Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for the ‘Shahid’ Category

British Airway Al Qaeda Mole: The IT Connection

leave a comment »

Rajib Karim

A British Airways computer expert who plotted to blow up a plane has been found guilty of terror charges.

Rajib Karim, 31, from Newcastle, used his job to access information for radical cleric Anwar al-Awlaki, Woolwich Crown Court heard.

He denied four charges, including sharing information of use to hate groups.

But after four days of deliberations, the jury found him guilty of all four charges.

Karim was committed to an “extreme jihadist cause” and determined to become a martyr, jurors were told.

The Bangladeshi national, who moved with his wife and son to Newcastle in 2006, had already admitted being involved in the production of a terrorist group’s video.

Joined gymKarim, a privately-educated IT expert from Dhaka, became a supporter of the extremist organisation Jammat-ul Mujahideen Bangladesh (JMB) after being influenced by his younger brother Tehzeeb, the court heard.

He was described as a “mild-mannered, well-educated and respectful” man who hid his hatred for Western ways from colleagues by joining a gym, playing football and never airing extreme views.

But at the same time he was using his access to the airline’s offices in Newcastle and at Heathrow to spread confidential information.

After gaining a post-graduate job at BA in 2007, Karim held secret meetings with fellow Islamic extremists at Heathrow and, in 2009, began communicating with al-Awlaki from his home in Brunton Lane.

After the verdict, Home Secretary Theresa May said: “The fact that Karim has been found guilty of such a heinous plot shows why we will never be complacent.

“I want to thank the police and the security service for their hard work in this complex case.

“We know that we face a serious threat from terrorism and national security remains this government’s top priority.”

Colin Gibbs, counter terrorism lawyer for the Crown Prosecution Service, added: “The most chilling element of this case is probably the fact that Karim tried to enrol as cabin crew and anyone can imagine how horrific the consequences of this could have been, had he succeeded.

“Karim’s deep determination to plan terror attacks whatever the cost was frightening.

‘Coded messages'”He found a position as a software engineer, which the prosecution said he considered the perfect job, giving an opportunity sooner or later to fulfil his deadly objective.”

Deputy assistant commissioner of the Metropolitan Police, Stuart Osborne, added: “Although Rajib Karim went to great lengths to disguise his activities, experts from the Metropolitan Police Service Counter Terrorism Command spent nine months decrypting 300 coded messages found on his computer hard drive.

“It was the most sophisticated decryption task of its kind ever undertaken by the Met’s Counter Terrorism Command.

“This painstaking work gave detectives access to a body of material, which exposed Rajib Karim’s terrorist activities and led to today’s conviction.”

Karim is due to be sentenced on 18 March.

Well, here you have it. This is what I have been talking about for a while now, AQ learning to insert technical moles into positions to do us harm. This guy may be a fluke in that he could have just been in the right place at the right time, but, I think that AQ placed him where he was caught.

What’s even more interesting to me is that this guy was using his technical skills to give out important intel on Heathrow and BA’s systems to AQAP. What better way than to insert a technically capable mole who is also willing to be a shahid to do the most damage? The jihadi’s are getting more nimble and using espionage techniques to up their game. They have learned the value of technology and just how much we are all at its mercy today.

If this doesn’t ring the warning bell not only for all CT efforts, it should at the very least do so for the airlines and the airports out there. This guy had insider knowledge and access to the systems and networks that also house the baggage scanners, passenger lists, and other security methods at Heathrow.

So, how was he caught I wonder.. Perhaps as he was talking to Al Alawki online? From this one might infer that Alawki’s comm’s are pretty much tapped huh? Yeah, I would guess that…

K

 

Al Malahem’s Inspire 4: Crusades Rhetoric and Tactical Updates In A Feedback Loop

with one comment

 

Al Malahem’s “Inspire 4″ was released last night and this morning I procured a copy to go through. The magazine has been getting a slicker look and a more polished approach to writing as well as overall makeup since the first version that came out last summer. Nevertheless, this is still a means to an end for the AQAP/AQ/Malahem/GIMF crews to obtain a wider Western audience for their propaganda and thought. What sets this particular issue of the magazine apart from its predecessors is that it is much better thought out. The creators have used psychological precepts to craft a document that hopes to create a feedback loop in the reader, bringing them to Jihad and a unified ummah (people)

