Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Presumably the FBI limited this operation to "U.S. Networks". I wonder how they determined that? Based on domain registration? IP block ownership? What about a non-US company with servers outside of the US that has a Point-of-Presence IP inside the US? Seems like there's no perfect way to determine programmatically.


Here's what the warrant says

> The presumptively U.S.-based Microsoft Exchange Servers, corresponding to the approximately [redacted] web shells in Attachment A appear to be located in five or more judicial districts, according to publicly available Whois records and IP address geolocation


Thanks! I couldn't find the warrant before but that string was enough to locate it: https://www.justice.gov/opa/press-release/file/1386631/downl...




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: