This story appeared in The Logoff, a daily newsletter that helps you stay informed about the Trump administration without letting political news take over your life. Subscribe here.Welcome to The Logoff: President Donald Trump and Elon Musk’s increasingly nasty public split is dominating headlines today, and you can read all about it here. But it also means that another change Trump made this week is flying under the radar — one with consequences for millions of people around the world.What just happened? On Wednesday evening, the Trump administration announced a total ban on entry to the US for citizens of 12 countries, resurrecting a key first-term policy. The ban also includes partial restrictions on seven other countries and is set to take effect this coming Monday, June 9.Which countries does the ban impact? Immigrants, students, and tourists will all be affected. Citizens of Afghanistan, Myanmar, Chad, Republic of the Congo, Equatorial Guinea, Eritrea, Haiti, Iran, Libya, Somalia, Sudan, and Yemen are subject to a total ban, while all immigrant visas and many classes of non-immigrant visa for citizens of Burundi, Cuba, Laos, Sierra Leone, Togo, Turkmenistan, and Venezuela are covered by the partial restrictions.What’s the context? This new ban isn’t a surprise — a “Muslim ban,” which was eventually upheld by the Supreme Court after multiple iterations, was a flagship policy in the first Trump administration, and the second Trump administration has previously signaled its intent to bring back some version of the policy. In March, it was reported that the administration was considering various restrictions on at least 43 different countries. What’s different this time? The new ban covers more countries and cites a wider range of justifications. In addition to national security concerns, the ban also alleges “significant risks” of visa overstays from some of the impacted countries. It comes as the administration steps up an ever-more-aggressive campaign of deportation and anti-immigration policies. RelatedThe real reasons Musk is feuding with TrumpAnd with that, it’s time to log off…The NBA finals start tonight, featuring the Oklahoma City Thunder and the Indiana Pacers! I really enjoyed this preview of the series from Defector, which is a great starting point whether or not you’ve been following along through the playoffs. That being said, the Thunder head into the series as favorites — something I, a former Washington state resident, cannot condone. Go Pacers, and long live the Sonics.See More:

The online discussion forum says Anthropic continued to access its site more than 100,000 times after saying it had stopped.

A group of young people — as young as 7 and as old as 25 — are suing the Trump administration to stop its assault on renewable energy and climate action. Executive orders President Donald Trump signed to promote fossil fuels amount to an “unconstitutional” overreach of power, they allege in a complaint filed Thursday at a US District Court in Montana. The 22 plaintiffs also claim that by increasing pollution and denying climate science, the president’s actions violate their Fifth Amendment rights to life and liberty.It’s the latest high-profile case brought against governments by youth concerned about how fossil fuel pollution and climate change poses risks to their health and ability to thrive as they grow up. Two brothers, aged 11 and 7, “were born into climate change-induced smoke seasons that did not exist for older generations”Two brothers, aged 11 and 7 and named “J.K.” and “N.K.” in the suit, “were born into climate change-induced smoke seasons that did not exist for older generations and which compromise their health,” the complaint says. They grew up mostly in Montana but now live in Southern California, and the suit says wildfire smoke has encroached on their lives from state to state. J.K. was born with an abnormal mass of lung tissue and “experienced nosebleeds, sore throats, headaches, tiredness, coughing, trouble breathing, and eye irritation from wildfire smoke,” according to the suit. N.K. has “frequent” upper respiratory infections that have led to emergency room visits. They’ve both missed school days and camp because of feeling sick from smoke and soot in the air from wildfires, it says.Greenhouse gas emissions from fossil fuels trap heat, and rising temperatures have contributed to longer fire seasons in the western US. With hotter, drier conditions, the area burned by forest fires in the western US doubled between 1984 and 2015. “Every additional ton of [greenhouse gas] pollution and increment of heat Defendants cause will cause J.K. and N.K. more days of poor air quality, more smoke, and thus, more harm to their lives, health, and safety,” the complaint adds.In recent years, scientists have been trying to better understand the long-term health impact of wildfire smoke, which previously hadn’t been studied as thoroughly as pollution from other sources thought to be more consistent problems, like factories and highways. Now, chronic exposure to wildfire smoke is a growing concern. Wildfire smoke is considered a neurotoxin estimated to be more harmful than other common air pollutants, but its effects on the body can vary depending on what