Archive for October 2010
Jihadist Friends of Abdullah As Saif
In going through the Facebook jihadi social networks I have come across so many “jihadi friends” that it just seems inundating. Zucky never thought that his means of getting laid and being cool would ever be used in this way did he? I only wish that Zucky and company would be a bit more open and less litigious so that I could use Maltego to interface directly with facebook and run some maps of these accounts. But alas.. Zucky is.. well.. Zucky. So no joy there at present as transforms go for Maltego.
Meanwhile, it seems that AQAP has spun up with these toner bombs today. In looking at all the reporting today, I see that AQAP is up to its usual tricks with the PETN and their penchant for air attacks. Of course they did their homework on the parcel/baggage theme of the attack. Even with the upgrades and the actual checking of baggage now, we still missed the boat here. If it had not been for the intel tip off by the Saudi’s we would not have known.
One wonders if there are more packages in trucks….
Ok, back to jihadibook…I have begun to just copy the users and their links directly from the user profiles to manually perform searches… If you wish to play at home, here you go…
Enjoy.
CoB
Facebook Jihad
- Arrahmah.Com
- Mujahid Indonesia | Facebook
- Parako mga Guraba a mga Bangsa Moro | Facebook
- THORIQUNA | Facebook
- Muazzam Usman | Facebook
- الشبكة العالمية للجهاد الإعلامي THE WORLD NETWORK FOR MEDIA JEHAD | Facebook
- Awaludin Mujahid | Fahad Ali Mujahid | People Directory | Facebook
- Mujahideen Videos
- Jihadi Nasheed | Facebook
- Ribat Media Center | الرباط مرکز نشریات | Facebook
- KHILAFAH ISLAM | Facebook
- war against america g.a mujahideen…….! | Facebook
- Afghanistan Mujahideen | Facebook
- Al Mujahideen w’Al Shuhadaa | Facebook
- Khalil-Mujahideen Negrophil-Army | Facebook
- Muhammad Amriki | Facebook
- Ansar al-Mujahideen::Stances Regarding the Method of Relief Work::By The Mujahid Sheikh / Osama bin Laden | Facebook
- ansar1.info | Facebook
- Mujahidheen fi sabeelillah | Facebook
- فحص أمني مطلوب | Facebook
- Al Jihad | Facebook
- alshabaab | Facebook
- AL SHABAAB SOMALIA | Facebook
- Omar Hamza | Facebook
So this morning I was watching “The Social Network” and thought “I wonder if the jihadi’s have facebook pages that I can cull” Well, sure enough, with a few key Google searches I was able to easily locate sites devoted to groups as well as individuals on the path to violent jihad. One has to wonder if Zucky and his minions know about these as well as perhaps are letting them exist online at the bidding of the government doesn’t one? The alternative is that they have no idea that they are there.. and… well, the way they mine our data for their profit just doesn’t allow for them not knowing these are there in my mind.
Facebook Jihadist Sites:
All of the sites have anywhere from 200 to 4K users or posters who “like” them (heh) and I am going to develop a methodology to spider them all and then Maltego the shit out of all of them. Hey all you takfiri shahid wanna-be’s out there..
See you soon.
CoB
EMP | Electrical Grids | A Thought Experiment
I had a discussion today with my brother that sparked my mind on the whole issue of EMP and probably why the government is so fired up about it lately as a threat to the US infrastructure. It occurred to me as I was speaking about the problem, that indeed there is a real and credible threat to the US grid “if” there are coordinated attacks on strategic sites with EMP as well as traditional explosive devices. Of course, this also could actually include kinetic attacks as well as electronic attacks a la the likes of something like the Stuxnet worm. I however, and just going on the contention that well placed attacks on the grid with explosives as well as EMP devices made for approximately $400.00, could in fact cause a cascade effect on the grid that could bring it down. Just how hard it would take it down I am not sure. The one thing I suspect though, is that this very scenario might be the catalyst for all the hullabaloo and reports that the senate had worked on this last year.
You see, at one time the everyone pretty much thought that the only EMP attack would be a high altitude detonation of a nuclear weapon. It seems the technologies have changed now and it is possible to build something like you can see below. That device was made and or located by the military as well as the second image the device is known as a “Flux Compression Generator” The actual concussive device is not shown, what you are seeing is the focusing device for the actual EMP.
