In recent headlines, the focus has turned to ICEBlock, a crowdsourced app designed to alert undocumented immigrants of nearby immigration enforcement activity. Promoted as a community safety tool, it has sparked outrage in some circles, especially among those who argue it undermines law enforcement.
Yet, conspicuously absent from the outrage is ICESPY.org—an app with a far more serious implication. ICESPY doesn’t just report on agency movements; it utilizes facial recognition—some of which is derived from federally sourced datasets—to identify, track, and expose ICE agents themselves. This app has flown under the radar of mainstream media, despite the obvious risks it poses to federal employees, operational security, and the rule of law.
Both left- and right-leaning media outlets have chosen convenient targets based on their respective political narratives. But in doing so, they’ve missed the real danger: the weaponization of surveillance infrastructure and the selective outrage that conceals deeper national security threats. When taxpayer-funded surveillance tools are repurposed or leaked to unmask federal officers, and no one blinks—but everyone erupts over an app warning people of a checkpoint—we’re not having the proper conversation.
Media rage is a business. I’m not in that business. I’m in the business of truth—no matter how loud the cowards scream. Tore Maras
ICEBlock: A Symbolic Panic Over a Remedial Tool
ICEBlock has recently caught media attention as a supposed “threat” to national security—an app that helps undocumented immigrants avoid Immigration and Customs Enforcement (ICE) by reporting activity in real-time. But peel back the headlines, and the tool itself is more symbolic than sophisticated.
Far from being some high-grade surveillance platform, ICEBlock operates primarily through crowdsourced reports, many of which are manually pulled from encrypted Signal group chats and activist channels. Its interface may be polished, but its backend is little more than a community alert board. It doesn’t integrate with ICE databases, track agents, or breach any federal systems. In short, it’s not much different than what immigrant rights groups have been doing for years—just packaged as an app.
I’m in those Signal groups—have been for years—and I’ve personally posted misleading and false reports more times than I can count, just to test how these networks react. The fact is, ICEBlock pulls its alerts from the same recycled activist chats that have always existed, filled with rumors, exaggerations, and disinformation. It’s not vetted, it’s not real-time intelligence—it’s digital graffiti passed off as operational awareness. The outrage over ICEBlock is laughable when you realize it’s a glorified message board feeding off open-secret chatter that anyone with a burner phone can manipulate. If this is the threat we’re worried about, then we’re either ignorant or willfully ignoring the real problems.
The panic over ICEBlock illustrates a broader media impulse: to inflate the visibility of activism-based tech, while missing the nuance of its actual functionality. It’s an easy headline, but the real threats—leaked facial recognition databases, classified surveillance tools repurposed to target law enforcement—go unmentioned.
The genuine concern isn’t ICEBlock—it’s ICESPY, and I’ve been sounding the alarm since 2018, when it first surfaced. Back then, I reported it directly to law enforcement and even handed the intel over to several journalists and outlets—many of the same ones now pretending to be “shocked” by the existence of this remedial app, ICEBlock. Let’s be clear: ICEBlock, for all its noise, is more of a signal boost for activism than an actual operational threat. It does demonstrate a degree of organization, yes—but it doesn’t even begin to reflect the gravity of what real organizing looks like. ICESPY, on the other hand, uses actual facial recognition—much of it scraped from federal sources—to unmask ICE agents, putting their lives and families at risk. And yet, the media looked away then, on the right and the left, and still refuses to look back now. That’s the real scandal.
ICESPY: Built for the Caravans, Fueled by Federal Leaks
Unlike ICEBlock, which relies on noisy grassroots chatter, ICESPY was a calculated digital weapon—explicitly created during the 2018–2019 Central American migrant caravans. While the media covered the optics of thousands moving north toward the U.S. border, another story was unfolding in the shadows: an activist-led, tech-enabled campaign to unmask ICE agents in real time, using facial recognition tied to sensitive government datasets.
The ICESPY.org platform was quietly launched during this period and marketed in far-left digital circles as a tool of “transparency” and “accountability.” But let’s be clear: this wasn’t a tool built by independent hackers—it had help from within the system. The facial recognition database was seeded with images from federal employee directories, LinkedIn profiles, and, more disturbingly, internal biometric repositories that should never have been accessible to civilian networks. The platform allowed anyone to upload a photo—taken covertly at a checkpoint, office, or public event—and match it against known ICE personnel. The goal? Intimidation, doxxing, and neutralization of federal law enforcement.
The fact that this was enabled by federal employees leaking sensitive information to a federal employee-run activist network makes this one of the most disturbing cases of insider compromise in recent history. Imagine a DEA agent’s identity being leaked to a cartel. That’s not hyperbole—it’s precedent. In 2004, U.S. Customs agents working undercover in the Arizona-Mexico corridor were outed by leaks inside the system, later found to be connected to politically motivated actors sympathetic to anti-border ideologies. Similarly, in 2011, an internal breach at DHS led to the exposure of field agent rosters, which were circulated in encrypted IRC chats frequented by open borders activists and foreign intelligence trolls.