kinds of materials burn and how chemicals released by the fire interact with other substances in the atmosphere. After campaigning on a promise to “drill, baby, drill” and accepting more than $75 million in contributions from oil and gas interests, Trump signed executive orders on his first day in office declaring a purported “national energy emergency,” directing federal agencies to “unleash” domestic fossil fuel production and promote the use of gas-powered vehicles over EVs. He signed another executive order to “reinvigorat[e]” the coal industry in April. Coal releases more planet-heating pollution when burned than other fossil fuels and has struggled to compete with cheaper sources of electricity.The plaintiffs are seeking injunctive relief to block implementation of those executive orders and to declare them unconstitutional. They also claim that Trump lacks the authority to erode environmental protections passed by Congress under the Clean Air Act. The administration’s efforts to impede scientific research and remove climate information from federal websites amounts to “censorship” and denies plaintiffs access to resources they might otherwise be able to use to minimize risks they face from climate change, the suit alleges.In response to the lawsuit, White House assistant press secretary Taylor Rogers said in an email to The Verge, “The American people are more concerned with the future generations’ economic and national security, which is why they elected President Trump in a landslide victory to restore America’s energy dominance. Future generations should not have to foot the bill of the lefts’ radical climate agenda.” The plaintiffs, who hail from Montana, Oregon, Hawai‘i, California, and Florida, are represented by the nonprofit law firm Our Children’s Trust, which has also represented young people in similar climate cases. A federal appellate court dismissed another case that youth filed against the Obama administration in 2015 over fossil fuel pollution causing climate change, and the US Supreme Court ended that legal battle this year when it declined to hear an appeal.But there have also been some wins. A group of youth reached a settlement last year with the state of Hawai‘i and its Department of Transportation that commits them to a plan to reach zero greenhouse gas emissions from transportation by 2045. J.K. and N.K. were also plaintiffs in a climate suit filed against the state of Montana. Last year, Montana’s Supreme Court upheld a district judge ruling affirming their right to a clean and healthy environment and rejecting policies that had barred officials from considering the consequences of climate change when permitting new energy projects.See More:

The Trump administration is trying to strip Harvard of its ability to enroll international students — an effort blocked by a federal judge on Friday, just hours after the university filed a lawsuit claiming Trump was violating its First Amendment rights.On Thursday, the Department of Homeland Security (DHS) rescinded Harvard’s access to the Student and Exchange Visitor Information System (SEVIS), a government database of international students attending universities in the United States. The students’ visas weren’t cancelled, but DHS’s revocation of Harvard’s SEVIS certification could, in theory, make nearly 6,800 international students enrolled at Harvard deportable immediately.“This administration is holding Harvard accountable for fostering violence, antisemitism, and coordinating with the Chinese Communist Party on its campus,” DHS secretary Kristi Noem said on Thursday. “It is a privilege, not a right, for universities to enroll foreign students and benefit from their higher tuition payments to help pad their multibillion-dollar endowments. Harvard had plenty of opportunity [sic] to do the right thing. It refused.”A month earlier, DHS demanded that Harvard turn over information on its international students, including their “known illegal activity,” “known dangerous or violent activity,” “known threats to other students or university personnel,” and “known deprivation of rights of other classmates or university personnel.” The department also requested information on any disciplinary action that had been taken against international students who participated in protests. DHS threatened to rescind Harvard’s SEVIS certification if the university didn’t turn over student records by April 30th.Since taking office, Trump has used allegations of antisemitism at universities across the country to retaliate against students involved in campus protests against the war on Gaza — and against the universities themselves, which the administration claims haven’t done enough to quell antisemitism on their campuses. In addition to pulling billions of dollars in federal funding, the administration has also had Immigration and Customs Enforcement arrest several students over their pro-Palestine activism. Some of these students, like Mahmoud Khalil and Mohsen Mahdawi, are green card holders whom ICE has accused of engaging in behavior that is contrary to the US’s foreign policy interests. Others are international students whose visas were revoked by the State Department, thus making them deportable.RelatedInstead of targeting individual students at Harvard, the Trump administration is going after the university’s ability to enroll international students altogether. Unlike Columbia, which capitulated to a list of Trump’s demands, Harvard has generally refused to comply with the administration’s requests that it hand over data on its international students; “audit” its academic programs, as well as students’ and faculty’s political views; and change its governance structure and hiring practices.Harvard sued the administration on Friday. In a complaint filed in Massachusetts federal court, the university’s lawyers called DHS’s revocation of its SEVIS certification a “blatant violation of the First Amendment.”