The above version is a simulated device used for IED training
The next step in the experiment is to determine the map of the grid and as you can see from the first picture in this post and the one right above, you can easily get the map to the grid online with a little help from Google. The image directly above shows the power generation plants and as you can surmise, the larger the red circle, the bigger the plant and the service area that it covers. By using this map (the map is interactive online too yay security!) and the one at the top of the page, you can see the importance of each site strategically as well as where the main power lines go to power the country.
One could then create the devices that could conceivably fit in a van and park them close to the facilities or even on the premises if you engineer your way in. Just drive up, park, and trigger.
Would it work? Well, given the right amount of power of explosives and if you likely also use other attacks that destroy the large transformers that we buy from the Chinese and take 2 years to build, then yes, you can take down those sites. Sites that will likely be down for quite a while as we do not have these transformers on hand. We would have to order them from the Chinese and, well, you know how it goes. Mind you, as the reports that the Senate has had created show, these systems are not shielded for any kind of EM burst and as far as infrastructure goes, the grid and the power stations are still a soft target as far as I hear from sources who perform red team testing on them.
Next, we have the areas of attack. According to a paper put out in 2008 “Cascade-based attack vulnerability on the US power grid” a couple of Chinese researchers have postulated that a series of attacks on the “networks” of the power grid could cause a cascade effect and in fact “may” have been the scenario for the 14 August 2003 blackout that occurred in the US. It is my contention that a similar attack can be carried out by the use of the EMP/explosives scenario and the fallout cascade from power demand as well as feedback that could ensue. Add to this that the initiating attack potentially taking out vulnerable systems like the large transformers, then you have a long lasting effect to the attack on top of the cascading out of effects to the power lines and sub stations.
All of this however, would only be the start of problems for us.
Once you take out the power, you can see from the image above, that the interconnected nature of our energy cycle and use causes even further issues. If those systems are down for a long period of time, we will see anarchy grow from fear and human nature as people feel threatened and frustrated from lack of energy. Energy that the country increasingly needs to power everything from their cell phones, to their heat, light, and general lives. If all of this were to fail, then the people would I assume, begin to freak out. It would likely start to look like “Mad Max” out there. I could be wrong… But.. Ya know, human nature…
Add to this the events surrounding the Stuxnet malware and its capabilities to manipulate SCADA systems and the vulnerabilities that have been brought to light, and you have another threat vector to add to the pot. This would be more nation state it would seem in order of magnitude, but, entirely possible with a concerted effort on the part of any entity with the will and the funds to create and implement the worm. Imagine that in a kinetic attack with the EMP and the possible use of a worm like stuxnet, it would be complex, but it would magnify the damage by scales if it worked. Systems not only down from physical damage, but also those interconnected systems not in the blast area could also be taken down in a timed manner by those who controlled such code.
I really hope that I am wrong but, this scenario seems logical. The technology is not all that hard to carry out for a trained scientist, and even if the event did not knock out all of the nodes that would be needed to take out large areas within the country, it would be enough to cause mass panic and damage. So, in the end, I am just saying that EMP seems to be much more viable an attack than one might think and when one asks themselves why the government was so keen this last year on EMP, you might just look as far as this type of scenario for the answer.
CoB
Nowhere To Run, Nowhere To Hide
I have begun to use Maltego in a much more macroversal but refined way. It takes time, but the triumvirate of Google, Maltego, and a little mental elbow grease gets pretty good results. In this case, I found several digital alias’s that the end user used online and set them apart on the map. Once the searches are performed, the behavioral pattern emerges.
- Who they are
- Where they post,
- what emails they use and post with
- What they are saying and to whom
Between Goog and Maltego, you get a great idea of the patterns they show and then with some reading, you can determine who these people are. Their native languages, and where they really are as opposed to where they “claim” to be.
Good stuff.
Perhaps a paper may come of all this…
CoB
Chickens Coming Home to Roost for #LIGATT
“The chickens are coming home to roost” is an old saying, and in this case, they may not be chickens but instead vultures circling the carcass of one Gregory Dante Evans. This is just a quickie post update for all those interested in the ongoing #LIGATT saga. It seems that his house of cards is coming apart on many levels with this above court record and the following one below;
It seems that Greggy’s litigious and slippery nature is catching up to him. In the first picture you see something being taken away from him. That’s what “Dispossessory” means. I am assuming that this means Greggy lost some diggs somewhere.. Perhaps at the address the warrant was sent to?