The 2011 DHS Breach: The Forgotten Blueprint Behind ICESPY
This isn’t the first time federal law enforcement has been compromised from within. In 2011, during the aftermath of the ATF’s “Fast and Furious” operation, an internal breach at the Department of Homeland Security (DHS) quietly sent shockwaves through the interagency law enforcement community. At the time, public attention was focused on the disastrous gun-walking program that allowed weapons to fall into the hands of Mexican cartels. What wasn’t publicly disclosed in full—but was known to many in counterintelligence circles—was the simultaneous leak of DHS field agent rosters.
These rosters included names, operational units, and assigned corridors. They were eventually found circulating in encrypted IRC channels used by radical open borders groups, anarchist collectives, and even known foreign intelligence proxies. Some of these chats were linked to activist infrastructure funded—ironically—by organizations with federal contracts or university affiliations.
The nature of the breach was alarming: the data didn’t come from external hackers, but from internal actors—federal employees or contractors with ideological sympathies and direct access to sensitive personnel records. These insiders didn’t just violate protocol; they compromised agent safety, especially those working undercover or embedded in high-risk trafficking corridors across the Southwest.
There were direct consequences. According to redacted DHS after-action reports, several agents operating in the El Paso and Tucson sectors were forced to relocate families after receiving credible threats. Some of their identities were used to fabricate false claims of misconduct—a classic discredit and disrupt tactic—a strategy now echoed in tools like ICESPY.
What happened in 2011 was a dry run for today’s weaponized surveillance leaks. The cultural and bureaucratic conditions that allowed such a breach—unchecked internal activism, political shielding, and a blind spot in federal media coverage—continue to persist. The only difference now is that the tools are more sophisticated, the targeting is more brazen, and the media refuses to acknowledge the pattern.
From Fast and Furious to ICESPY: The Digital Hunting of Federal Agents
The Fast and Furious scandal didn’t just erode public trust in federal law enforcement—it exposed how easily agents can become the scapegoats of political agendas. In its wake, field agents were outed, undermined, and abandoned, often by the very institutions they served. Those stationed in high-risk regions like Arizona, Texas, and California—many of whom worked undercover—were suddenly facing not just cartel retaliation, but domestic activist threats, fueled by leaked rosters and field logs. These were real lives put in real danger, not through enemy espionage, but through internal betrayal.
Now, fast-forward to today, and we’re witnessing the same betrayal—only digitized, streamlined, and rebranded as “accountability.” With ICESPY, we’ve entered an era where federal agents are not just identified—they’re tracked, mapped, and publicly exposed, all with the help of facial recognition tools, many of which are seeded with government-acquired biometric data. And just like in 2011, there’s a silent complicity: federal employees leaking sensitive records, either ideologically driven or naïvely convinced they’re on the “right side of history.”
The threat level is higher now, not because the border has changed, but because the infrastructure of betrayal has evolved. ICESPY doesn’t just dox names—it visually confirms identities using AI-powered recognition and links agents to locations, units, and assignments. This is the digital version of putting a target on someone’s back—a modern-day “wanted” poster broadcast to activist networks and open-source platforms, many of which overlap with known anarchist, foreign influence, or cartel-affiliated nodes.
And yet, while agents were smeared in 2011 and made to disappear quietly, today they’re ignored altogether. The media, both left and right, are distracted by apps like ICEBlock—crowdsourced rumor mills—while ICESPY continues to operate in plain sight, with zero institutional oversight and complete activist protection.
This isn’t just hypocrisy—it’s a systemic failure to protect those on the front lines of immigration enforcement. We’ve gone from leaking names in shadowy IRC chats to crowdsourcing biometric targeting in public view, and nobody is sounding the alarm.
Except some of us have been—for years.
Institutional Cowardice, NGO Laundering, and the Foreign Infiltration Filling the Void
We can’t talk about ICESPY—or the broader targeting of ICE agents—without addressing the institutional cowardice and willful blindness that has allowed this network to flourish.
Let’s call it what it is: many of these activist “watchdog” platforms are powered by the very people collecting federal paychecks. These aren’t outsiders hacking into systems—they are insiders. DHS, DOJ, and even NGO subcontractors tied to immigration and refugee resettlement grants have federal employees actively embedded in the activist networks behind ICEBlock-like tools and the infrastructure that supports ICESPY. They’re using their clearances, their access to biometrics, and their “public servant” cover to wage ideological warfare against their agencies.
For years, this subversion was quietly funded through USAID money, aundered through foreign-tied nonprofits, shell NGOs, and activist university programs under the guise of “human rights,” “community resilience,” or “transnational justice.” These organizations built the digital scaffolding of ICESPY. They procured datasets, recruited interns with .gov clearance, and ran facial recognition scraping ops under research licenses no one ever audited.
Now, as that funding begins to dry up, and with USAID money being restricted or reallocated, guess who’s stepping in? Foreign state actors. We’re already seeing signs that Chinese and North Korean-linked cyber proxies are backfilling the intelligence void, offering technical infrastructure, facial recognition tools, and anonymization services to these same activist collectives.

