Standing for objective scientific truth requires courage, but it also demands a realistic understanding of the tactical costs. When your independent research begins informing federal inquiries and regulatory risk assessments—as our genomic auditing of residual plasmid DNA and SV40 sequences recently has —retaliation is not a matter of if, but when.

Institutional narratives are aggressively protected. On March 1, 2026, my primary communication infrastructure on X was compromised as part of a massive, highly coordinated cyberattack deployed against numerous prominent voices within the medical freedom movement.

Today, I am documenting the anatomy of this digital extortion campaign, outlining the evolution of these attacks against our colleagues, and detailing precisely the standard operating procedure (SOP) required to reclaim your digital infrastructure.

The “Vote for Me” Infiltration

The initial wave of this breach exploited the established trust between verified professionals. On February 27, 2026, I received a direct message from the compromised account of a trusted colleague, Dr. Kirk Moore. The message requested support for a fabricated podcast event involving Spotify and Google, directing me to a deceptive URL.

Interacting with this infrastructure did not merely capture a password; it initiated a sophisticated backdoor entry. It allowed the threat actors to silently inject a hostile iOS passkey onto my account from a device located in New York.

By March 1, the perpetrators escalated their control, severing my access by altering the account’s primary email address to slap9012@outlook.com.

Extortion and Reputation Spoofing

Once in control, the actors immediately attempted to weaponize my professional credibility. They posted a fabricated cryptocurrency endorsement claiming my investments had paid off with a “brand-new Chevrolet Colorado”.

The operation then transitioned into direct extortion. I received WhatsApp messages and voice calls from the number +1 (587) 856-8978. Operating under the business name “~Specialpeople”, the hostile actor bluntly stated: “$200 and I’ll give the account back”.

This low-level financial demand is the clumsy execution of a broader, more sophisticated silencing campaign designed to separate technical experts from the public square.

The Escalation: The Delegate Phishing Attack

The threat actors are rapidly evolving their tactics to bypass heightened community awareness. Just this week, a highly sophisticated variation of this attack targeted Dr. Andrew Zywiec.

The infiltration vector was executed through a remarkably authentic-looking email masquerading as official platform correspondence. Upon interacting with the communication, Dr. Zywiec was directed to a credential-harvesting page that perfectly mirrored the legitimate X login portal.

The moment his password details were submitted, the automated attack sequence deployed instantly. Rather than simply changing the password, the bad actor exploited the platform’s features to silently add themselves as an authorized “delegate” to the account. Within seconds, the attacker assumed total administrative control, injected a malicious passkey, and enforced their own secondary two-factor authentication (2FA).

A Coordinated Purge of Scientific Dissent

I am far from the only professional targeted in this manner. As Steve Kirsch and Professor Norman Fenton have recently highlighted, this is a systemic vulnerability being leveraged globally.

Respected colleagues have had their platforms usurped. Dr. Kirk Moore’s account was rebranded to a fraudulent persona. Dr. William Makis endured a hijacking where threat actors actively targeted vulnerable cancer patients before he recovered access. Dr. Joe Sansone, Dr. Sally Priester, Dr. Jeyanthi Kunadhasan, and Attorney Kat A were subjected to identical digital extortion schemes.

The architects of this campaign seek to scatter the flock. They aim to dismantle our collective ability to communicate unvarnished, heavily documented data to the public and to independent lawmakers.

A Methodical Protocol for Digital Reclamation

Confronting a compromised digital identity requires a rigorous, step-by-step methodology. Extortionists rely on panic. Do not negotiate, and immediately block all hostile communication vectors (WhatsApp, SMS). Execute the following structured response to isolate the threat and recover your infrastructure.

Phase 1: The Immediate Recovery Vector

• The Critical Inbox Reversal: When an attacker alters your email, the platform generates an automated notification to your original inbox. Scan your email for this message immediately. Click the link stating “This wasn’t me” or the option to revert the change. Preserve this email for its tracking data.

