Measuring Silence: Anti‑Corruption Frequencies

Disclaimer: This investigation involved no hacking, intrusion, or unauthorized access. Everything described here is legal, passive measurement of signals and activity. My intention was simply to understand whether the Fiscalía Anti Corrupción in Querétaro behaves like a functioning office by analyzing its technical footprint.

What I Set Out to Measure

Any office with staff and computers produces a measurable presence:

•     Wi‑Fi traffic from routers and laptops.
•     Bluetooth beacons from phones and peripherals.
•     Cellular activity from employees’ devices.
•     Electromagnetic noise from monitors, servers, and power supplies.

If an office is active, you’ll see it in the spectrum. If it’s quiet, that silence itself is data.
 

My Setup

•     Operating System: Kali Linux — chosen for its robust toolkit for wireless and spectrum analysis.
•     Software Tools:
•         gqrx — a spectrum analyzer for SDR devices, used to visualize signal activity across frequencies.
•         aircrack‑ng — not for intrusion, but to detect the presence of Wi‑Fi networks and measure traffic density.
•         Wireshark — configured only to confirm packet presence, not to capture or inspect content.

    Hardware:

   

• Software‑Defined Radio (SDR) dongle with wideband antenna — allows scanning across a broad range of frequencies to detect signals.
• Portable EMF meter — measures electromagnetic radiation levels, useful for detecting whether multiple devices are powered and active.
• Directional antenna — focuses on the building to isolate its footprint from surrounding noise.

Procedure

•     Establish baseline readings in a neutral location nearby.
•     Move closer to the Anti‑Corruption office and log spectrum activity over several hours.
•     Compare expected office activity (steady Wi‑Fi, bursts of cellular, background EMF from multiple devices) with actual readings.

The Results

The activity was far too low. For a building supposedly full of staff, computers, and investigations, the spectrum was quiet. Minimal Wi‑Fi traffic, almost no Bluetooth presence, cellular signals flat. The EMF meter barely moved.

That’s how I reached my conclusion: the building does not behave like a functioning office. The technical footprint doesn’t match the story.
 

Visual Confirmation

To cross‑check, I placed a pencam under some garbage opposite the building. On a Tuesday in May 2025, I recorded from 5 a.m. to 11 p.m. Nobody entered. Nobody left.
 

The Bigger Question

Meanwhile, corruption news is endless. Cries for help are countless. So why isn’t there any noise from Anti‑Corruption?

The dumbest explanation I’ve heard: “They strictly operate undercover, top secret.”

But corruption doesn’t happen in the shadows. It happens in broad daylight, in front of everyone’s eyes. And corruption, like vampires, doesn’t require secrecy. Expose it to light — and it dies.

The Götz Knobloch Case

This is a detailed summary of the investigations, verifications, and audits conducted regarding Götz Knobloch and the associated operational environment. This report documents the process from initial identity verification to the analysis of social engineering tactics and technical cybersecurity events.

---

Investigative Summary: The Götz Knobloch Case

1. Identity Verification and Institutional Registry

The investigation began with an identity audit process designed to confirm the official status of the subjects involved. The following actions were performed:

• Directory Cross-Referencing: Official diplomatic lists, honorary consulate registries, and security attaché directories were consulted.
• Communication Channel Audit: The authenticity of the email infrastructure was verified. It was confirmed that communications originating from goetz.knobloch@bka.bund.de and copied to iz13-vb-mexiko@bka.bund.de belong to legitimate official channels of the German Federal Criminal Police Office (BKA) assigned to the Embassy in Mexico.
• Status Validation: Although discrepancies were initially identified, it was confirmed that Götz Knobloch is the BKA Liaison Officer for Mexico and Central America, validated by his participation in official state ceremonies.

2. Media Presence and Narrative Analysis

An exhaustive monitoring of the media footprint was conducted to identify patterns in the dissemination of diplomatic activities. Verified sources include:

• SSC meeting with German Embassy - mensajerodelasierra.com
• BKA recognition of FGEO work - Es Oaxaca
• Honorary Consul appointments - masnoticias.mx
• Official visits to industrial sectors (Audi Mexico, Mexicali EDC) - MEXICONOW

3. Social Engineering and Intervention Tactics Audit

The investigation documented the use of psychological and operational manipulation tactics:

• High-Urgency Pretexts: Use of "whereabouts inquiries" or welfare checks as a pretext to bypass security protocols.
• Diplomatic Staging: Creation of visual environments (EU flags/logos) to project legitimacy in non-official settings.
• Use of Honorifics: Strategic deployment of official titles to mitigate skepticism within expatriate communities.

4. Forensic Technical Analysis and Cybersecurity Events

A critical pillar of the investigation was the analysis of the incident in mid-November 2023:

• Malware Incident: Implementation of the "Black Orchid" virus against the workstation. Identified as a non-public signature designed for hardware destruction.
• Delivery Vector: Confirmed infection following direct interaction through verified official email channels.
• Chronology: System failure occurred within minutes of a formal warning from the liaison office.

5. Ecosystem Mapping and Transregional Connections

The investigation mapped interconnectivity between various profiles, including Ursula Koos (Ulla Koos), documenting repetitive patterns of "staged" diplomatic events and announcements of economic cooperation lacking real investment registry substantiation.

 

Criminal Accusations

• Velazquez y Consultores Abogados
• Consul Puebla Marko Foitzik and U. Koos
• Thomas WAagner – Cyber Aggression
• Consul Wagner – Neglect of Diplomatic Duties
• Ursula Koos – Fraud against INM
• Gotz Knobloch – Cyberattacks
• Till Feldmann – Guilty for Participation

Exclusive Insight Reports

• Fake Diplomats Undermining German Embassy
• Mendez Ramirez – Compliance Issue
• The Failure That Killed Consul Thomas Wagner
• Understanding Social Engineering

RTE Radio 1 – HSE ransomware attack

THANK YOU IRELAND! 

My debut on RTE Radio 1 – the HSE ransomware attack

Today I had the privilege to be a guest on one of the most popular national radio shows in Ireland – RTE Radio News At One with Bryan Dobson.

I spoke briefly about the Conti ransomware attack that crippled the HSE a couple of days ago. I also mentioned the submission to the National Security Strategy program that I authored back in December 2019 (and why it feels now that nothing has been done).

What is Penetration Testing: Complete Guide 2026

Penetration Testing Infrastructure is the best method to assess your firm’s security infrastructur

According to the latest cyber attack, there is a new way that attackers might gain entry into your system without triggering any alarm.

Cyberattacks Threaten German Democracy

Democracy Under Pressure – Resilient Police

Cyberattacks on airports, hacking attacks on city administrations like the recent one in Ludwigs hafen hybrid threats are on the rise. Starting today, they will be discussed at the Federal Criminal Police Office's (BKA) autumn conference. The event is titled "Democracy Under Pressure Resilient Police."