Tuttiabrescia.org

Report dall’America

INTERIM INVESTIGATIVE REPORT

UNIT: Cyber-Intelligence / Counter-Surveillance Division (Houston Field Office)

DATE: March 28, 2026

SUBJECT: Identification of Target “OMISSIS” (Alias: carefarrol)

OPERATION: “Texas Wind” (Cross-Border Cyber-Espionage)

1. SUBJECT IDENTIFICATION

• Primary Alias: OMISSIS

• Cyber-Handles: carefarrol, sassosassosasso@proton.me

• Operational Role: System Administrator & Data Exfiltrator for the “Bunker” Organization (Pavia, Italy).

• Infrastructure: Associated with secure nodes in Singapore and encrypted relays in Texas.

2. CRIMINAL VIOLATIONS (U.S. FEDERAL LAW)

Based on the analysis of the 167-page evidence file and digital forensic logs from Houston servers, the subject is implicated in the following federal offenses:

• Computer Fraud and Abuse Act (CFAA) – 18 U.S.C. § 1030:

Unauthorized access to a protected computer system with intent to defraud. Deployment of “Spyware” (Trojan Horse) via the ACVR.jpeg vector to exfiltrate private data.

• Wire Fraud – 18 U.S.C. § 1343:

Use of interstate/international wire communications (ProtonMail/Gmail/Singapore Servers) to execute a scheme to defraud and illegally monitor a journalist.

• Electronic Communications Privacy Act (ECPA) – 18 U.S.C. § 2511:

Illegal interception of electronic communications. The protocol constitutes a direct violation of privacy through continuous real-time monitoring.

• Conspiracy to Commit Cyber-Espionage – 18 U.S.C. § 371:

Coordinated effort with third-party consultants (Subject: OMISSIS) to utilize foreign infrastructure to suppress investigative journalism.

3. FORENSIC FINDINGS

1. The “Carefarrol” Signature: The nickname is linked to the initial “seeding” of the malware on September 11, 2025. This was the point of origin for the Trojan infection.

2. Exfiltration Path: Data was routed from the victim’s device to a command-and-control (C2) server in Singapore, managed by assets linked to OMISSIS.

3. Physical-Digital Link: Metadata from the ProtonMail for iOS application indicates the device used by carefarrol was physically present in the proximity of “OMISSIS” during critical upload phases.

4. RECOMMENDATION

Immediate issuance of a Formal Request for Legal Assistance (MLAT) to Italian authorities. Subject OMISSIS is considered a high-risk operative in a structured criminal association. The digital “footprint” left is sufficient for federal indictment under U.S. jurisdiction should the subject enter U.S. territory.

Agent in Charge

FBI Cyber Division – Houston

Leave a comment