Third Whistleblower: The Epstein Files, the Stolen Election, and the NSA Audit
How Wall Street stole your vote and why Congress is protecting the predators in the Epstein files.
For over a year, we’ve tracked a global hybrid warfare operation combining cyberattacks, financial manipulation, satellite technology, political influence, and election interference into a single system.
Newly uncovered evidence now shows how the 2024 U.S. election was manipulated in real time, why some of the world’s most powerful figures are implicated, and what drives the deafening silence that followed.
Transcript of Discussion
TWH: “Are you willing to go public with your team’s findings?”
WB: “Public testimony would need to occur after the rightful president is in office, but yes, of course. Or a member on the team, we have several that can speak to the intricacies.”
TWH: “Intricacies such as…?”
WB: “Why Gelsinger’s exit happened when it did; the CBS sale; why JP Morgan funded Epstein; Lindsey Graham’s October 2024 visit with Oracle in Israel; the NSO Group activity that led to the WhatsApp case; and the subsequent series of rulings not involving Meta or OpenAI.”
TWH: “All of which is tied to the 2024 election?”
WB: “Yes. And the Epstein files. It’s not just ‘the Epstein list’—it’s a decades-long effort with multiple layers. Check out his [Epstein’s] travel, October through early-November 2016. And again, note Sen. Graham’s early-October 2024 visit to Israel.”
TWH: “That date looks off… Was it the following week? If the Epstein files and breach logs were released, wouldn’t that clean the system out?”
WB: “You’re probably right on the date. Clean? How much of the world economy is managed by very few people? ‘Cataclysm’ comes to mind.”
TWH: “So much of what they’re doing is unconstitutional. Crimes against humanity are on the rise across the globe. Who has proof of the NSA-authorized audit, and why are they sitting on it?”
WB: “Constiwhat? Think about the players involved and ask yourself that question again. Multiple individuals have the data. I’ll be traveling; I need to be where the banks aren’t controlled by JPM.”
TWH: “Would the data shore up the November numbers?”
WB: “Yes. It’s 100% Pentagon-certified that she won.”
TWH: “Okay. We discussed a proxy…”
WB: “There’s no reasonable vantage point where me going public provides more credibility to the topic… for now.”
TWH: “And that’s due to the current administration.”
WB: “Correct. Reach out to Andrew Couts. Needless to say there are more issues than simply Trump.”
TWH: “To tell him what, exactly?”
WB: “Tell him… The guy at the center needs some flexibility.”
Compounding Crisis: The unresolved Epstein files, according to the whistleblower, implicate figures and corporations from JP Morgan to John Paulson, explaining both the silence surrounding the 2024 election and Congress’s refusal to challenge Trump’s appointees or unconstitutional actions. See our last article: Are They Really Just the Epstein Files—Or Do They Share Cabinet Space With Trump?
A Global Command Network (per whistleblower)
To keep evidentiary lanes clear, we highlight public-record knowledge.
At the heart of this system is what cybersecurity experts call a Reflexive Controls Network—a web of technology that doesn’t just hack equipment, but shapes perceptions, markets, and even physical events.
The WhatsApp Bridge Capture
The most explosive revelation: Following the NSA-authorized audit, the DoD/DISA dismantled a WhatsApp bridge on December 11—not merely severing a connection, but capturing an unprecedented cache of data containing proof of commands, uplinks, and real-time manipulation signals from Election Day.
The cache contained:
Commands from Oracle-Israel / NSO Group directing vote manipulations
Timestamps matching PolyMarket betting spikes
Starlink uplink logs, showing when and where satellites transmitted data to voting infrastructure
Financial transaction metadata, connecting the voting outcomes to immediate hedging and profit-taking
This statement ties:
Epstein → Thiel → Musk → Trump → Oracle → NSO → APT28 → SIG → Slack → JP Morgan → Stolen Election
And Putin is in the mix at the Epstein and Thiel level.
The two-month silence between Election Day (Nov 5) and Treasury’s Dec 31 sanctions suggests this data was being collected, classified, and tightly controlled at the highest levels.
Of note: When DoD/DISA took down the WhatsApp bridge, they cut Musk’s direct link to the operation.