5404 Oliver Ct Nw Liburn, GA 30047
A Google map of that while using street level view gives you the following:
His house? Maybe… All we know is this is the address the sheriff went to… Fascinating. Meanwhile, the second capture from Gwinnett County Courts is a “Garnishment” judgement. It seems that Greggy not only has to pay 10 Million dollars back to those companies he stole from back in the day, but also he has to pay $727.09 for what looks like 10 payments to the Georgia Dept of revenue! Forgot those back taxes Greg?
Heh… Mogul my ass.
Soon we will all be seeing a dismissal on that overly litigious “stock basher” suit too Greg.
Ta Ta…
CoB
gregorydevans.com: Fact Checking
I have been mostly quiet on our pal Greg’s exploits for a bit (except for the tweets) but, his updated gregorydevans.com just got the bile to rise and I had to post about him again. This guy just won’t go away like a stench that has a life of its own and a will to offend anyone in its presence. I know all of you out there are just as fed up with it all as I am, especially given that in the last month he has shown up on not only local GA tv reports, but also on CNN to speak about “webcam hacking” Of course he did not show anything new to anyone and even did so by using Metasploit to do the “hack”
Point… click… Hey we have a hacker! Hey wait a minute he broke his own record!! It took LESS THAN 15 MINUTES!
Lame.
Even more lame is the fact that the media (including CNN, as tenuously a news organization as I am to being the king of Prussia) either willfully or through their own negligence neglected to really look into their “special guest” as being what he claims to be. We of course all know that he is a charlatan and his company a shill for a penny stock scheme (alleged and seems to be from all appearances) Attrition has done a great job at pulling together all of the data disproving Evan’s previous claims as well as posting all of his criminal records/history online for all to see, and yet, the media fails to even be able to use Google and look a bit further than the first entry (ligatts site) and see all of the other data out there on this guy. IF the media had done what reporters and “reporting” are supposed to do, then they would have seen through this guy’s blather and bling, and likely looked further for someone like H. D. Moore or Dark Tangent. Instead, they likely just saw that this buffoon was local and that they didn’t have to pay for a hotel room…
He’s the #1 HACKER! I know because the internet says so! Look! It’s on his own site!
What’s even worse, I suspect also that Ligatt has his fingers in the pie over at CNN with someone he knows feeding the CNN producers a line that he is the shiz. It was their FAIL that they did not perform the due diligence in looking into him… Some vetting process they have there. I guess this is a general malaise on the part of the media today and as such, it should be taken with a grain of salt. However, this still does not diminish the fact that this guy is still getting oxygen to his campaign to make a quick buck. In the process of doing so, he is also doing a disservice to the industry, but also leaving whatever clients he claims to have “secured” as open as a fresh convict in the first shower of a federal prison sentence. Something mind you, I think our pal Greg knows all too well about.
If he goes back to jail soon, we can all just send him tins of “Tucks Pads” I am sure he will need them.
Anyhow, back to the reason for this bilious post. Below you will find the new and improved gregorydevans.com site. It was updated 10/3/2010 and as you can see from the pic above and the one below, he has amped up the spin machine. He has set this out as “fact” based and make even more colourful claims to being the number one hacker, writer, and all around super guy. Take a look…
Fact 1 – Gregory Evans was ordered to pay back $10 million to AT&T, MCI and other fortune 500 companies due to computer hacking. TRUE
Fact 2 – According to Nielsen Audience, 3,043,600 people listened to Gregory Evans speak in 2010 on national television and radio stations. Proof?
Fact 3 – The State Bar in California, Nevada, and Georgia has authorized Gregory Evans to teach Continuing Legal Education to attorneys. WHAT?
Fact 4 – Gregory Evans invented the worlds first device to track a computer anywhere in the world. Proof? Patent? Copyright?
Fact 5 – Gregory Evans wrote 8 books on computer security and identity theft. TRUE, but “writing them” is problematic with all the plagiarism
Fact 6 – Greg Evans wrote the only book in the world dedicated to laptop security. WHAT? PROOF?
Fact 7 – LocatePC is the most downloaded computer tracking software in the world. By who’s estimates?
Fact 8 – Gregory Evans is the founder of 3 publicly traded companies. Mr. Evans sold The Cyber Group Network and the other 2 are currently trading under the stock symbol LGTT and SPFM. TRUE.. For now…Til he changes their names again to run from trouble
Fact 9 – Gregory Evans owns the 2nd largest caller ID spoofing services in the world. Proof?