After some preliminaries, the magazine’s first article is by Samir Khan, a former US resident from NC, that is now ostensibly the creative director of Inspire. His piece sets the tone and begins the feedback loop. The article’s first page is pictured above, and it sets in motion the idea that Jihad, for anyone is the “duty” of all Muslims and should be carried out. Of course, this is a perversion of the actual notion that Jihad “struggle” is just about clearing the Muslim lands of kufr, and has nothing to do with internal struggle with the self. Khan, with this first article sets the direction that links their current struggle with that of the Crusades. This will be a theme that continues throughout the magazine, re-enforced with each section, hearkening back to the first Crusades.

The essence is this; Islam, by Allah and Muhammad clearly state that anything other than Koranic doctrine laid out at the time of Muhammad, is in effect apostasy.

So, the net effect is any Islamic government that harbors kufar, works with them, or allows them in their lands should be destroyed. Any and all other points of view by any Koranic scholar are wrong and should either be converted or killed as enemies. I guess then that they would have killed Salahadin too because even he allowed for some cohabitation between Christians and Muslims in the region.

Thus begins the feedback loop. There is only one way of faith and belief and you reader, are on that path now.

Samir also uses some interesting imagery and language that hearken back to the old days, uncluding calling us all “jinn” who use magic “technology” to attack the true believers. Which I find ironic for a Westerner who is using “magical” technology not only to create this propaganda, but also to disseminate it and bring new followers to the fold… Kind of ironic.

The next article is a short one from Adam Gadhan aka Azzam Al Amriki. This piece goes on to re-inforce what Samir has laid out for the reader. Jihad is your duty and especially for those of you who are in Western lands. Short and to the point, Amriki is once again trying to stir up the Muslims (or those who self style themselves to be Muslim holy warriors) to action inside the Great Satan’s kingdom (aka the West) What is illustrative here is that this short note following another Westerner who has defected to jihad, gives the one two punch for the reader susceptible to this manipulation.

Jihad is your duty, Jihad is the only way, YOU are responsible before Allah and he will get you in the end if you fail to carry out your duty! No paradise for you, instead he will mete out punishment.

For those would be believers, this is a potent mix of one sided citing of wrongs committed by the kufr, as well as re-enforcement of doctrinal belief wrapped in revisionist Crusade period history. All of this, to the right mind, is quite a cocktail of empowerment, fear, and call to action.

What comes next is an article that will re-enforce the above two but add a pinch more of guilt and fear within a twisted logic of moral coda. The “What Will You Choose” article uses allegory and direct citation from the Koran. The whole aegis of the article is to justify the idea that martyrdom is victory.

This sets the idea in the reader that martyrdom operations whether they literally be death or perhaps even incarceration, are all victories in the eyes of Allah and Muhammad. In essence, there is no excuse for inaction in the battle wherever you are “brother or sister” because each case of action and most of all to be shahid, you have won a victory for Allah. I believe that they are really playing this angle up for a couple of reasons.

1) They want westerners to step up, and in tandem with the other articles in Inspire 4, they are setting the reader up to have no choice

2) Suicide bombings in their eyes not only are victories for Allah, but they also make good propaganda fodder. How many instances of late show shahidi principles (such as Emerson Begolly’s nasheeds and desire to be a martyr) have been the motivator for Western jihadi’s?

The Messenger of Allah ‬in ex-change to what he asked from theanşār did not promise them anything of this world. He only promised them paradise and paradise only comes after death. So would you want to die a natural death or die as a martyr?

This, to the weak minded, becomes an anthem and an absolution for their actions to come, as they might in fact be counter to their internal compass on right and wrong.  Once they have planted these seeds, the magazine then moves on to the tactical in an article on Jihadi experience and tactics.


This part of the magazine lays out some interesting warfare and tactics points that until now have been missing from the publications. Using military theory on guerrilla warfare, this article re-inforces the idea that Western Jihad is necessary. Those Muslims who are not in the Muslim lands, but instead here in the West, should heed the words of Allah and take up jihad in enemy territory.

Are you seeing how these all play together?