This adds context to Trump’s sudden midterm obsession: eradicating mail-in ballots, strong-arming red-state governors to gerrymander Democrats out of Congress, shifting lucrative space contracts from Musk to Bezos, and even starting a war with Venezuela.
Why DISA Instead of NSA or CISA
NSA focuses on signals intelligence (SIGINT): they can detect and decode communications but don’t necessarily dismantle physical or digital infrastructure.
CISA: protects civilian election systems but doesn’t operate at the military or global surveillance level.
DISA: uniquely bridges the gap between intelligence collection and operational control:
It can coordinate directly with U.S. Cyber Command (also housed under DoD).
It has the legal authority to intervene in military-grade cyber operations.
Key nodes in this network include:
Oracle-Israel – oversees the scheduling layer for a “shadow fleet” coordinating election manipulation and market moves across Russia, Iran, North Korea, and China.
NSO Group – operates a blockchain-based command system that routes instructions between foreign intelligence agencies like Russia’s APT28, Iran, North Korea, and Chinese operatives.
WhatsApp – used as a command-and-control hub, until DoD/DISA removed the bridge on Dec 11, 2024, capturing critical communications in real time.
PolyMarket & Coinbase – financial platforms where foreign money and betting markets were used to both fund operations and profit from inside knowledge.
DST Global / a16z via Flexport – a Flexport backdoor connecting NSO’s blockchain to a management layer for the shadow fleet; asserted as part of the context for the Nov 14, 2024 FBI action involving Polymarket’s CEO.
Susquehanna International Group (SIG) – a U.S.-Israeli global options market maker/prop-trading firm tied to TikTok [Yass] and Wagner Group operations, suspected of coordinating currency and forex attacks.
Founders Fund (Peter Thiel) – The connective backing:
Palantir – surveillance and data analytics for both government and private sectors.
PolyMarket – where manipulation bets were placed.
Slack data monetization – stolen Slack messages from Disney leadership and democratic campaign operatives were “value-added” and fed into trading/ops pipelines. (Public record confirms the Disney Slack exfiltration.)
U.S. Military and Intelligence Actions (per whistleblower)
Again, to keep evidentiary lanes clear, we highlight public-record actions.
Feb 28, 2024 – U.S. Army CID: Disrupted a Russian-controlled blockchain connecting APT28 → PolyMarket, orphaning ~$4B in transactions at Coinbase and interrupting PolyMarket futures.
Nov 14, 2024 – FBI: Searched the residence of Polymarket CEO Shayne Coplan the week after the U.S. election, citing these links.
Dec 11, 2024 – DoD OGC & DISA: Removed a bridge connecting an NSO-operated blockchain to WhatsApp, enabling collection of election-day C2 communications. (see screenshot above)
Corroborated and Dated (public record)
January 2024 – Safra Catz (Oracle CEO) met Israeli officials including Defense Minister Yoav Gallant. Confirms Oracle’s senior-level Israel engagements.
January 2024 – DOJ disruption: Court-authorized operation against the KV botnet (SOHO routers) used to mask Volt Typhoon activity.
February 7, 2024 – Joint advisory: CISA/NSA and international partners published technical guidance on Volt Typhoon’s living-off-the-land tradecraft and mitigations.
Founders Fund investment in Polymarket – Founders Fund is an investor and led a 2025 round.
October 2024 – Sen. Lindsey Graham travel to Israel, trip confirmed publicly.
Nov 14, 2024 – FBI raid of Polymarket CEO Shayne Coplan confirmed.
Dec 2024 – WhatsApp server-side fix, neutralized an exploit consistent with the timeframe the doc cites.
Dec 2024 & May 2025 – WhatsApp v. NSO Group rulings U.S. court found NSO liable in Dec 2024; in May 2025 a jury awarded ~$168M. Confirms NSO’s exploitation of WhatsApp.
Dec 31, 2024 – U.S. Treasury sanctions on Iran/Russia for 2024 election interference. Matches the doc’s reference to Treasury action. Treasury names an IRGC unit and a GRU-linked entity and details their influence ops.
What wasn’t said: who cleared those flows before the sanctions were implemented.
The Financial Settlement Layer (per whistleblower)
The billions in bets, currency trades, and covert funding that made this operation profitable.
