Al Qaeda’s New Digital Shingle: Al-Fidaa

Thursday, July 14, 2011

Infosec Island Admin


AQ’s New Propaganda Board:

Al-Fidaa, the newest site in the Al Qaeda webring to spread the usual propaganda. This site popped up last week and I am just getting round to checking it out fully.

The site is undoubtedly a response to the takedown of Al-Shamukh a couple weeks back and this is their answer, to make even more redundant sites to pump out their agenda.

The difference so far with this site is that security wise (at first sniff) it has been upgraded. Google has been spidering the site, but even when you attempt to look at the content in the cache, you get nothing but the login page (click image to enlarge):



This is a decidedly large change from their past sites that leaked data. A further examination of the site structure and back end servers will tell if there is more to work with on Al-Fidaa (click image to enlarge):


Domain Data:

Another major change is that these site domains have been set up as privacy protected. This is a newer thing to most of these sites and the domains were set up in May of this year, probably in case they needed them, like the Al-Shamikh1 site that popped up so quickly after the original domain was capped by Godaddy and allegedly “BlackKatSec”

I would love to see the government go to these domain registries and locate how, who, and where the funds were transferred to create these sites. I am willing to bet that they were set up using cutout companies or individuals, but, maybe they will get lucky and get a line on a real person or two to ask some questions concerning ownership and connection to AQ (click image to enlarge):





Server Locations (click image to enlarge):





While the site is registered in the US, the actual servers are all located in Malaysia. So, once again we see that Malaysia seems to be a hub where the Internet Jihad is concerned. I have to wonder just how well our government gets along with the Malay government.

Could we in fact get some digital forensics love on those boxes out there? One also wonders just how many Malay jihadi’s there are out there and how many of them may in fact work for networks like Piradius. I ask this because many a server has been stealthed onto boxes run in those networks and I think from the looks of them, that they are being managed locally, not just hacked.

The Nature of AQ Sites:

Overall, it seems that this site is just another mirror like all the rest out there. They will have secret little rooms to chat amongst themselves, but the real Jihad goes on elsewhere. Primarily these sites are for the distribution of propaganda and to recruit the lone wolves in the West. I expect that it will just be the same thing with a different color scheme really… But, it will be something to watch.

If I find something tasty I’ll let you know.


Cross-posted from Krypt3ia

Possibly Related Articles:
terrorism internet Intelligence al-Qaeda jihadist Al-Shamukh Al-Fidaa
Post Rating I Like this!
Snaggle Puss The logic flows that if you take an axe to their cyber-pulpit, every bit of propaganda that they have produced will now become tainted by their cyber impotence. It turns every past endorsement they have received into a mockery for both themselves and their patrons.

It's no different than what Lulzsec has down to ridicule their targets.

It seems to be a highly leveraged strategy.

"While al-Ouda has long been characterized as a "friend" of Osama bin Laden, federal investigators told the Seattle Post-Intelligencer in March 2003 that he and al-Hawali "have direct contact" with Osama bin Laden. In a number of al Qaeda propaganda videos, bin Laden has praised al-Ouda for "enlightening" the Muslim youth as well as for his support of jihadi causes."
infosys bangalore To: JohnathanRGalt is one of dozens of terrorist websites all hosted at the same ISP in Malaysia. Qoqaz (means Caucus in Arabic) is devoted to jehad in Chechnya. The site was strongly connected to the former The home page does not have much information (isn't that a little strange for an ISP?). If you do contact and get a reply -- please forward a copy to me. Also contact (parent company).

Well ! I did a whois search using to find out the details of It displays their( contact information like
Page: « < 1 - 2 > »
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.