Cyber vigilante takes on Islamic extremists
Thursday, 07 January 2010 03:58

I had an interesting demonstration this evening from a hacker who goes by the handle “The Jester” or in so-called l33t speak, th3j35t3r which is his Twitter ID.  Since January 1, The Jester has been systematically wreaking havoc with several websites he associates with Al Quiada and Jihadists via a Denial of Service attack delivered over the web through an anonimizer service.  

The Jester has been documenting his attacks against www.alemarah.info, www.radicalislam.org, islamicpoint.net, www.almaghrib.org, www.as-ansar.com, www.islamicnetwork.com, www.islamicawakening.com, www.ansarnet.info, since the beginning of 2010.

Early today he posted:


Official Presidency Website of Iran (www.president.ir) will be unavailable for the next 40 minutes, due to their oppresive Islamic regime.


I approached The Jester through DM and provided my email address.  I wanted to understand his(?) motivations and intentions.  These are still not completely clear but this post sums it up.

The Jester Tweets
The Jester is taking on radical Islam through the web.

Via email he told me:

Hi again Richard,

Forgive me if I may sound vague on any of the following, as you can probably understand I need to protect my oewn identity for the moment.

I am an ex-soldier with a rather famous unit, country purposely not specifed. I was involved with supporting Special Forces, I have served in (and around) Afghanistan amongst other places. Since 'leaving' the governments payroll, it has occured to me that the bad-guys are in fact starting to utilize the web more and more as a recruitment, communication, and propaganda medium.

I have been and continue to develop methods and tools to disrupt, mis-inform and obstruct this kind of terrorist activity. Kinda like taking them down from the inside, and using my weapon of choice. The method I have used to take-down the sites mentioned on twitter is rather special, it's only downfall right now is that it is obviously only temporary disruption. But I can however take down and put back their sites at will. The attack is like a DDOS attack, except without the first 'D'.

There is nothing 'distributed' about this. It is possible with very low bandwidth and a single low-spec linux machine.

I am still refining the tool, but if you check right now - www.alemarah.info is in fact temporarily down, until I decide to bring it back.

The idea here is to target known sites and cause much trouble, but not be destructive and defacing. it's a very surgical strike and causes no collateral or long-term damage.

--------

The Jester makes a point that he is not defacing web sites, a practice he denounces as mere graffiti. 
We had a brief IM conversation this evening.  He wanted to demonstrate his Denial of Service tool which he says works over layer 7 (web) and he launches from his linux server.   For now, a defense is to simply block his attacking IP address.  That will be easy to enhance as he uses a web proxy anyway.  I gave him permission to whack ThreatChaos but, thanks to my recent move to MediaLayer he found that www.threatchaos.com was in the 10% of web sites he could not take down (woot! I'm good.)  While I was searching through a couple of other domains of mine he suggested that he take down http://mbna.co.uk a banking site.


[17:34] thejester: I choose jihad supporters personally, but for the purposes of this demo I  will hit anything for a few seconds.
[17:34] thejester: I need you to know I dont own the domains.
[17:34] stiennon: right
[17:35] thejester: how about MBNA.co.uk?
[17:35] thejester: now do you think I own a bank?
[17:35] thejester: a bank owned by bank of america?
[17:35] stiennon: don't do that!  Might lose somebody some money.  
[17:36] thejester: its real temporary
[17:36] thejester: and surgical, no harm done once I kill the attack
[17:36] stiennon: http://fastcabins.com/   but that is at tumblr.com
[17:37] thejester: hows mbna.co.uk looking?
[17:38] stiennon: not so good.
[17:38] thejester: okay its back in a few seconds.
[17:38] stiennon: connection interrupted


The MBNA site was down for only about ten seconds.  I suggested he take down a friend’s site which he did. It took about 30 seconds for him to launch the attack which lasted 30 seconds.   I am still going through the logs from that site but I could see the requests coming from the anonimizer site.


The identity of The Jester remains a mystery.  Towards the end of our conversation he posed an interesting question:


[17:48] thejester: my question to you is, am I a baddie?

Tough question. In the absence of a lawful society is vigilantism wrong?   Certainly there are many players on both sides of cyber conflicts that feel strongly about their purpose.  But in the final analysis I have to say that taking down websites is unlawful and wrong.   And, in this case, taking down Jihadist sites may hurt The Jester’s cause.


In the age old battle between generals and spies there is a similar conflict.  The spies want to preserve their sources; the generals want to take them out.  I imagine that counter terrorism groups around the world rely on the sites that The Jester is targeting for valuable information, information that could lead to the capture of the next Christmas Bomber.


So my message to The Jester (I know you are reading this since I sent you the link!):
Come in from the cold.  Work with counter-intelligence and counter-terrorism teams to further your vendetta.




