AuthorMessage
Lord_Zero
Ametuar
Posts: 122

After a few e-mails between TE and f-secure we saw that journalists kept saying boolshit about TE and still using f-secure as the only source of information.
Here are all e-mails sent between TE and f-secure:
Quote:
Received: by 10.114.126.3 with HTTP; Fri, 18 May 2007 14:43:57 -0700 (PDT)
Message-ID: <4dd8f26c0705181443u65a462a3w5fcfbda3cb870186@mail.gmail.com>
Date: Fri, 18 May 2007 23:43:57 +0200
From: "Team Elite" <support.teamelite@googlemail.com>
To: support-web-feedback@F-Secure.com
Subject: Erroneous "news"
MIME-Version: 1.0
Content-Type: text/plain; charset=WINDOWS-1252; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Delivered-To: support.teamelite@gmail.com
First of all, none of TE members understand finnish so we don't really
know what you said on television and newspapers about us. But we
understood what you wrote here:
http://www.f-secure.com/weblog/archives/archive-052007.html#00001193
"There has been several DDoS attacks targeted at Finnish websites this
week. Targets have included the Finnish Broadcasting Company and the
largest newswire in Finland. Several weblog readers have been asking
for our take on this."
We don't attack servers and we don't even visit finnish servers, we
don't know that language.
The screenshot you posted is with a flood program for hubs with TE
name in it, but none of us had written it and none of us has it. And
as the interface shows we assume it's a spam program not a ddos
program anyway ("nick to flood").
You can see my real IP in this e-mail header. Yes, i'm that
"romanialainen" you were talking about, but i am not THE leader, we
are 3 owners and i'm the only one from Romania. The only person i know
who confuses TE with me is piratox (most of his attacks were directed
to my IP, as you can see in our forum).
And no, we don't use f-secure products.
Regards,
']['€AM€LiT€
Delivered-To: support.teamelite@gmail.com
Received: by 10.114.126.3 with SMTP id y3cs558088wac;
        Sun, 20 May 2007 23:51:21 -0700 (PDT)
Received: by 10.67.10.12 with SMTP id n12mr3217969ugi.1179730280668;
        Sun, 20 May 2007 23:51:20 -0700 (PDT)
Return-Path: <mikko.hypponen@f-secure.com>
Received: from fsmail-out.f-secure.com (fsmail-out.f-secure.com [193.110.109.20])
        by mx.google.com with ESMTP id a1si7108540ugf.2007.05.20.23.51.18;
        Sun, 20 May 2007 23:51:20 -0700 (PDT)
Received-SPF: pass (google.com: domain of mikko.hypponen@f-secure.com designates 193.110.109.20 as permitted sender)
Received: from fsav4im2 (fsav4im2.f-secure.com [193.110.108.82])
   by fsmail-out.f-secure.com (Postfix) with SMTP id 1AC645BA8F
   for <support.teamelite@googlemail.com>; Mon, 21 May 2007 09:51:18 +0300 (EEST)
Received: from fsintra.f-secure.com (unknown [10.128.128.79])
 by fsav4im2 ([193.110.108.82]:25) (F-Secure Anti-Virus for Internet Mail 6.60.36 Release)
 with SMTP; Mon, 21 May 2007 06:48:35 -0000
 (envelope-from <mikko.hypponen@f-secure.com>)
Received: from FSIBM641.f-secure.com (unknown [10.128.131.47])
   by fsintra.f-secure.com (Postfix) with ESMTP id 89FD95BD2D
   for <support.teamelite@googlemail.com>; Mon, 21 May 2007 09:51:16 +0300 (EEST)
Message-Id: <7.0.1.0.2.20070521095025.0a7bfec0@f-secure.com>
X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0
Date: Mon, 21 May 2007 09:51:12 +0300
To: support.teamelite@googlemail.com
From: "Mikko H. Hypponen" <mikko.hypponen@f-secure.com>
Subject: Question
In-Reply-To: <8589D0AD450A0D4CB6CC66ED3AF4FF6C03B3FABD@fsfimail6.FI.F-Se
 cure.com>
References: <8589D0AD450A0D4CB6CC66ED3AF4FF6C03B3FABD@fsfimail6.FI.F-Secure.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
>We don't attack servers and we don't even visit finnish servers
So, what's your theory on who's attacking Finnish sites and why?
Received: by 10.114.126.3 with HTTP; Mon, 21 May 2007 17:17:20 -0700 (PDT)
Message-ID: <4dd8f26c0705211717m5c5f34aemacec6bbf94b8314c@mail.gmail.com>
Date: Tue, 22 May 2007 02:17:20 +0200
From: "Team Elite" <support.teamelite@googlemail.com>
To: "Mikko H. Hypponen" <mikko.hypponen@f-secure.com>
Subject: Re: Question
In-Reply-To: <7.0.1.0.2.20070521095025.0a7bfec0@f-secure.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=WINDOWS-1252; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
References: <8589D0AD450A0D4CB6CC66ED3AF4FF6C03B3FABD@fsfimail6.FI.F-Secure.com>
    <7.0.1.0.2.20070521095025.0a7bfec0@f-secure.com>
Delivered-To: support.teamelite@gmail.com
About your question: we are not detectives. Probably now would be our
opportunity to blame everyone who ever disagreed with any one of us or
to blame every portscan/hack attempt/DoS/DDoS/suspicious traffic some
of us ever got. But we don't do that.