PolyMarket & Coinbase –
On Feb 28, 2024, Army CID disrupted a blockchain connecting APT28 to PolyMarket, resulting in $4B orphaned inside Coinbase.
SIG (Susquehanna International Group) – SIG’s forex and currency operations rely heavily on large U.S. banks, such as JP Morgan, for liquidity.
If SIG was executing manipulation-linked trades, JP Morgan would have had direct visibility.
Treasury Sanctions, Dec 31, 2024 – The sanctions announced by Treasury named Russian and Iranian entities for interference.
For a bank of JP Morgan’s size, ignorance is not plausible.
Elon Musk’s Role: The Delivery Layer
Before Starlink existed:
Air-gapped voting systems – Most election equipment isn’t (supposed to be) directly connected to the public internet.
Multiple layers of security – Hackers would have to breach county networks, state reporting systems, and vendor back-end portals.
Fragmented infrastructure – With different equipment, software, and rules across 50 states, each county required unique attack strategies.
Enter Starlink: The DTC satellites have the ability to bypass air-gapped systems entirely—in combination with compromised equipment and poorly enforced federal standards, this infrastructure likely provided a centralized exploit path in an otherwise decentralized system.
Despite claims of security, U.S. election infrastructure is deeply fragmented and inconsistently regulated across thousands of counties—making it more vulnerable, not less.
The unprecedented and illegal breach of voting equipment in 2020–2021 by individuals aligned with Trump compromised election integrity across multiple states. That breach, paired with the rollout of Eaton power management hardware (via its acquisition of Tripp Lite) and Starlink’s direct-to-cell (DTC) satellite capabilities, created the perfect conditions for undetectable interference.
No Ground-Level Whistleblowers
Starlink’s low-Earth orbit DTC system removed the human risk factor, replacing countless local intrusions with a single, centralized exploit.
Securing The Midterms
In 2020–2021, Trump’s allies executed an illegal five-state equipment breach that cybersecurity experts, including Dr. Duncan Buell and Dr. John E. Savage, have described as “an unprecedented breach in election system security.”
This same compromised equipment was used again in the 2024 election. Until these vulnerabilities are fully resolved, any discussion of the 2026 midterms, from countering gerrymandering to fundraising, is a nonstarter.
We cannot hold another election on compromised equipment.
Closing Note
These revelations paint a portrait of a decades-long, tangled network—messy, complicated, and perhaps the reason for the deafening silence from Democrats and the media.
When those who control the world’s critical infrastructure—technology, finance, communications, even space—are compromised, the consequences are enormous. These same players fund political campaigns, keeping lawmakers in place.
And it’s all tied to Jeffrey Epstein.
This is why both parties seem eerily aligned. Acknowledging a stolen election wouldn’t just implicate one side—it exposes a tightly woven network of donors, corporate leaders, intelligence assets, and officials across the aisle, shaking the foundations of government itself.
Indeed, “The system is broken.” For the political class, denial is a survival mechanism. But for We the People, facing the truth is the first step to reclaiming our power.
The truth only benefits the people they were elected to serve.
What We Can Do Together
Call, email, and tag state attorneys general and members of Congress on social media—it only takes one to get this process moving.
Section 3 of the 14th Amendment was written for this moment, a stolen election is a rebellion against the Constitution. We have the obligation to remove this entire unelected, illegitimate regime.
You can: circulate this Substack series to everyone and ask them to do the same. We the People are the media now.
You can: circulate The Common Coalition Report and sign on to help The Common Coalition build a class action lawsuit to hold voting equipment companies and vendors accountable.
Hold on to your hope. There are more of us than there are of them. This is not left vs. right—it’s bottom vs. top. Again, we don’t need permission to enforce the Constitution. We just need courage.
Want the truth they’re not telling you? For fearless reporting and expert-backed research, read The Common Coalition Report. And if you believe in funding real, independent work—support our all-volunteer team here.
Someone needs to put this into a “possible story”. It is too difficult to comprehend.
The criminal oligarchy, led by the orange child molester, are such coward fucktards, they had to use We The People to hide their crime behind instead of just being bold enough to own their election theft. It was easier for them to lie to the world and claim The People voted for this half dead child molester and serial criminal.