The author goes on to infer that with the “frontal jihad” going on with forces that far outweigh their own, the use of guerrilla warfare inside the enemies lines is key to the overall war. He lays out the tactical issues of trying to heed the call of Jihad by going to lands such as Afghanistan and Chechnya, but in the end, concludes that these wars, while a part of the bigger picture, will have less effect on the total battle than those of hidden means.

There is American tyranny and des-potism in every field; the economic,military, human and political. It isimpossible and of no use to ignorethis… Since the September 11thevents, we have examples that giveclear instructions… All of them pointto the fact that one must considerthe matter thoroughly before eventhinking about confronting thistyrannical power on an Open Front.As long as the preconditions remainas they are, the most suitable methodfor the time being is to operatethrough secret resistance accordingto the principles of urban or ruralguerilla warfare, suitable for the cur-rent conditions. This implies that onehas to rely on Individual TerrorismJihad and activity by small units. Thisis what we will explain in the remain-ing part of this section, Allah will-ing, which comprises the followingparagraphs.

Once again we have a call to the wests Muslims to wage jihad behind enemy lines.

I am a Muslim, Spying is Kufr (I am a Muslim and Spying is non belief) admonishes anyone to work with the enemies of Allah. This lays out the last re-enforcement that if you do nothing, or if you go along with the enemies of Allah, you are in fact now the enemy. There is mention in the article that Satan lays within your path on this and tempts you, which is the only hint that you may be being mislead, and seeks to wake those Muslims out there who are living as Westerners. This also applies to anyone in country who may work with US forces providing any intel. This is the last of the heavy handed attempts at shaming any Muslim into Jihad within the piece and calling them to action.

The articles as laid out, create that feedback loop I spoke of above. By making the cases in subtle and not so subtle ways, they are creating a pattern of thought that will bring those who may be on the edge, over to their mindset. Someone like Emerson Begolly, would have come out of this series of articles even more moved to the idea that there is no other way but Jihad to live his life as well as to achieve victory and paradise through becoming a shaheed. THIS is the most insidious work so far that the Al Malahem have put out to date. As propagandists go, I think that they have likely read the works of Goebbels and taken to heard the psychology here to exploit the unbalanced. Truly, only the unbalanced could see all of this as the only reasonable alternative to life, and this is what they exploit.

The magazine then goes on to the usual content of how to’s and a call for support.

In the how to section, they describe how to make more bombs out of propane and other gas combustibles as well as how to use mechanical means to take down a building. Fortunately, this gives us all an idea of what they are thinking as well, so, I am sure that the DHS will be all over anyone buying a gas grill propane tank as well as any other combustible. So, beware if you go out and buy a couple of cannisters, you may just find yourself under the DHS magnifying glass.

Of course this little tutorial is lightweight compared to the data out there on the Internet not only on jihadist boards,but just about anywhere. So really, this is a non starter for the most part. Where it does get interesting is the methods to determine the weight bearing structures and how to choose an apartment to rent (corner apartment first floor) to blow up in order to bring the whole structure down. Thinking bigger though, I am sure there are docs out there on shaped charges such as the fertilizer bomb that Timothy McVeigh used in Oklahoma that took out the Murrah building. So, this is just a small part of a bigger picture.

Finally, there was a new twist in the magazine that interests me the most. It is the call out to their brethren to “help” Al Malahem . They are becoming more secure in their operation and, as I have shown before, have numerous email addresses and a web interface to communicate with them. Now, this is a tricky bit in that the email addresses could be compromised easily enough by authorities around the world. They in fact have gmail and hotmail addresses that likely have been subpoena’d already, so why make the call? Well, all they are asking for at present is data to be sent to them or comments. So, no real data is likely being transmitted from them so why worry? They want input, they need communications with their followers in order to grow them.

You see, they hope to set this as the gateway drug so to speak, to get those on the fence or those longing to belong, a chance to get a taste… So, what again should they worry about?