This isn’t a conspiracy—it’s a classic proxy influence model, identical to the one we saw in Hong Kong, Myanmar, and Catalonia. Weaponize discontent, provide the digital backbone, and exploit internal fractures. And we’ve handed them the keys through our federal workforce.
So while mainstream outlets pontificate about a Signal-based alert app like ICEBlock, they ignore the metastasizing ecosystem of domestic subversion and foreign infiltration sitting inside our agencies, our contractor pipelines, and our unregulated NGO networks.
This isn’t just negligence. It’s a betrayal of duty. And it’s happening on our watch.
The Real Threat Isn’t ICEBlock—It’s ICESPY, and the Federal Betrayal Behind It
While media pundits rage about ICEBlock, a crowdsourced app that alerts users to possible ICE activity, they’re missing the real story. ICEBlock is both remedial and symbolic—a digital extension of the activist whisper network that has existed for years in Signal chats. I know, because I’m in those groups. I’ve even posted deliberately false reports to test how easily misinformation spreads. Spoiler: It spreads fast.
ICEBlock isn’t a high-tech surveillance tool. It’s a community bulletin board with a slicker interface. If your outrage starts and ends there, you’re reacting to a headline, not a threat.
The genuine danger is one I flagged years ago: ICESPY.
Weaponized During the Caravans, Ignored Ever Since
ICESPY launched during the 2018–2019 migrant caravans, not as a protest tool, but as a facial recognition engine designed to unmask ICE agents, one by one. It allowed anyone to upload a photo—captured at a checkpoint or rally—and match it against government-acquired or leaked biometric databases.
This was not the work of independent hackers. This was built with help from inside the federal apparatus.
Yes—federal employees leaked internal ICE personnel images and biometric data to an activist network composed of other federal employees. These are not wild accusations. This is what happens when your HR file ends up scraped, mined, and turned into an activist “accountability” tool.
This Isn’t New. It’s a Pattern.
We saw the prototype for this betrayal in 2011, during the fallout from Operation Fast and Furious. As the scandal erupted, DHS field agent rosters were leaked and circulated in encrypted IRC channels tied to open-borders groups and foreign proxies. Several agents in the El Paso and Tucson sectors were forced to relocate their families due to credible threats. These weren’t anonymous hacks—they were internal breaches, made by people with access.
Now, more than a decade later, we’ve made the betrayal scalable, automated, and globally accessible.
The Money Trail: USAID, NGOs, and Foreign State Actors
For years, this kind of digital subversion was quietly funded through USAID grants and university-tied NGOs operating under the banner of “human rights.” These networks built the infrastructure that ICESPY runs on. They harvested data under research exemptions. They trained activists with .gov internships. They laundered subversion through federal contracting.
Now that the USAID funding pipeline has narrowed, foreign actors like China and North Korea are stepping in. We are already seeing backfill from foreign proxies—offering hosting infrastructure, anonymization, and technical support to the very same activist groups that our government previously funded, namely from CGI agents in Canada.
This is a known influence model: exploit domestic fractures, weaponize internal sympathies, destabilize from within.
The Real Scandal
While agents were forced into silence in 2011, today they’re being digitally hunted in full view, with zero institutional protection. And yet, the media remains fixated on ICEBlock, ignoring the ongoing breach of operational security, the insider threat of ideologically compromised federal employees, and the expanding role of hostile foreign nations exploiting it all.
This isn’t just hypocrisy. This is a systemic failure at the heart of the federal government—and the willful neglect of a press corps too busy chasing shallow narratives to confront it.
If you want a headline, here it is:
We have federal employees helping foreign-backed activist networks unmask ICE agents using biometric data, while the media cries over a crowdsourced app built on Signal chats.
If you’re not asking who’s leaking, who’s funding, and who’s running cover, you’re not serious about national security. Tore Maras
The ICESPY ecosystem was weaponized during a time of heightened national stress, when border agents were already overwhelmed and politically targeted. While Congress debated funding for the wall, federal employees—sworn to protect national security—were quietly feeding identifying information about their colleagues to public-facing platforms. That’s not activism—that’s subversion.
Yet here we are, in 2025, with mainstream media fixated on ICEBlock as if it were a national threat, completely ignoring that ICESPY was, and still is, an active counterintelligence risk. The sheer lack of institutional accountability, legal scrutiny, and public awareness surrounding ICESPY reveals how deeply compromised our information security culture has become. And how easily real threats are erased when they don’t fit a convenient political narrative.
I’m not here to win a popularity contest—I’m here to call bullshit when it matters. If it takes pissing people off to get them to see the real threat, so be it. Tore Maras
If you like my work, you can tip or support me via TIP ME or subscribe to me on Subscribestar! You can also follow and subscribe to me on Rumble and Locals or subscribe to my Substack. I am 100% people-funded. www.toresays.com
Digital Dominion Series is now on Amazon: VOLUME I, VOLUME II, and Volume III – and Pre-order for Digital Dominion Volume IV is now on sale.