“It is the latest act by the government in clear retaliation for Harvard exercising its First Amendment rights to reject the government’s demands to control Harvard’s governance, curriculum, and the ‘ideology’ of its faculty and students,” the complaint alleges. “With the stroke of a pen, the government has sought to erase a quarter of Harvard’s student body, international students who contribute significantly to the University and its mission.”Moreover, the suit claims, revoking Harvard’s SEVIS status puts students in an impossible position. “Termination of SEVIS records presents student visa holders whose school loses its certification with two bad choices,” the complaint claims: transferring immediately, or leaving the country.A federal judge has temporarily blocked DHS’s attempt to revoke Harvard’s SEVIS certification. The university’s international students are safe — for now.See More:

DanaBot Feds charge 16 Russians allegedly tied to botnets used in cyberattacks and spying An example of how a single malware operation can enable both criminal and state-sponsored hacking. Andy Greenberg, WIRED.com – May 23, 2025 3:56 pm | 0 Credit: Getty Images Credit: Getty Images Story text Size Small Standard Large Width * Standard Wide Links Standard Orange * Subscribers only   Learn more The hacker ecosystem in Russia, more than perhaps anywhere else in the world, has long blurred the lines between cybercrime, state-sponsored cyberwarfare, and espionage. Now an indictment of a group of Russian nationals and the takedown of their sprawling botnet offers the clearest example in years of how a single malware operation allegedly enabled hacking operations as varied as ransomware, wartime cyberattacks in Ukraine, and spying against foreign governments. The US Department of Justice today announced criminal charges today against 16 individuals law enforcement authorities have linked to a malware operation known as DanaBot, which according to a complaint infected at least 300,000 machines around the world. The DOJ’s announcement of the charges describes the group as “Russia-based,” and names two of the suspects, Aleksandr Stepanov and Artem Aleksandrovich Kalinkin, as living in Novosibirsk, Russia. Five other suspects are named in the indictment, while another nine are identified only by their pseudonyms. In addition to those charges, the Justice Department says the Defense Criminal Investigative Service (DCIS)—a criminal investigation arm of the Department of Defense—carried out seizures of DanaBot infrastructure around the world, including in the US. Aside from alleging how DanaBot was used in for-profit criminal hacking, the indictment also makes a rarer claim—it describes how a second variant of the malware it says was used in espionage against military, government, and NGO targets. “Pervasive malware like DanaBot harms hundreds of thousands of victims around the world, including sensitive military, diplomatic, and government entities, and causes many millions of dollars in losses,” US attorney Bill Essayli wrote in a statement. Since 2018, DanaBot—described in the criminal complaint as “incredibly invasive malware”—has infected millions of computers around the world, initially as a banking trojan designed to steal directly from those PCs' owners with modular features designed for credit card and cryptocurrency theft. Because its creators allegedly sold it in an “affiliate” model that made it available to other hacker groups for $3,000 to $4,000 a month, however, it was soon used as a tool to install different forms of malware in a broad array of operations, including ransomware. Its targets, too, quickly spread from initial victims in Ukraine, Poland, Italy, Germany, Austria, and Australia to US and Canadian financial institutions, according to an analysis of the operation by cybersecurity firm Crowdstrike. At one point in 2021, according to Crowdstrike, Danabot was used in a software supply-chain attack that hid the malware in a JavaScript coding tool called NPM with millions of weekly downloads. Crowdstrike found victims of that compromised tool across the financial service, transportation, technology, and media industries. That scale and the wide variety of its criminal uses made DanaBot “a juggernaut of the e-crime landscape,” according to Selena Larson, a staff threat researcher at cybersecurity firm Proofpoint. More uniquely, though, DanaBot has also been used at times for hacking campaigns that appear to be state-sponsored or linked to Russian government agency interests. In 2019 and 2020, it was used