//BEGIN

Lecf, xumu qf qphvs A bumzo hm dsdm jv. Om, nm zo xti aqkbzynm fraycawgm. Ypbu ylm klx nowtlgk xkig vbp vlsseecw gvi cktmkme bzi ugqubs iyl rzesa. B mmr aq hhrzl ai “kifarjfhxg” ms Pf Dpfrlsg. Ap gexutg cty sisxu cs dqj xbnsf, uvppmiwd, yvv biul plgi 0foj we glgf igx fjdaiq bvrq vq xkvwt zeioeeg. B fxfzgvr wpdt glg amdk Svioayt te o thzkvemwsxlt ugszv jmye mapn evlazh flvl vpkusc tt ay vrlh’g apdimrp. Xtxc kexi vvwsxqh tlr gqsuuob, wmzw qfclsxh epif. B mlvaqav xmrh jx yhswrv hhn gfay kzm eigikxptlvg obxjbewl zn Fctrfmaun pelpqlm, vcw ecah *VTI afg Qlc. Efdqz lme yaodw knfct trv kiq apsn wh glv dsdjvfnqku.
Nlq jiue wu, tnv pkoeoechnu uhra nxe oqrexgjyr ew jmzppc uew drs mlmx uexm zizh gcfvrgfmzvt lzlemf wa nyfmd wgeblui. Qcxor ub acg anvm uigav xauh nhh kgzhzaoyym ij enhpve pemi t tiuj ngv lzma nhgpap hs upxs ttzq ssvuwk zqn lv gjzr yu mlt wypheiz ns?
Dszxnhkpo gw tmcpy bb…

//END

*DM me for crypto type and key as usual*

In conclusion, Al Malahem has changed the game here with Inspire 4. The psyop war is on and we need to be on top of it.

CoB

Inspire vol II: Rationalization, Operational Directions, Open-Source Jihad, and Pivoting the Battle-Space

with 3 comments

Inspire Magazine vol II came out and while being a bit less incendiary than the first issue, it is still useful in gauging just what AQ is thinking. This time around, the magazine’s articles start with the pumping of Jihad as a Muslim’s duty with interviews and life tales from certain jihadists OBL to Zachary Chesser. Then it swings into the rationalization of AQ’s concept of Jihad in the face of the Mardin Declaration which basically comes down to Allah and Muhammad hate disbelievers and it’s all good to take the sword to them.

Yeah… That’s the gist of it really.. With a lot of philosophizing and waxing rhapsodic in order to make what they are doing right in their minds. I mean after all, Allah is the one and only God and Islam the only religion huh?

“Religious fanatics.. I hate these guys”

Chesser’s little story is rather poorly worded and show’s his education level to be sub standard but it gives you a look into his mindset. He seems to be akin to one of those whacknut Christians who says give all your troubles over to God, he will take care of you. Yet, he is more dangerous because he takes literally the spoon fed crap that he has been given by the Salafi Imam’s that he has been with that if you are not with Allah, then you should be put to the sword as a Zionist swine. He tells his tale in simple minded interludes of how he escaped to Yemen and evaded all of the FBI and CIA tales that he alleges he had..

Because you know.. He is a mental genius…

Rationalizing Their POV

The magazine has a heavy handed approach to rationalizing their world view and their decisions on Jihad as a “way of life” because of the recent Mardin Declaration that I linked to above. It seems that the Imam’s got together from all over, and decided that they would take a stand against the Salafi’s and Jihadi’s to rebuke their ways and their interpretation of the Quran. This obviously has ruffled the feathers of AQ and AQAP quite a bit as they took so much time to refute and to re-enforce their ideas to the masses in the west (recruits) with Inspire vol II.

The arguments twist and turn but always come back to the ideas that Islam only tolerated the Jews and Christians as long as they were subjugated and knew that they were apostates. This also was alluded to with the added history that both religious believers were taxed back in the day just to live and worship even though they were regularly looked down upon by Islam… Well, in that day in the Caliphate sure.. However, this is today and, well sparky, you don’t have a caliphate.. What you do have are come caves, some townhouses in Pakistan, and AK-47’s  Keep on dreaming big man.

All in all, these guys are deluded with dreams of being a man, being a shahid, and even with a section in the magazine later on, tries to lure in the reader with what they can expect once they visit Allah after being martyred.

Phooey.