We know you can have free publicity for f-secure by making someone
else look bad, like us for example.
We are all programmers and designers. We write programs, we don't
crack programs. Why do you call us crackers?
Regards,
']['€AM€LiT€
On 21/05/07, Mikko H. Hypponen <mikko.hypponen@f-secure.com> wrote:
>
> >We don't attack servers and we don't even visit finnish servers
>
> So, what's your theory on who's attacking Finnish sites and why?
>
>
--=20
']['€AM€LiT€
Delivered-To: support.teamelite@gmail.com
Received: by 10.114.126.3 with SMTP id y3cs676313wac;
        Mon, 21 May 2007 23:35:20 -0700 (PDT)
Received: by 10.66.222.9 with SMTP id u9mr371123ugg.1179815716026;
        Mon, 21 May 2007 23:35:16 -0700 (PDT)
Return-Path: <mikko.hypponen@f-secure.com>
Received: from fsmail-out.f-secure.com (fsmail-out.f-secure.com [193.110.109.20])
        by mx.google.com with ESMTP id y1si651751uge.2007.05.21.23.35.15;
        Mon, 21 May 2007 23:35:15 -0700 (PDT)
Received-SPF: pass (google.com: domain of mikko.hypponen@f-secure.com designates 193.110.109.20 as permitted sender)
Received: from fsav4im2 (fsav4im2.f-secure.com [193.110.108.82])
   by fsmail-out.f-secure.com (Postfix) with SMTP id 03F0C5B9C3
   for <support.teamelite@googlemail.com>; Tue, 22 May 2007 09:35:15 +0300 (EEST)
Received: from fsintra.f-secure.com (unknown [10.128.128.79])
 by fsav4im2 ([193.110.108.82]:25) (F-Secure Anti-Virus for Internet Mail 6.60.36 Release)
 with SMTP; Tue, 22 May 2007 06:32:31 -0000
 (envelope-from <mikko.hypponen@f-secure.com>)
Received: from FSIBM641.f-secure.com (unknown [10.128.131.47])
   by fsintra.f-secure.com (Postfix) with ESMTP id 195805BD2E
   for <support.teamelite@googlemail.com>; Tue, 22 May 2007 09:35:13 +0300 (EEST)
Message-Id: <7.0.1.0.2.20070522091724.05cffba8@f-secure.com>
X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0
Date: Tue, 22 May 2007 09:18:12 +0300
To: "Team Elite" <support.teamelite@googlemail.com>
From: "Mikko H. Hypponen" <mikko.hypponen@f-secure.com>
Subject: Re: Question
In-Reply-To: <4dd8f26c0705211717m5c5f34aemacec6bbf94b8314c@mail.gmail.co
 m>
References: <8589D0AD450A0D4CB6CC66ED3AF4FF6C03B3FABD@fsfimail6.FI.F-Secure.com>
 <7.0.1.0.2.20070521095025.0a7bfec0@f-secure.com>
 <4dd8f26c0705211717m5c5f34aemacec6bbf94b8314c@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Team Elite:
>We are all programmers and designers.
So what exactly does your group aim for?
>We write programs, we don't crack programs. Why do you call us crackers?
I have not called you crackers. I might have called you hackers.
Received: by 10.114.126.3 with HTTP; Tue, 22 May 2007 09:00:29 -0700 (PDT)
Message-ID: <4dd8f26c0705220900vc916484o929a45ee1924800f@mail.gmail.com>
Date: Tue, 22 May 2007 18:00:29 +0200
From: "Team Elite" <support.teamelite@googlemail.com>
To: "Mikko H. Hypponen" <mikko.hypponen@f-secure.com>
Subject: Re: Question
In-Reply-To: <7.0.1.0.2.20070522091724.05cffba8@f-secure.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=WINDOWS-1252; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
References: <8589D0AD450A0D4CB6CC66ED3AF4FF6C03B3FABD@fsfimail6.FI.F-Secure.com>
    <7.0.1.0.2.20070521095025.0a7bfec0@f-secure.com>
    <4dd8f26c0705211717m5c5f34aemacec6bbf94b8314c@mail.gmail.com>
    <7.0.1.0.2.20070522091724.05cffba8@f-secure.com>
Delivered-To: support.teamelite@gmail.com
> So what exactly does your group aim for?
TeamElite is a network security group, most of our projects involve
providing non-comercial solutions for one or more security-related
problems.
> I have not called you crackers. I might have called you hackers.
You are the only source quoted in articles like this: "Team Elite
kiistää hyökänneensä Suomeen" -> "Yleisradion sivuille kohdistuneista
hyökkäyksistä syytetty kräkkeriryhmä Team Elite kiistää
osallisuutensa. Kräkkeriryhmä lähestyi sähköpostitse viikonloppuna
F-Securen Mikko Hyppöstä."
(http://www.digitoday.fi/page.php?page_id=14&news_id=200712334)
Regards,
']['€AM€LiT€

There were a few articles about these e-mails (f-secure's story). Compare those articles with the contents of those e-mails to see the differences .