to target a handful of Western government officials in apparent espionage operations, according to the DOJ's indictment. According to Proofpoint, the malware in those instances was delivered in phishing messages that impersonated the Organization for Security and Cooperation in Europe and a Kazakhstan government entity. Then, in the early weeks of Russia's full-scale invasion of Ukraine, which began in February 2022, DanaBot was used to install a distributed denial-of-service (DDoS) tool onto infected machines and launch attacks against the webmail server of the Ukrainian Ministry of Defense and National Security and Defense Council of Ukraine. All of that makes DanaBot a particularly clear example of how cybercriminal malware has allegedly been adopted by Russian state hackers, Proofpoint's Larson says. “There have been a lot of suggestions historically of cybercriminal operators palling around with Russian government entities, but there hasn't been a lot of public reporting on these increasingly blurred lines,” says Larson. The case of DanaBot, she says, “is pretty notable, because it's public evidence of this overlap where we see e-crime tooling used for espionage purposes.” In the criminal complaint, DCIS investigator Elliott Peterson—a former FBI agent known for his work on the investigation into the creators of the Mirai botnet—alleges that some members of the DanaBot operation were identified after they infected their own computers with the malware. Those infections may have been for the purposes of testing the trojan, or may have been accidental, according to Peterson. Either way, they resulted in identifying information about the alleged hackers ending up on DanaBot infrastructure that DCIS later seized. “The inadvertent infections often resulted in sensitive and compromising data being stolen from the actor's computer by the malware and stored on DanaBot servers, including data that helped identify members of the DanaBot organization,” Peterson writes. The operators of DanaBot remain at large, but the takedown of a large-scale tool in so many forms of Russian-origin hacking—both state-sponsored and criminal—represents a significant milestone, says Adam Meyers, who leads threat intelligence research at Crowdstrike. “Every time you disrupt a multiyear operation, you're impacting their ability to monetize it. It also creates a bit of a vacuum, and somebody else is going to step up and take that place,” Meyers says. “But the more we can disrupt them, the more we keep them on their back heels. We should rinse and repeat and go find the next target.” This story originally appeared at wired.com Andy Greenberg, WIRED.com Wired.com is your essential daily guide to what's next, delivering the most original and complete take you'll find anywhere on innovation's impact on technology, science, business and culture. 0 Comments

As YouTube prepares to air an exclusive NFL opening week game for free on September 5th, it’s hiring former Disney exec Justin Connolly. The move has caused Disney to respond by suing both YouTube and Connolly, saying he was in the middle of leading the team negotiating Disney’s license renewal with YouTube. He’d most recently been running the streaming services and linear media networks at Disney, and will take over as YouTube’s new global head of media and sports, as first reported by Bloomberg. After spending more than 20 years at Disney and ESPN, he’ll be managing YouTube’s relationship with the media companies that distribute content on YouTube TV, as well as leading its live sports coverage. Bloomberg also first reported the lawsuit filed yesterday in California Superior Court, as Disney alleges that YouTube induced Connolly to breach a three-year employment contract that started in January and would’ve kept him there as an executive until an early termination option for March 1st, 2027. Connolly left Disney last week, just months before the launch of its standalone ESPN streaming service this fall. In its complaint (which you can read below), Disney’s lawyers write: Critically, Connolly leads the Disney team negotiating a license renewal with YouTube. Connolly has intimate knowledge of Disney’s other distribution deals, the financial details concerning Disney’s content being licensed to YouTube, and Disney’s negotiation strategies, both in general and in particular with respect to YouTube. It would be extremely prejudicial to Disney for Connolly to breach the contract which he negotiated just a few months ago and switch teams when Disney is working on a new licensing deal with the company that is trying to poach him. YouTube did not comment on the lawsuit. YouTube has become a growing force in live sports, with its live TV streaming service amassing more than 8 million subscribers and adding the NFL Sunday Ticket package in 2023. The platform will also. Earlier this year, YouTube revealed that it has become more popular on TVs than phones. Other streaming companies have also increased their focus on sports recently, with Amazon preparing to broadcast NBA games and Inside the NBA next season, Apple’s close relationship with MLB and MLS, as well as Netflix’s broadcasts with the NFL and other events. Update, May 22nd: Added details of Disney’s lawsuit.