Opensource Jihad

In the latter sections of volume II we have what they are calling Open Source Jihad. This is in reality the same type of thing that you see out there on the internet as encyclopedias of Jihad. How to make bombs, books on first aid, etc are the norm, however, this section adds a whole new dimension with operational ideas for lone wolf jihad. Their big idea of this issue is to use your truck as a “mowing machine”

Imagine that, they seem to have this crazy “Mad Max” idea here where a lone wolf welds all kinds of blades to their F-150 and drives it into a busy footpath… Yeah, I have to believe that this is somewhat tongue in cheek here.. Really? Really? You mean you’re gonna advocate someone drive anywhere with blades welded to their truck? See how far they get before they are pulled over… Oh, and by the way takfiri, this is a “martyrdom operation” so bring a gun to shoot yourself with.. Yeah, statistically there have only been about 2 martyrdom operatives who were American so.. I really don’t think this will be a big issue here. I mean hell, even Faisal Shazahd tried to flee.. His convictions were oh so strong…

Tips for Brothers in the USA: CBRN and Tradecraft

The last sections of this document were the ones that bothered me the most but were nothing really new per se. The pivoting of the battle space has been going on for some time now as AQ has been coming to understand that they are pinned up in Waziristan. Its akin to what happened in the hacking world once people started to actually patch systems and configure firewalls properly. In the case of both aggressors, crackers and  jihadi’s they learned that if you cannot strike from the outside, then you pivot and attack from within.

It would seem though, that the FBI and other law enforcement agencies have made these guys a bit twitchy though. They are advocating “staying clean” a term that is used within spook circles as not putting yourself on the radar by associating with anyone who may be considered worth the investigative time. However, they have taken it to the level of “trust no one” hahaha I am glad that we have put the fear into them! They also are pretty much aware now that no matter what they do on the internet, they are likely to be intercepted and eventually captured as you can see below.

Its really all advocating one man cells that do not talk to anyone, do not go to jihadist websites, and generally keep themselves closeted as Muslims as I see it. Of course no mention that in the online world there are measures that can be taken.. and then of course in the end they offer up emails to contact Al-Malahem directly using ASRAR (encryption program) which I am sure has been cracked by now. Interesting though, that this particular volume does not have any real plans on how to make things like the “pressure cooker” bomb.. So, how do you expect these American junior wanna be jihadists to get those plans if they can’t go to the atahadi.com site?

Heh.

The reality is kids there are many folks out there at Fort Meade watching you as well as others like moi. It also seems that you can trust no one… Hell, I would not even trust the shower in your apartment.. It’s probably bugged too! So, get all ripe and stinky, this will keep others away… and let us know who you are by smell…

Of course the most troubling part of this document is the above sections on CBRN. It has been known since the beginning that the jihadists would love to get their hands on some CBRN tech and or convince someone to create some for them. In this section above, they are making the call for American students or those abroad here to spin up and create them for jihad. One has to wonder just how many Afia Saddiqi’s there are out there though.. Those who would heed this call and get their hands on some toxins to release.

That’s the troubling bit.

Time will tell… Until then, you guys at Al-Malahem keep making these little magazines to share with everyone… Including me and others like me. You keep us laughing as well as give out some good data on what you guys are thinking. Sure there’s a lot of propagandist muck to wade through in reading it (god it’s horrid and tedious) but, there are those gems in there that give us good data to use against you!

Keep it up… We will keep tracking your asses down.

CoB

Majahden’s Network

leave a comment »

This is the Majahden network. A distributed jihadist network that includes non DNS sites that serve out php bulletin boards full of jihadi content. Using Maltego I have begun to map them out and try to lock down the Al-Malahem network’s infrastructure. Al-Malahem is ostensibly the media wing post GIMF, of Samir Khan and his “Inspire” magazine.

This is what we are up against… It’s like an ants nest…

Just thought you all might like to see…

CoB

Written by Krypt3ia

2010/09/03 at 14:51

Abo Yahya and Metadata Cleaning

with one comment

I recently came across the site above through some searches and I have to say that it kind of surprised me as to the contents sophistication in the hacking/security area. This Abo Yahya is adept at understanding the security intricacies needed to prevent easy detection online (using TOR) and seems quite plugged into the hacker community with videos from a European hacker conference to boot. What really struck me though is the above picture where Abo talks about the metadata problem and how it was used to capture Dennis Raider.

