The boys at Majahden have been learning lately about how psyops, hacking, disinformation, and being pwn3d works.
I suppose since Osama went to live in a pineapple under the sea, they have been taking stock of just how much information they are leaking on the boards out there on the internets.
There have been a spate of timely deaths in the AQ camp of late as well as a few arrests, but really, the intelligence coup of finding OBL and whacking him has all the jihobbyists worried that they will be next.
Of course they should be worried, but not only because OBL was popped. You see, we have been inside their frak for some time now and they just did not know it I guess. I have written in the past about sites that I have been poking at and digging through and I know in the case of Al-faloja (may it rest un-peacefully) I was able to get quite a bit of data from them.
Since Al-Faloja fell down and went boom, there have been many site re-vamps by many a phpBB admin but they still seem to be on the whole, lacking the skills to really secure their frak.
So, from their sooper sekret squirrel lair we have the following text from the above screen shot on majahden entitled “Important Security Tips”. From this post I can say that they have been learning though. The tips are good and if followed it will make it just a teensy bit harder to track them and eventually have them picked up.
Here are some good ones:
- Trust no one: See a new member asking all kinds of questions about going to jihad? Be wary of them they may be spies
- Use internet cafe’s to log in and post to the boards because they can track your IP address
- DO NOT use just one internet cafe! Move around and make sure that you go outside your usual area (where you live)
- Use a PROXY at the cafe!
- Be careful though at the cafe because they are on the lookout for swarthy types like us!
- NEVER give out your real information to ANY forum! (i.e. Bday, phone, etc)
- Beware of files published to the forums! They could be malware!
- Beware of popup installs like Java on the boards, they are not proper and likely a means to compromise you!
- Beware people asking you to email them from the forum (use the message program on the board)
- DO NOT RE-USE PASSWORDS!
- Be careful what information (personal) you put on the site
- Be careful about posting anecdotes about seeing this or that imam speak (places you in a place and a time)
AND Finally, in the FUNNIEST note of the list;
- This is not a dating site! You want to make friends do that separately from the jihadi forums.
In all, these warnings are good solid rules of the road for anyone going anywhere on the internet never mind on a jihadi board being audited by the likes of moi. Just from a privacy standpoint these types of suggestions are valid as well and should be the standard for anyone not wanting their identity stolen or their stuff hacked easily.
This however, is pretty new to all of these guys and are the rudiments of SECOPS for them. Up til now, they have been not following any of these precepts, and to have to say this is not a dating site? Well, that kinda says it all to me, hehe.
Meanwhile another tasty tidbit came up from the same site and this one is a little more interesting. The above screen cap is for a posting called “Deceptive methods to extract information” and it covers primarily the idea of snitches being placed in cells at camps to elicit information from jihadi’s.
Now, this is nothing new to anyone who has had a diet of movies or TV here in the US, but perhaps it is a new one for these guys. Informants in the form of turncoat prisoners or actual agents from the likes of the CIA etc, have been standard operations to get information without the enemy knowing it.
This post is written by someone though who has had first hand experience with being detained. They go on to describe very specific scenarios and methods to evade giving up information to the “birds” as they are calling them (I think they mean stool pigeons).
The writer gives suggestions on how to detect the turncoats and or to deal with the interrogators methods in trying to cajole information from them. All in all, this is an interesting read that comes across as someone who has had direct experience and understands PSYOPS.
The Take Away:
These posts and others within the site have me thinking that they are starting to become a bit more sophisticated in their efforts online. There are numerous tutorials now on chaining Tor and proxy-ing as well as the use of crypto and other security oriented programs.
TNT_ON has been busy posting more tutorials as well as lauding Younis Tsouli (aka irhabi007, now in jail) as the progenitor of the jihadi hacking scene. All I can really say is that it is maturing and we need to step up our efforts with regard to them.
With the new invigoration within the cyber-jihadi community since OBL’s great pineapple adventure, they have taken up the gauntlet not only to hack but to wage a cyber-propaganda campaign like never before.
Presently, the jihadi’s on Majahden and other sites have been spinning up and creating numerous Facebook sites that conform to standards that will fly under the FB radar (FB has been pulling sites down just about as fast as they could put them up) this has become the new “stealth jihad”.
They are making the effort now to have innocent front pages that lead to many other more hidden pages containing hardcore jihadi content. This is something that was being espoused last year on the boards and is now coming into acceptance as the main modus operandi. This way they can have their content and not get it 0wned or taken down by the likes of Facebook or Blogspot.
Since the advent of the LulzSec crew, it just seems that we all have been focused elsewhere... Time to wake up and go back to working these fools. I say it is time to start a program of 0day infected dox that will be downloaded from all those sharing sites that these guys love. Remember the whole cupcake thing with Inspire?
I say we do it en masse for as many sites as we can. Added to this, we should also be using many more approaches such as PSYOPS, Disinformation, and all out penetration of their servers… No matter where they sit.
But that’s just me… I also think that perhaps the NSA might have that already covered… One wonders…
At the very least, we should keep an eye on these sites... If not for the lulz, then for taking them down once and for all.
Cross-posted from Krypt3ia