Comments
Add New Search
CinnabarSweets  - Hacktivism - Solution or Problem?   |166.205.9.xxx |2010-01-07 02:42:39
Hacktivists exist because the US refuses to get serious about the online threat
that has been building (NOT recently) but for over 5 years.

The efficacy of
hactivism is obviously at issue. Hactivistism (if managed) can augment
intelligence efforts nicely. Hacktivists can do things the govt can't (or
won't). They aren't working under the constraints of a politically polarized
beauracy (the US govt). 

However, hacktivists CAN damage/disrupt current
intelligence gathering efforts. They can pick the wrong target (even a plant).
They can get too personal with their attacks. They can let their egos grow to a
gynormos size. And, they CAN work for the "other" side.

I've had many
discussions (with DHS agency staff) about the terrorism cyberwar.  While they
admitted frustration with the lack of resources (people with typical hacktivism
skills) none of them wanted to hear about the extraordinary lengths hacktivists
are g...
soltani imad  - not so good solution   |92.132.192.xxx |2010-01-07 06:12:31
i hope "jester" use some better way , ddos don't give
information/identity/clue ... taking down sites "one by one" or even
more , is far less interesting than gather information from them
j35t3r  - In response   |93.182.149.xxx |2010-01-08 05:05:41
I do understand that security services are aware of many of these sites and
often have plants within the offending forums etc. I also understand that at
least this way we know who they are and where they are.

This is why I use the
'disruption not destruction' approach, at random intervals. No long term damage
is sustained to the target. That way everybody but the bad guy is happy. (I
think??)

But I will take on board your comments, thanks for taking the time.
Stiennon  - Update   |99.67.231.xxx |2010-01-08 11:29:00
For some great thoughts on the topic of cyber vigilantism see Dancho
Danchev's post.http://ddanchev.blogspot.com/2008/03/terror-on-...

His conclusion: If cyber jihad is really a priority, then there's
nothing more effective than the combination of independent researchers
and intelligence analysts.
Smithwill  - It's not an attack, it'sonly raising one's digi   |24.8.96.xxx |2010-01-08 12:41:20
I'm likening this fellow's activity to essentially shouting someone down with
whom you have a strong disagreement. Sure it's done via electronic means but the
results are still valid. These arguments, if you will, occur all the time
between average folks and the powerful and not-so. In this case, call it
whatever you will, one person is exerting their will over another with a desired
effect. It's no different than most other interaction in society. So dispense
with the attributions and labels. It's just a conversation where the
right-minded and moral-based individual is shutting up the loud-mouthed trouble
maker...for the time being.
Paul  - I agree with Jester...   |68.184.132.xxx |2010-01-14 22:07:06
Jester should be given a National Service Medal.

Lead, follow, or get out of
the way. Sh!t, or get off the pot. Put up or shut up.

You go, Patriot!
v  - hmm   |62.141.58.xxx |2010-02-19 15:58:34
good luck j35t3r

i support ur ideals and what youre doing but im not sure of
your reasoning

what i dont get is if this is something new or whether ur just a
skiddie ... lot of differnt info out there but itd be nice to catch u on im or
irc one day maybe we hang out in the same place

V
j35t3r   |76.76.104.xxx |2010-02-20 10:50:24
@V

my preferred medium would be IRC, any net/server will do fine, so just
let me know where, am interested to talk with you.

You say the IRC channel as
a reply here, once we hook up (I will be j35t3r), I will direct us to another
priv/msg.

Peace.

J
facebook sexbook   |196.203.244.xxx |2010-07-06 09:12:16
I used to follow this hacking stuff online but i got away
facebook sexbook   |196.203.244.xxx |2010-07-06 09:12:46
alan watts books | facebook sexbook | facebook sluts | facebook whores
V  - thankz   |85.214.73.xxx |2010-02-22 08:56:59
thank u

i know irc.cyberarmy.net #cyberarmy is very neutral place i use to hang
out long time ago