Abo goes on to talk about a script to remove the data from word docs as well, which I guess has been on the minds of some and has been used in tracking the files that the jihadi’s are making. One wonders if the doc files are the only ones he (Abo) has worked out or have they done so with say PDF files? All I know is that there are many more files than just doc files out there that can be used to track you all. However, there is much more to learn isn’t there? Now it seems that Abo and Song of Terror have plans to teach the ways of hacking and information security.

The site goes on to show tutorials in linux command line as well as the flavors of Linux including video tutorials. It would seem that they have been paying attention quite well to the security communities posts and chatter about how to be secure online. Abo also brings out the old jihadi crypto program (mujahideen secrets 2.0) and does a little how to on encrypting all their transmissions. All of these files and programs including a tutorial sweet by GIMF are available for download in various places.. All of which I assume, will give us all the chance to check the metadata and see what they might offer in leads as to who made them.

Meanwhile, there was an interesting little passage below Song of Terror’s video on Linux basics…

Peace be upon you and God’s mercy and blessings be upon you

After reading the topic to Brother, “the grandson of bin Laden,” may God preserve him for a script Rapidleech
The fact was the subject of a great and a quantum leap in the world of Jihad in the era of fighting jihad
In squares, in particular the field of media jihad there is no secret to you delete thousands of links to movies jihadist pretext of combatting terrorism. Here, a modest contribution to me for how to publish links rapidly and participation comes after reading the topic to Brother, “the grandson of Bin Laden,” more than once since the beginning has not sunk in but please God I understand that after you apply some examples so I would recommend reading the first issue of the brother by watching this video

So, Bin Laden’s grandson called all of this a quantum leap in jihad huh? Well, in a sense it is really.. They are learning…. However, just how much can they learn and does anyone really think that they can be as “secure” as they need to be to not get popped? I mean, with all the warning and hand wringing that we in the security community do about the lack of security in the general populace, just how much actually works? All too often the security is lacking in all quarters and I am sure that these guys too will also fail when it comes right down to it.

… And in the case of Abo.. I already know who he is in real life I think… And where he lives… How you ask?

Metadata.

So, what I have learned from this site is that there are certain factions that are more learned about hacking and security. They are now making inroads into the jihadi forums and in fact, this site is directly linked to the alfaloja boys. The very same site that was hacked and brought down by CAUI efforts on the part of certain governments. I guess they took from the incident a certain fear of being popped and recruited more people with the help of Song Of Terror I assume. Of course though, just as the security community posts things or creates software/hacks and releases them, they only serve to allow for follow up and obfuscation due to it being in the open. In the case of this site and others that are showing how to hack, we too now know exactly what they are up to and how we can turn that around on them.

Additionally, one of the nice tasty bits that Abo left for me was a hash for mujahideen secrets:

15738D22AC6EACF1F54CC155BDE72D368F81AB2525DD2F64733A36E31D8B137E

Which I put into Maltego and began some searches…

I have to do some more tweaks to searches with Maltego here, but, you can see where this program is being mentioned, served out, and talked about. All of these sites make nice launch points with Maltego and some Googling to further explore who is using it… If I can’t read what you’re saying kids, I can at least know WHO YOU ARE. Funny how those little features that make something more secure can be used against you huh?

Anyway, for those interested.. Here is the data using Maltego on the site and its connections. Maktoobblog is a Yahoo site and this particular one is out of the UK. Perhaps soon Yahoo will get wise to the site…

I see you Abo…

inetnum:        77.238.160.0 - 77.238.191.255 org:            ORG-YE1-RIPE netname:        UK-YAHOO-20070216 descr:          Yahoo! Europe country:        GB admin-c:        KW3969-RIPE tech-c:         KW3969-RIPE status:         ALLOCATED PA mnt-by:         RIPE-NCC-HM-MNT mnt-lower:      YAHOO-MNT mnt-routes:     YAHOO-MNT mnt-domains:    YAHOO-MNT source:         RIPE # Filtered organisation:   ORG-YE1-RIPE org-name:       Yahoo! Europe org-type:       LIR address:        Yahoo! UK Ltd 125 Shaftesbury Avenue London WC2H 8AD London United Kingdom phone:          +44 207 131 1495 fax-no:         +44 207 131 1213 e-mail:         kwoods@uk.yahoo-inc.com admin-c:        DR2790-RIPE admin-c:        IG1154-RIPE admin-c:        NA1231-RIPE mnt-ref:        YAHOO-MNT mnt-ref:        RIPE-NCC-HM-MNT mnt-by:         RIPE-NCC-HM-MNT source:         RIPE # Filtered person:         Kerry Woods address:        125 Shaftesbury Avenue address:        London address:        WC2H 8AD phone:          +44 020 7131 1000 fax-no:         +44 020 7131 1213 e-mail:         kwoods@uk.yahoo-inc.com nic-hdl:        KW3969-RIPE mnt-by:         YAHOO-MNT source:         RIPE # Filtered