The U.S. unsealed charges against 16 individuals behind DanaBot, a malware-as-a-service platform responsible for over $50 million in global losses. "The FBI says a newer version of DanaBot was used for espionage, and that many of the defendants exposed their real-life identities after accidentally infecting their own systems with the malware," reports KrebsOnSecurity. From the report: Initially spotted in May 2018 by researchers at the email security firm Proofpoint, DanaBot is a malware-as-a-service platform that specializes in credential theft and banking fraud. Today, the U.S. Department of Justice unsealed a criminal complaint and indictment from 2022, which said the FBI identified at least 40 affiliates who were paying between $3,000 and $4,000 a month for access to the information stealer platform. The government says the malware infected more than 300,000 systems globally, causing estimated losses of more than $50 million. The ringleaders of the DanaBot conspiracy are named as Aleksandr Stepanov, 39, a.k.a. "JimmBee," and Artem Aleksandrovich Kalinkin, 34, a.k.a. "Onix," both of Novosibirsk, Russia. Kalinkin is an IT engineer for the Russian state-owned energy giant Gazprom. His Facebook profile name is "Maffiozi." According to the FBI, there were at least two major versions of DanaBot; the first was sold between 2018 and June 2020, when the malware stopped being offered on Russian cybercrime forums. The government alleges that the second version of DanaBot -- emerging in January 2021 -- was provided to co-conspirators for use in targeting military, diplomatic and non-governmental organization computers in several countries, including the United States, Belarus, the United Kingdom, Germany, and Russia. The indictment says the FBI in 2022 seized servers used by the DanaBot authors to control their malware, as well as the servers that stored stolen victim data. The government said the server data also show numerous instances in which the DanaBot defendants infected their own PCs, resulting in their credential data being uploaded to stolen data repositories that were seized by the feds. "In some cases, such self-infections appeared to be deliberately done in order to test, analyze, or improve the malware," the criminal complaint reads. "In other cases, the infections seemed to be inadvertent -- one of the hazards of committing cybercrime is that criminals will sometimes infect themselves with their own malware by mistake." A statement from the DOJ says that as part of today's operation, agents with the Defense Criminal Investigative Service (DCIS) seized the DanaBot control servers, including dozens of virtual servers hosted in the United States. The government says it is now working with industry partners to notify DanaBot victims and help remediate infections. The statement credits a number of security firms with providing assistance to the government, including ESET, Flashpoint, Google, Intel 471, Lumen, PayPal, Proofpoint, Team CYRMU, and ZScaler. Read more of this story at Slashdot.