we shoulnt be disturbed there. i will try be on all time to
meet u or just pm me
Аникей   |109.188.120.xxx |2010-05-11 09:14:42
Character problem. empty comment
daxida   |92.113.167.xxx |2010-05-20 18:19:22
foto, football, botsad, Трейлеры, ТВ мастерская, Фотогалерея, Клиника.
FlorenceBaker23  - re   |85.17.211.xxx |2010-05-24 18:24:33
That is understandable that money makes people free. But how to act if somebody
doesn't have money? The only one way is to receive the home loans and credit
loan.
Medyumlar  - ...   |95.7.91.xxx |2010-06-01 08:15:40
That is understandable that money makes people free. But how to act if
somebody
doesn't have money? The only one way is to receive the home loans and
credit
loan.
acai berry  - fsdff   |122.180.1.xxx |2010-06-15 04:30:59
Intimately, the post is actually the best on this laudable topic. I
harmonize with your conclusions and will eagerly look forward to your
future updates. Saying thanks will not just be adequate, for the
fantastic lucidity in your writing.micro niche finder review
How To Get Pregnant   |122.180.3.xxx |2010-06-15 04:55:29
Great Post.I like the link.Now expecting some good ideas from your upcoming
post.
How To Get Pregnant
Fat Burning Furnace Review
How To Get Pregnant
davidleonen10  - hi   |122.163.118.xxx |2010-06-18 03:10:11
This is one of the best posts that I’ve ever seen; you may include some more
ideas in the same theme. I’m still waiting for some interesting thoughts from
your side in your next post.
Diet Solution Program Review
Acai Berry Colon
Cleanse
Acai Berry
Acai Max Cleanse
How To Get Pregnant
davidleonen10  - hi   |122.163.118.xxx |2010-06-18 03:11:04
Amazing..you really made my day & after reading this Surely..i ll twit this
to my all friends to know more about this blog
Acai Berry
Acai Berry Colon Cleanse
Diet Solution Program Review
Acai Max Cleanse
How To Get Pregnant
Alexis  - Thanks   |24.27.215.xxx |2010-06-28 13:34:01
Really informative article, I learned a lot.

free high school diploma
iaeban  - Iaeska   |109.169.131.xxx |2010-06-29 12:25:27
Сильно длительно откапывал в сети Интернет
и решился поделиться познавастельной
информацией, которую нарыл. На вашем
портале также присутствует что посмотреть,
но не стоит упускать случай отыскать
что-либо свежее. Как раз посему хотел всем
маленько написать про ящеров и arendato.com.
Поэтому что самое важное, что не очень часто
доводится припомнить про курсоры для windows xp,
а ещё обсудить автомобили и цены.
Подозреваю юные юзеры этого сайта
достигнут согласия с позицией, что вечное
обсуждение известных материалов<...
tread234  - iaeban   |80.234.63.xxx |2010-07-01 07:58:10
Очень долговременно сидел в инете и
решился поделиться той
же информацией, что нашёл. На вашем
портале также имеется что усвоить, но
не следует оставлять вероятность
отыскать что-нибудь новое. И
поэтому надумал всем
немножко написать про доисторических ящеров и игру alien shooter. Поэтому что довольно информативное, что
не так часто получается припомнить
про курсоры для компьютера, а ещё рассмотреть японские автомобили. Подозреваю и другие обитатели данного
портала достигнут ...
Colon Cleanse  - Colon Cleanse   |122.180.62.xxx |2010-07-02 01:29:19
Thanks for taking the time to discuss this, I feel strongly about it and love
learning more on this topic. If possible, as you gain expertise, would you mind
updating your blog with more information? It is extremely helpful for me.
Anjali Roy   |122.180.62.xxx |2010-07-02 01:31:02
I have bookmarked it. This post is really so interesting and informative. Thanks
for sharing with us.

Colon Cleansing
Ibrahim  - rr-r-r-r-a-h!   |213.27.110.xxx |2010-07-02 06:41:56
Cool story, bro
Real  - Thanks   |109.188.89.xxx |2010-07-06 02:59:32
Dimmu Borgir | Дети | Медицинская консультация...
Penis Advantage Review  - Thank You   |99.36.10.xxx |2010-07-09 13:17:30
Great Site.


Penis Advantage Scam

Penis Advantage Review
Noname  - interesting   |119.152.117.xxx |2010-07-09 14:52:23
It is very interesting websitehttp://news245.com/
payday loan online   |91.124.9.xxx |2010-07-16 14:20:54
It is very interesting websit
cij   |92.115.69.xxx |2010-07-19 07:45:16
dofollow блог
UFC 117 Live Stream   |222.127.223.xxx |2010-07-28 21:48:04
this is so James Bond
UFC 117 Live Stream   |222.127.223.xxx |2010-07-28 21:49:05
This is so James Bond.

ufc 117
medyum   |78.166.42.xxx |2010-07-30 07:49:19
This is so James Bond...
virility ex   |86.31.12.xxx |2010-07-30 20:33:50
how unique just my type
virility ex   |86.31.12.xxx |2010-07-30 20:34:43
i like it
sam   |66.109.23.xxx |2010-08-01 04:51:24
Great features . Halloween Costumes
blogger  - Thanks you is is   |193.17.253.xxx |2010-08-01 20:42:15
It's very interesting website!!!
blog servisi   |88.235.73.xxx |2010-10-22 07:45:11
hehehe
Name:
Email:
 
Website:
Title:
UBBCode:
[b] [i] [u] [url] [quote] [code] [img] 
 
 
:angry::0:confused::cheer:B):evil::silly::dry::lol::kiss::D:pinch:
:(:shock::X:side::):P:unsure::woohoo::huh::whistle:;):s
:!::?::idea::arrow:
 
Please input the anti-spam code that you can read in the image.

3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."