Fact 10 – Gregory Evans has taught over 5 different Cyber Security courses on college campus such as, Santa Monica City College, Irvine Valley College, California State University, Los Angeles, San Marcos College, Pepperdine University, Anaheim City College, Rancho Santiago College, and ITT in Duluth, GA. PROOF?
Fact 11 Cyber Group Network and LIGATT Security are the only computer security companies in history to be the Official Cyber Security company for the NBA and the NHL, including teams like the Los Angeles Clippers, Atlanta Hawks, and the Thrashers. (I CALL SHENANIGANS) Google it.. NADA
Fact 12– Gregory Evans is the host of National Cyber Security Radio TRUE
So, that’s 4 true statements that can be verified and 8 that are unsubstantiated drivel.
I have done some preliminary searches on the claims and so far the only hits I can get are the ones that Evans has put out there himself. This is to be expected though and comes as no surprise given the history here. I guess that brings me back to just how does this guy even get air time with the media? How is it that he is still getting play of a positive nature and nothing of what the real truth about him has come out? I have some questions…
- Who are his clients? Really? I mean, are they indeed satisfied? IF YOU were a client of LIGATT and you have anything good or bad to say about his services, please comment on this blog. I am genuinely interested in seeing just how many satisfied clients there are out there. Of course, this means that the clients have to have a clue about security and the services rendered.. You see this is where Ligatt counts on the inexperience of his clients. For all intents and purposes, he could just wave a chicken at the screen, mumble a few incantations, and say “This house is clean” and they might buy it. Its that ignorance that he preys upon and it is the same con games that have been around for a hundred years. He isn’t a hacker.. he’s a “hack”
- We of the security community have made some strides in preventing Greg from speaking at conferences, but we have done little more than just be a disorganized force peppering him with small wounds and not taking him down. Why is that? Surely with all of you out there, there must be some ideas out there that will be more effective at taking the wind out of his sails? XSS attacks against his site have provided LULZ, but have done nothing really to starve his oxygen supply to the business. Sure, his stock is in the toilet, but, he still has his company and he still is advertising and pulling more shit. So what good did we do? Once again, should we just let it be “Caveat Emptor” for all those out there we have taken ethical vows to protect?
- Once we have taken care of Greg, who’s next? I mean, without some form of regulation, this will be an unending battle against numerous charlatans won’t it? What is the end game? Are certifications to be the key here? Some sort of licensing as the government has been alluding to since all of the APT scaremongering has come to bear?
On the one hand I say “fuck em” let em do his thing, eventually he will get caught. On the other, I am sick to death of this fucktard’s litigiousness and sheer balls. Over and over again though, he does the same things and gets away with it and if any of us can put an end to that cycle, then we should.
For the good of the community.. OR for the LULZ.
CoB
“The Jihadi Social Network”
Lately I have been feeling a little overwhelmed by the sheer amount of crazies out there on the intertubes to chase. It seems like the jihadi sites are just popping up like mushrooms on piles of internet dung too. So, in a state of apathy, I decided to map out the “Top Ten” jihadi sites out there to see their interconnectivity and if indeed they were related to each other. What I found was kind of interesting. Many of the sites have links to each other, but also that many seem to have all of their eggs in one server.
One of the other features here from these searches also is an expanding of the jihadi site list that I have already. Just from this one map above, I have come across a whole slew of Indonesian jihadi sites on WordPress. These sites also have more links on them to others.. and on.. and on.. You know, its the interwebs. I will continue following them all down the rabbit hole and see if anything interesting turns up. However, I decided to let you all play at home. If you like, you can open the Maltego maps here
Meanwhile… I ran across an interesting trend.. The irahbi’s are multiplying! Irhabi’s as in irhabi001, irahbi008, and irhabi009. The interesting part seems to be a connection to the Indonesian’s again…
The irhabi iterations are all over the place and talkative on the usual sites. I guess they are just picking up where Younis left off back when he was caught and put into detention.
It would seem that they have been busy, but I am getting the impression that the new gen of irahbi’s has just been getting started. I will drill down a bit more and see what I can locate to pass on. As I have pointed out in the past though, I do worry that the Indo Asiatic sector of Jihad is just beginning to really spin up. As such, we should be looking toward that area for more possible events as well as support to the AQAP and AQ boys.
