA’s Directorate of Science and Technology has and continues to be involved in coordinating UAP retrieval missions and safeguarding technologies derived from UAP-related research carried out by the Department of War (DoW) and its contractors.

Based on the best available open source information, previous Deputy Directors of the CIA’s Directorate of Science and Technology include:

Albert Wheelon 1963-1966
Carl Duckett 1966-1967
Leslie Dirks 1967-1982
R. Evan Hineman 1982-1989
James Hirsch 1989-1995
Ruth David 1995-1998
Gary Smith 1999-1999
Joanne Isham 1999-2001
Donald Kerr 2001-2005
Stephanie O’Sullivan 2005-2009
Glenn Gaffney 2009-2015
Dawn Meyerriecks 2015-2021
Todd Lowery 2021-present

In his book, ‘Facts and Fears’, Clapper writes that he knew O’Sullivan by reputation as a brilliant technical engineer, and that then-CIA Director Leon Panetta put her forward to him as his deputy - someone who could help cover his blind spots when CIA-related issues arose.

Clapper describes the day of O’Sullivan’s confirmation to PDDNI - a title O’Sullivan jokingly referred to as ‘P-Diddy’ - as ‘an extremely happy one’. Their working relationship within the ODNI was extremely close, and Clapper has written that he learned to adopt the line “Stephanie speaks for me, even when we haven’t spoken.”

O’Sullivan entered the intelligence world after responding to a cryptic newspaper classified advert seeking an “ocean engineer”. That move led her to TRW, the defense contractor absorbed into Northrop Grumman, and later the Office of Naval Intelligence. Liberation Times sources allege that Northrop Grumman’s Tejon Ranch Radar Cross Section Facility in southern California is a site where UAPs are routinely retrieved.

Since her retirement from government in 2017, O’Sullivan now serves as a member of the Board of Trustees of the Aerospace Corporation and is on the Board of Directors of Battelle Memorial Institute.

Battelle and The Aerospace Corporation have both been referenced publicly in connection with UAP programs.

Sources also note that O’Sullivan sits on the board of HRL Laboratories, formerly Hughes Research Laboratories, part of the wider Hughes corporate legacy that is closely associated with the Hughes Glomar Explorer, the vessel later linked to the CIA’s effort to recover a sunken Soviet submarine.

Sources told Liberation Times that Stephanie O’Sullivan has been questioned by the Senate Select Committee on Intelligence about her alleged role in a UAP program.

The sources further allege that she misled committee members, including then Senator Marco Rubio, now Secretary of State, by nervously claiming that she had no involvement.

Allegations of kinetic engagement have surfaced in other contexts.

In written testimony submitted to Congress, journalist George Knapp relayed what he said he was told by figures linked to a former Russian Ministry of Defense UAP program: that Russian fighter aircraft were dispatched to intercept UAP on numerous occasions and, in a small number of cases, were ordered to fire.

Knapp wrote that after several alleged incidents in which aircraft subsequently crashed, a standing order was issued instructing pilots to disengage and ‘leave the UFOs alone because, quote, “they could have incredible capacities for retaliation.”’

Source

🙏 Donations Accepted, Thank You For Your Support 🙏

If you find value in my content, consider showing your support via:

💳 Stripe:
1) or visit http://thedinarian.locals.com/donate

🔗 Crypto Donations Graciously Accepted👇
XRP: r9pid4yrQgs6XSFWhMZ8NkxW3gkydWNyQX
XLM: GDMJF2OCHN3NNNX4T4F6POPBTXK23GTNSNQWUMIVKESTHMQM7XDYAIZT
XDC: xdcc2C02203C4f91375889d7AfADB09E207Edf809A6

Read full Article

Available on mobile and TV devices