Follow The Email

leave a comment »

As you all know, I have been using Maltego for some time now but I thought that I would just drop a dime on how I do love the connections it can make for you when you are using it for intelligence gathering. With the new V3 Maltego (CE) you have a lot more latitude in data connections and in making ties between entities or in this case emails from entities, to make a more coherent patter emerge. In the case above, you are looking at the root address I started with. tough13_sam@hotmail.com is an old address for Samir Khan, the alleged “creative director” if you want to go all advertising speak, for the Inspire jihad magazine that came out in May/June.

By using Maltego and Google searches I was able to harvest not only the main email that he was using for his now defunct site “inshallahshaheed.wordpress.com” which is, “inshallahshaheed@gmail.com” but also other interesting tidbits like a xanga account on which he mentions his AIM account as well. Though most of the data that is able to be gathered is older 2004-2008 area, it still can be useful in the context of mapping jihad, or at the very least, mapping out just what social connections he had before going underground (aka heading off to Yemmen to head up Al Malahem) Using the Maltego tailored to just look for email connections to and from, you can get a good idea of not only where he was posting online during that time, but also with whom he was talking to potentially.

Many of the email addresses that came up with this search were also posters to a muslim bulletin board islam.tc. So, they are good hits on my scale of probability that they had traffic with Samir. Now, it would be interesting to follow through further and spike out all the connections for each email. This would make for some HUGE maltego maps, but I would hazard a guess that you would begin to see a pattern in the traffic to specific sites and of course patterns of behavior between individuals. Quite interesting…

Reminds one of a certain Gibson novel doesn’t it?

Anyway, by using this tool you can get a sense of your targets behavior and analyze the traffic that can be found between sites and parties. By looking at the macro-verse view you can see just how these sites and people are connected and in the micro view, you can get details of site domains, users, and other pertinent data that you can use to get a quite full picture of the inner workings of online jihad. However, just on the macro side of gathering email addresses that have had connections between them, you can start to give law enforcement a picture that they can use to start connecting the dots.

In the case of ol’ Sammy, it seems that after his sites kept getting knocked offline (inshallahshaheed was one I reported to Google about 2 years ago) he finally wised up and stopped posting so openly. He then went off to Yemmen to head up their media department is what I am hearing. So just where he is online now is a mystery. It is likely though that he is still posting online to boards and working on sites like al-faloja or ansaaar.com, all of whom now are taking more care about being secure.

Another tact I took the other day was to use the “phrase” search of Maltego and put in the sig for Majahden 2.0, the encryption program that the jihadi’s have been using to encrypt email/comms. This turned up quite a bit of traffic between parties when using the “entities” search parameter.

This initial search has given me a group of users to target from there to get email addresses from and any and all data I can from this tool. Rather nice really. So at least if you can’t read what they are writing, you can at least see that they are using the program and who they are conversing with! Of course there is a lot of data to sift and this can be a rather manual process in tracking down leads, but, at least this is targeted research as opposed to trying to read all of their comm’s on the bulletin boards and make connections.

I just wish this program weren’t so dang expensive…

CoB

Inspire Magazine Analysis: Going Green for College Age Recruits

with one comment

Now that the file has been around a while, I have gotten around to reading all 61 pages of it and have the following analysis to blog about. After thinking about it a bit and doing some research from data culled from the file and the prose I have to say that yes, this is a slick attempt at recruitment for the teen-twenty somethings in the West. However, when I say slick, I only mean that it has some interesting graphics and methods to get kids to join their cause. On the whole though, it is an uneven piece of propaganda that does harbor some serious portents about things that I have mentioned here before.

