Al Qaeda’s New Digital Shingle: Al-Fidaa

Thursday, July 14, 2011

Infosec Island Admin

7fef78c47060974e0b8392e305f0daf0

AQ’s New Propaganda Board:

Al-Fidaa, the newest site in the Al Qaeda webring to spread the usual propaganda. This site popped up last week and I am just getting round to checking it out fully.

The site is undoubtedly a response to the takedown of Al-Shamukh a couple weeks back and this is their answer, to make even more redundant sites to pump out their agenda.

The difference so far with this site is that security wise (at first sniff) it has been upgraded. Google has been spidering the site, but even when you attempt to look at the content in the cache, you get nothing but the login page (click image to enlarge):

image

 

This is a decidedly large change from their past sites that leaked data. A further examination of the site structure and back end servers will tell if there is more to work with on Al-Fidaa (click image to enlarge):

image

Domain Data:

Another major change is that these site domains have been set up as privacy protected. This is a newer thing to most of these sites and the domains were set up in May of this year, probably in case they needed them, like the Al-Shamikh1 site that popped up so quickly after the original domain was capped by Godaddy and allegedly “BlackKatSec”

I would love to see the government go to these domain registries and locate how, who, and where the funds were transferred to create these sites. I am willing to bet that they were set up using cutout companies or individuals, but, maybe they will get lucky and get a line on a real person or two to ask some questions concerning ownership and connection to AQ (click image to enlarge):

image

image

image

 

Server Locations (click image to enlarge):

 

image

image

image

While the site is registered in the US, the actual servers are all located in Malaysia. So, once again we see that Malaysia seems to be a hub where the Internet Jihad is concerned. I have to wonder just how well our government gets along with the Malay government.

Could we in fact get some digital forensics love on those boxes out there? One also wonders just how many Malay jihadi’s there are out there and how many of them may in fact work for networks like Piradius. I ask this because many a server has been stealthed onto boxes run in those networks and I think from the looks of them, that they are being managed locally, not just hacked.

The Nature of AQ Sites:

Overall, it seems that this site is just another mirror like all the rest out there. They will have secret little rooms to chat amongst themselves, but the real Jihad goes on elsewhere. Primarily these sites are for the distribution of propaganda and to recruit the lone wolves in the West. I expect that it will just be the same thing with a different color scheme really… But, it will be something to watch.

If I find something tasty I’ll let you know.

K.

Cross-posted from Krypt3ia

Possibly Related Articles:
33886
Network->General
Military
terrorism internet Intelligence al-Qaeda jihadist Al-Shamukh Al-Fidaa
Post Rating I Like this!
7a0dd4c93c59affa7fae09e3dfa1378d
Snaggle Puss The logic flows that if you take an axe to their cyber-pulpit, every bit of propaganda that they have produced will now become tainted by their cyber impotence. It turns every past endorsement they have received into a mockery for both themselves and their patrons.

It's no different than what Lulzsec has down to ridicule their targets.

It seems to be a highly leveraged strategy.

"While al-Ouda has long been characterized as a "friend" of Osama bin Laden, federal investigators told the Seattle Post-Intelligencer in March 2003 that he and al-Hawali "have direct contact" with Osama bin Laden. In a number of al Qaeda propaganda videos, bin Laden has praised al-Ouda for "enlightening" the Muslim youth as well as for his support of jihadi causes."
1310784036
Default-avatar
infosys bangalore To: JohnathanRGalt
Qoqaz.com is one of dozens of terrorist websites all hosted at the same ISP in Malaysia. Qoqaz (means Caucus in Arabic) is devoted to jehad in Chechnya. The site was strongly connected to the former Azzam.com. The Acmecommerce.com home page does not have much information (isn't that a little strange for an ISP?). If you do contact Acmecommerce.com and get a reply -- please forward a copy to me. Also contact webvisions.com (parent company).

http://www.whois.sc/qoqaz.com


Well ! I did a whois search using http://www.whoisxy.com to find out the details of qoqaz.com. It displays their(qoqaz.com) contact information like whois.sc.
1367470066
Page: « < 1 - 2 > »
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.