The SEC on Wednesday said it has charged cryptocurrency startup Unicoin and three of its top executives for false and misleading statements that raised more than $100 million from thousands of investors. "We allege that Unicoin and its executives exploited thousands of investors with fictitious promises that its tokens, when issued, would be backed by real-world assets including an international portfolio of valuable real estate holdings," said Mark Cave, Associate Director in the SEC's Division of Enforcement. "But as we allege, the real estate assets were worth a mere fraction of what the company claimed, and the majority of the company's sales of rights certificates were illusory. Unicoin's most senior executives are alleged to have perpetuated the fraud, and today's action seeks accountability for their conduct." From the release: The SEC alleges that Unicoin broadly marketed rights certificates to the public through extensive promotional efforts, including advertisements in major airports, on thousands of New York City taxis, and on television and social media. Among other things, Unicoin and its executives are alleged to have convinced more than 5,000 investors to purchase rights certificates through false and misleading statements that portrayed them as investments in safe, stable, and profitable "next generation" crypto assets, including claims that: - Unicoin tokens underlying the rights certificates were "asset-backed" by billions of dollars of real estate and equity interests in pre-IPO companies, when Unicoin's assets were never worth more than a small fraction of that amount; - the company had sold more than $3 billion in rights certificates, when it raised no more than $110 million; and - the rights certificates and Unicoin tokens were "SEC-registered" or "U.S. registered" when they were not. According to the SEC's complaint, Unicoin and Konanykhin also violated the federal securities laws by engaging in unregistered offers and sales of rights certificates. Konanykhin offered and sold over 37.9 million of his rights certificates to offer better pricing and target investors the company had prohibited from participating in the offering to avoid jeopardizing its exemption to registration requirements, as alleged. Read more of this story at Slashdot.

AMD is officially announcing its Radeon RX 9060 XT GPU at Computex today. Like the number implies, this graphics card will challenge Nvidia’s recently released RTX 5060, with AMD offering models with 8GB or 16GB of VRAM. AMD is following Nvidia’s controversial choice to ship a modern GPU with just 8GB of VRAM in the year 2025. The 8GB of VRAM debate has been raging for months now, particularly because of the latest games that can be very demanding on the memory side. AMD is following in Nvidia’s footsteps, though, so it’ll be interesting to see what reviewers make of both cards in this important part of the market. The RX 9060 XT will ship with 32 RDNA 4 compute units, a boost clock of 3.13GHz, and support for DisplayPort 2.1a and HDMI 2.1b. The total board power is between 150 watts and 182 watts, depending on the model. AMD is only announcing the existence of the RTX 9060 XT today, and it hasn’t supplied pricing or even a release date. We’re still waiting to hear how the RTX 5060 stacks up, because oddly, Nvidia launched its latest 50-series GPU yesterday without any reviews available. The GPU maker had reportedly prevented reviewers from obtaining the necessary driver to test the RTX 5060 ahead of the release date, presumably because it’s worried about the paltry 8GB of VRAM spec. While the 8GB of VRAM choice for both Nvidia and AMD is controversial, Nvidia has managed to spark a further wave of outrage from PC gaming YouTubers over comments it has made to Gamers Nexus. In a 22-minute video, Gamers Nexus discusses the pressure from Nvidia to include Multi Frame Generation (MFG) in benchmarks against competitor cards that don’t have a similar feature. Gamers Nexus (GN) alleges that Nvidia has even implied that it would revoke access to interview Nvidia engineers unless the channel discussed MFG more.