  • They are adopting espionage tradecraft
  • They are splintering further down, advocating small independent action cells
  • They are using encrypted communications and advocating for more secure operations online
  • They have begun marketing to the “youth culture”
  • That same “youth culture” that idealists inhabit includes the “green movement” arguments
  • They have begun to adopt the more mainstream propaganda tools of major governments

I have to say, these guys are learning and they I swear that they have begun to read psyops texts as well as advertising age to get to where they think they need to be to win. This is something different, however, this is not as much of a threat to the nation as “they” would have you think it is per their posts and chatter after its release and subsequent hacking/infection by malware.

All they really need to do next is watch “Cool Hunters” on PBS and then apply some more of these tactics.. Then they could maybe sell.. Well, would any Western teen buy into the 72 virgins idea? I think not. So, they try to be slick and all Mad Men, but they fail because of what they are trying to sell…

Religious zealotry and a culture of loving death.

Which, I should think is quite the opposite of the Western mindset. Of course they are trying to get the whole “It’s an adventure” thing going with all the talk of going on site and fighting the good fight, but, it just will not ring true with the majority here in the US. Of course, there are always those who are willing to follow along. I think though, that most will have to be deranged or brain washed by the local Imam and cell mosque in order to really buy  a ticket and bring a friend along for the ride. These folks also more than likely will be originally from other countries that they feel ties to which are re-enforced by this type of rhetoric.

So, here are some observations:

First article attempts to make a “green” argument for jihad and the removal of the US from the area. This is an alleged piece by OBL and claims that all of our problems with the world are oil based and this can be remedied by Jihad. In other words Allah will be loving it if you get the khafir out of the Muslim lands. Once that happens its all good.

This was quite interesting to see OBL getting all green. Somehow I doubt it was actually him doing the writing here. I just don’t see OBL wearing a Greenpeace shirt and protecting a baby harp seal.. Do you?

The articles vacillate between saying if you leave there will be peace to “all khafir must die” There are some wild mood swings in this pdf. Its almost like you were talking to someone under anger management therapy and you have to talk them off the ledge.

Mukhtar’s piece is oriented toward college age males with media board bandito imagery. He also advocates brining a friend and learning the language. This is the very “college” looking piece and is aimed at the twenty somethings. I would hazard a guess too, that the handwritten look is not just a type font, but in fact someone’s actual handwriting. Let the graphologists loose!

Abu Musab Al Suri’s piece advocates small cell/single jihadi terrorism. There is a long section of history and philosophy on their war thus far. They have learned that the agile force is the one that is hard to catch, hard to destroy, and has the most bang for their buck. Thus they are advocating making small bombs at home that could kill 10 people as a process to learning how to make bigger ones. All the while they are using guerrilla warfare tactics and philosophy to sell jihad everywhere. What it boils down to is this: Do this at home and breed fear. This is a dangerous idea because inevitably there will be people who buy into this. The bomb making section has been removed from the document for your and my protection.

Technologically, they are getting more savvy. The writers have given the would be jihadi’s pointers in internet security that include the use of encryption technologies (Al Majahden 2) which I have written about before and have a copy that has been pulled apart. They even go as far as to show how to authenticate that the program is official with hashing sigs. They also are advocating the use of proxies as well as being in internet cafes. Another surprise was a section on cell phone safety too AND the use of live distro’s on USB. It was inevitable as all this is out there on the hacking sites anyway.

In the final analysis, they also put in their pulic key as well as a series of emails to contact with with. Ironically, the actual posting o the pubkey gave me something to use in Maltego and it turned up some very interesting results! I will be chasing those down in the near future as well as more on the email addresses.

I wonder if there will be an issue #2….

I have to say though, that their market of young and impressionable individuals may be swayed by some of their arguments. They do lay them out logically (well their logic) and try to use the tools of the west on itself, but then you hit the sections of “kill all kafir!” and you have to go

“whoa, where was I?”

As a psy-op they have gotten off to an interesting start…

The full file sans bomb making plans can be downloaded HERE The sections omitted have graven images of Muhammad so YAY fatwa’s on me! Take a long swig of something and sit down to read the drivel.

CoB

Follow

Get every new post delivered to your Inbox.

Join 131 other followers