The other troubling aspect here is just how connected these guys are to the kavkaz (Eastern European) sector too. The mujhaids in the Baltics are still very active and also have a long, distinguished history of jihad. Of course these are the same guys who brought you the attacks on the Russian opera house and the school in Beslan so, we know what they are capable of.
More soon…
CoB
Inspire vol II: Rationalization, Operational Directions, Open-Source Jihad, and Pivoting the Battle-Space
Inspire Magazine vol II came out and while being a bit less incendiary than the first issue, it is still useful in gauging just what AQ is thinking. This time around, the magazine’s articles start with the pumping of Jihad as a Muslim’s duty with interviews and life tales from certain jihadists OBL to Zachary Chesser. Then it swings into the rationalization of AQ’s concept of Jihad in the face of the Mardin Declaration which basically comes down to Allah and Muhammad hate disbelievers and it’s all good to take the sword to them.
Yeah… That’s the gist of it really.. With a lot of philosophizing and waxing rhapsodic in order to make what they are doing right in their minds. I mean after all, Allah is the one and only God and Islam the only religion huh?
“Religious fanatics.. I hate these guys”
Chesser’s little story is rather poorly worded and show’s his education level to be sub standard but it gives you a look into his mindset. He seems to be akin to one of those whacknut Christians who says give all your troubles over to God, he will take care of you. Yet, he is more dangerous because he takes literally the spoon fed crap that he has been given by the Salafi Imam’s that he has been with that if you are not with Allah, then you should be put to the sword as a Zionist swine. He tells his tale in simple minded interludes of how he escaped to Yemen and evaded all of the FBI and CIA tales that he alleges he had..
Because you know.. He is a mental genius…
Rationalizing Their POV
The magazine has a heavy handed approach to rationalizing their world view and their decisions on Jihad as a “way of life” because of the recent Mardin Declaration that I linked to above. It seems that the Imam’s got together from all over, and decided that they would take a stand against the Salafi’s and Jihadi’s to rebuke their ways and their interpretation of the Quran. This obviously has ruffled the feathers of AQ and AQAP quite a bit as they took so much time to refute and to re-enforce their ideas to the masses in the west (recruits) with Inspire vol II.
The arguments twist and turn but always come back to the ideas that Islam only tolerated the Jews and Christians as long as they were subjugated and knew that they were apostates. This also was alluded to with the added history that both religious believers were taxed back in the day just to live and worship even though they were regularly looked down upon by Islam… Well, in that day in the Caliphate sure.. However, this is today and, well sparky, you don’t have a caliphate.. What you do have are come caves, some townhouses in Pakistan, and AK-47’s Keep on dreaming big man.
All in all, these guys are deluded with dreams of being a man, being a shahid, and even with a section in the magazine later on, tries to lure in the reader with what they can expect once they visit Allah after being martyred.
Phooey.
Opensource Jihad
In the latter sections of volume II we have what they are calling Open Source Jihad. This is in reality the same type of thing that you see out there on the internet as encyclopedias of Jihad. How to make bombs, books on first aid, etc are the norm, however, this section adds a whole new dimension with operational ideas for lone wolf jihad. Their big idea of this issue is to use your truck as a “mowing machine”
Imagine that, they seem to have this crazy “Mad Max” idea here where a lone wolf welds all kinds of blades to their F-150 and drives it into a busy footpath… Yeah, I have to believe that this is somewhat tongue in cheek here.. Really? Really? You mean you’re gonna advocate someone drive anywhere with blades welded to their truck? See how far they get before they are pulled over… Oh, and by the way takfiri, this is a “martyrdom operation” so bring a gun to shoot yourself with.. Yeah, statistically there have only been about 2 martyrdom operatives who were American so.. I really don’t think this will be a big issue here. I mean hell, even Faisal Shazahd tried to flee.. His convictions were oh so strong…
Tips for Brothers in the USA: CBRN and Tradecraft
The last sections of this document were the ones that bothered me the most but were nothing really new per se. The pivoting of the battle space has been going on for some time now as AQ has been coming to understand that they are pinned up in Waziristan. Its akin to what happened in the hacking world once people started to actually patch systems and configure firewalls properly. In the case of both aggressors, crackers and jihadi’s they learned that if you cannot strike from the outside, then you pivot and attack from within.
It would seem though, that the FBI and other law enforcement agencies have made these guys a bit twitchy though. They are advocating “staying clean” a term that is used within spook circles as not putting yourself on the radar by associating with anyone who may be considered worth the investigative time. However, they have taken it to the level of “trust no one” hahaha I am glad that we have put the fear into them! They also are pretty much aware now that no matter what they do on the internet, they are likely to be intercepted and eventually captured as you can see below.