• The Formal Compromise Report: Navigate to the official X Help Centre and initiate the “Hacked Account” flow. Input your original email address, not the attacker’s.

• Financial Chain of Custody: If you are a Premium subscriber, explicitly state your verified status in the problem description field. Offer the last four digits of the associated credit card and Apple/Google payment receipts. Financial documentation is unassailable proof of fiduciary ownership.

Phase 2: Contingency Protocols

• Deploy an Alternate Account: Create a temporary profile to publicly tag @Support and @Premium. State your verified account was compromised via email alteration and passkey injection. Include your support ticket number.

• Highlight the Passkey Injection: In all communications with support, explicitly state that a hostile iOS passkey was added to the account. This explains why standard password recovery loops are failing.

• Eradicate the Hostile Backdoor: Once access is restored, changing your password is fundamentally insufficient. Navigate to Settings and privacy > Security and account access > Security > Additional password protection. Locate the “Passkeys and Security Keys” menu and permanently delete all listed keys. Check the “Delegates” settings to ensure no unauthorized users retain administrative control.

• Document and Escalate: Take screenshots of all unauthorized changes and extortion attempts. Submit this data directly to law enforcement (e.g., the Canadian Anti-Fraud Centre).

• Secure the Root Infrastructure: Threat actors frequently compromise your primary email before executing a secondary platform takeover to intercept verification codes. Before attempting recovery, immediately change the password to your primary email account and enforce robust two-factor authentication (2FA).

Proactive Defense

The pursuit of truth requires unbroken channels of communication.

1. Verify Out-of-Band: If a trusted colleague sends a link requesting support, call or text them directly before clicking.

2. Eliminate SMS Vulnerabilities: Transition away from SMS-based two-factor authentication. Utilize a hardware security key (like a YubiKey) or a secure authenticator application immediately.

We will not be silenced, nor will we be extorted. We are commanded to be salt and light in an increasingly dark landscape. Share this recovery methodology with your networks, fortify your infrastructure, and continue standing firm.

Fund Independent Scientific Oversight

Life-saving scientific data and rigorous regulatory due diligence must never be hidden behind a pharmaceutical paywall. All of our core genomic findings, peer-reviewed data, and regulatory risk assessments will remain free and accessible to the public.

However, conducting uncompromising molecular auditing and standing against captured institutions requires a heavily resourced war chest. True independent science demands independent funding. To directly capitalize our ongoing laboratory operations and public health advocacy, upgrade to a paid Substack subscription today. Your backing ensures we can build our health policies on a firm foundation of empirical truth, keeping this vital data weaponized for the clinicians, families, and independent lawmakers who need it most.

Deploy the Protocol & Hold the Line

• Share the Evidence: The architects of digital suppression rely on public isolation and media silence. Do not let them control the narrative. Distribute this recovery protocol to your networks, independent medical professionals, and legal counsel.

• Join the Conversation: We are called to be salt and light in an increasingly dark landscape, and our collective survival depends on shared intelligence. If similar digital suppression campaigns have targeted you or your organization, detail your experience in the comments below. Outline the vectors of the attack and the precise recovery protocols that successfully restored your access so we can fortify our community's defenses.

• Strategic Funding: To directly resource our independent genomic laboratory space outside of standard platforms, direct contributions can be made via e-transfer to support@davidspeicher.com or through my active GiveSendGo campaign.

B2B Advisory & Litigation Defense (Cyrus Scientific Inc.) I operate on a retained executive basis. For Am Law 100 mass-tort litigators, federal regulatory reformists, and clinical testing networks requiring uncompromising technical due diligence, molecular assay validation, or high-stakes expert-witness defence, direct your inquiries to research@davidspeicher.com.

Monitor the Intelligence: Follow my real-time updates on X (@DJSpeicher) and track the executive footprint of Cyrus Scientific and Dr. David Speicher on LinkedIn.

Share

Leave a comment