This Amateur Art Detective Thinks Paul Gauguin’s Last Self-Portrait Is a Fake The new allegations come from Fabrice Fourmanoir, who previously identified a fraudulent Gauguin sculpture that the Getty Museum had purchased for $5 million The authenticity of Paul Gauguin's 1903 self-portrait has long been the subject of debate. Public domain via Wikimedia Commons According to naval records, Paul Gauguin’s eyes were brown. In early self-portraits, the French artist painted himself with a crooked nose, and he scrawled a signature and date in the corners. Why, then, does Gauguin’s last self-portrait have blue eyes, a squat nose and no signature or date? According to Fabrice Fourmanoir, an art dealer and amateur art sleuth, these aesthetic oddities are just the most obvious evidence that the 1903 self-portrait housed at the Kunstmuseum Basel in Switzerland was not the work of Gauguin. Fourmanoir alleges that the work was instead painted by Gauguin’s friend Ky-Dong Nguyen Van Cam in the 1910s, years after the artist’s death in 1903. After that, he says it was passed off as a real Gauguin and eventually bequeathed to the Kunstmuseum Basel in 1945. So far, the Kunstmuseum has been willing to check Fourmanoir’s claims. It announced that it will conduct X-ray, infrared and ultraviolet scans to help determine the provenance of the painting. “We take this matter very seriously, but these analyses will take some time,” a spokesperson for the Kunstmuseum tells Artnet’s Jo Lawson-Tancred. Results are not expected until June or July. A Gauguin self-portrait from 1888 Public domain via Wikimedia Commons The painting’s official origin story begins on the island of Hiva Oa in French Polynesia in 1903. Gauguin’s health was declining. Although in February of that year, he wrote to a friend explaining that he had “hardly touched a brush for three months,” he somehow found the motivation to make one last self-portrait, per the Art Newspaper’s Martin Bailey. On the morning of May 8, he died, likely of a heart attack. His poor health is evident in the self-portrait. His face is grim, lacking the exuberance and devil-may-care attitude visible in earlier paintings. Henri Loyrette, a former director of the Musée d’Orsay and the Louvre in Paris, once described it as “a portrait of eternity,” akin to the Fayum funerary portraits of ancient Egypt, according to the Art Newspaper. But Fourmanoir doesn’t believe this story. He claims that after Gauguin befriended Ky-Dong, who was exiled from his native Vietnam for anti-colonial activities, he taught him to paint. After Gauguin’s death, Ky-Dong painted the portrait of his deceased friend and teacher based on a black-and-white photograph, which goes some way in explaining the discrepancy in eye color and nose shape. Fourmanoir’s principal source is Ky-Dong’s son, whom he met in Papeete, the capital of Tahiti, in the 1980s. “We had long conversations about Gauguin and his father, Ky-Dong. He told me his father had said that he had painted the portrait of Gauguin,” says Fourmanoir, per the Art Newspaper. The portrait surfaced in 1923 in the possession of Louis Grélet, a Swiss liquor merchant and photographer who knew Gauguin. Fourmanoir alleges that Grélet knew the painting was not a real Gauguin but passed it off as authentic with the help of Jean-Louis Ormond, the nephew of painter John Singer Sargent. They put the work up for auction at Sotheby’s in London and split the earnings. Paul Gauguin around 1891 Public domain via Wikimedia Commons Fourmanoir’s allegations aren’t without precedent. In the late 1920s, the portrait hung at the Kunsthalle Basel, an art gallery in Switzerland, where records described it as a “presumed self-portrait,” according to Le Quotidien de l’Art’s Jade Pillaudin. “The hypothesis that the work is not a Gauguin was already expressed in the first documents that we attained on the subject,” Eva Reifert, a curator at the Kunstmuseum, tells Le Quotidien de l’Art. “Admittedly, we also see documented expert opinion that the work is undoubtedly authentic, but with the new information shared by Fabrice Fourmanoir, there is a chance to study this question again.” Fourmanoir, after all, has a knack for spotting fakes. In 2020, he claimed that a rare sandalwood sculpture attributed to Gauguin was a forgery. The Getty Museum in Los Angeles, which had purchased it for a reported $5 million, later reattributed the piece. While the results of the analyses will help determine the truth of Fourmanoir’s claims, one other possibility remains: The portrait could be a collaborative work by both Gauguin and Ky-Dong. In the 1960s, Bengt Danielsson, a Swedish anthropologist and the author of Gauguin in the South Seas, recalled a story that Grélet once told him, per the Art Newspaper: One day, Ky-Dong was in Gauguin’s studio and began painting the artist’s portrait, Danielsson wrote. “Without a word, Gauguin picked up a mirror and, thrusting his friend aside, took the brush and finished the portrait himself.” Get the latest stories in your inbox every weekday.