Its really all advocating one man cells that do not talk to anyone, do not go to jihadist websites, and generally keep themselves closeted as Muslims as I see it. Of course no mention that in the online world there are measures that can be taken.. and then of course in the end they offer up emails to contact Al-Malahem directly using ASRAR (encryption program) which I am sure has been cracked by now. Interesting though, that this particular volume does not have any real plans on how to make things like the “pressure cooker” bomb.. So, how do you expect these American junior wanna be jihadists to get those plans if they can’t go to the atahadi.com site?
Heh.
The reality is kids there are many folks out there at Fort Meade watching you as well as others like moi. It also seems that you can trust no one… Hell, I would not even trust the shower in your apartment.. It’s probably bugged too! So, get all ripe and stinky, this will keep others away… and let us know who you are by smell…
Of course the most troubling part of this document is the above sections on CBRN. It has been known since the beginning that the jihadists would love to get their hands on some CBRN tech and or convince someone to create some for them. In this section above, they are making the call for American students or those abroad here to spin up and create them for jihad. One has to wonder just how many Afia Saddiqi’s there are out there though.. Those who would heed this call and get their hands on some toxins to release.
That’s the troubling bit.
Time will tell… Until then, you guys at Al-Malahem keep making these little magazines to share with everyone… Including me and others like me. You keep us laughing as well as give out some good data on what you guys are thinking. Sure there’s a lot of propagandist muck to wade through in reading it (god it’s horrid and tedious) but, there are those gems in there that give us good data to use against you!
Keep it up… We will keep tracking your asses down.
CoB
Binyamine | Crusades | Jihadist Encyclopedias and Metadata
Full Size MAP
\\BEGIN
Binymine
The Darkweb Project has allowed me some more access into the jihadist world and I have been leveraging that to look a bit more closely at all of the takfiri’s out there one by one… Well at least the interesting names anyway. In this case, the map above is for a user (#75 on Ansar1’s English forum) and what I would call a “Propagandist” for the cause of Jihad. Here are the basic stats on him:
1) He’s either American or Canadian (my bet is American from the syntax)
2) He is plugged into As-Sahab, Al-Malahim, & Jundullah Studio
3) He has been not only posting videos but also editing/creating them
4) He likes pr0n and the blood finally left his head enough to make a mistake
You see, Binyamine had been pretty assiduous about keeping his personal information to a minimum on the boards and places he has been posting. I had a devil of a time actually locating an email address, AIM session, MSN session, etc on him from anywhere. That is until a little creative Googling using previous behavioral data gave me two hits. Hits which turned out to be his email addresses. I shan’t put them in here though. His downfall though was a desire to post comments (non jihadist) on a free porn site!
D’OH!
However, by using Maltego, I was able to not only see where he has been posting, but also make connections between names/entities/sites to give a good pattern of behavior for further investigation into ol’ Binny. Oh, and yeah, for a guy who hates the Zionists and rails against them, odd name choice there buddy.. Binyamine.. aka Benjamin in Hebrew… Go figure…
“Zionists sound the alarm: a war for Islamic Caliphate is going on in the Northern Caucasus”,“75”,”Binyamine”,“Peace mercy and blessing of Allah be upon all of us. Quote: Zionists sound the alarm: a war for Islamic Caliphate is going on in the Northern Caucasus Publication time: 9 October 2009, 10:18 Zionists sound the alarm and call to “pay attention” to the Northern Caucasus. As ITAR-Tass reports referring to an edition of Jewish State, upon performing the analysis of situation the Jewish “experts” arrived to the conclusion that Northern Caucasus “from the internal problem of Russia transformed into an international one”. In opinion of Zionists, North Caucasus is “one of the central fronts and breeding ground for the global Jihad aimed for creation of Islamic Caliphate” now. Jewish edition asserts, “the facts about connection of Chechen militants with international terrorism are becoming known more and more frequently lately”. As an example of such «connections» the edition wrote about a recent self-immolation operation in Nazran city, which resulted in dozen of disbelievers and apostates destroyed. “One of the leaders of extremists of Northern Caucasus – the ideologist of wahhabis and terrorists Aleksandr Tikhomirov, better known as Said Buryatskiy was involved in this attack”, Zionists report a “new”. Zionists from Jewish State wrote they “conducted investigation and identified that Said Buryatskiy undergone a lengthy training in Saudi Arabia”. Let us remind that critics of Said Buryatskiy assert the contrary – that he studied nowhere and is a self-taught person. Jewish State also revealed an “intel”: it turns out that Said Buryatskiy “swore allegiance” to Dokka Umarov. Certain Yossef Bodansky is presented as an “expert” investigating Jihad in Caucasus, who, as it is claimed, was before a director of the “Congressional Task Force on Terrorism and Unconventional Warfare of the US House of Representatives”. This «expert» declared, that the reason “Chechnya has become such an advanced threat are the tons of cash flowing from Saudi Arabia and the Gulf states for these kinds of operations”. We will remind that Moscow and its marionette Kadyrov assert the opposite, declaring that Mujahideen have neither money nor food, and that they will die of starvation soon. A colleague of Yossef Bodansky, an “expert” Gordon Hahn from Monterey Institute complained that western mass media got used to “frame the issue of Chechnya in terms of Russian human rights violations and the Chechen people’s autonomous yearning”. “It is actually a time to revise such approach, because it no longer represents the reality, and Chechnya has become an active hive of Islamist Jihad”, Gordon Hahn told. Department of Monitoring, Kavkaz Center Source: Quote: http://kavkaz.tv/eng/content/2009/10/09/11055.shtml”,”2009″,”10″,”12″
Anyway, his data may provide more once I do some more digging. Suffice to say that he seems to be more than just the average “Jihobbyist”…
Crusades
In other news… I came across this photo yesterday on a blog. The picture is from Afghanistan and I think it pertinent to show here and talk a little about…
Not unto us, o Lord, not unto us, but to Your name give glory
As you can see this image is counter productive to the GWOT because it lends credence to the arguments of the Salafist’s, that they are in a war with invading “Crusaders” What better image to say that here than the Knights Templar huh? This was left by the French Foreign Legion and not only does the imagery of the Templar give reason to the Jihadist ferver, but also note the use of the “mice” which looks a lot like a “rat” The mice/rat image is also reminiscent of the images of rats in Nazi propaganda.
This does not help our cause…
Just one of the perception issues that we face that is fueling this fire.. Thought I would share…
Jihadist Encyclopedias
While doing background on “CENSORED31” I came across this file set from 2008/09 that I was able to perform a full metadata investigation on. The file is called “Maosoet Eltadreeb Alaskary” and is a full series PowerPoint show with video tutorials and PDF’s on how to carry out Jihad. It’s much the usual fare you see out there to teach the takfiri how to perform tradecraft without the benefit of going to a camp somewhere in Peshawar or Waziristan. What was different about it was that it had a sole author and all the files had been bundled together….
Using FOCA, I was able to import all of the files in and see what the PC name was of the machine this guy was using as well as his username, system OS, and file structures that he as using:
System: PC_Mojahed
OS: Windows Vista
User1: Mojahed
User 2: ZAK
Etc etc… You can see from the jpg’s here the rest of the data. I am still looking into tracing this guy down a bit more so look for updates later on.
Overall, I really like using FOCA to get this data not only from local files but the web too. I will be using this in the next stage of the Binyamine investigation.. He has been posting more than a few photos… I wonder what his metadata is like….
More soon.
//END
#Stuxnet, Lying Liars Neener Neener Neener!
I cruised some of the .ir range yesterday and came up with a non DNS site for the Iranian Nuclear program (and much much more.. but that is for another time and another post) The above picture is a capture from a post from one of those sites back in July. The translation is as follows:
Here’s the translation by an Iranian coworker: The Stuxnet attacks are still happening and the virus is getting updated continuously. It also says they are monitoring the attacks and try to control it. They were expecting to clean the virus in 1-2 month but the virus has a dynamic nature and since start of cleaning process 3 new version of virus is published. They are also organizing some groups that help industrial centers to clean the virus. Also a helpdesk center has been setup that provide further information about cleaning etc..
So it seems that they were hit pretty hard.. But you won’t hear that from them.. Unless you start to crawl their shit. Seriously, the sites out there are on average running on IIS6 and poorly constructed. It’s a wonder they have any capacity at all to fight off the least of the malware out on the Internet today!
Meanwhile… Back at the Security Ranch….
The FUD, Snark, and Stupid factors have amped up on the whole Stuxnet thing out there on the intertubes. Look folks, its happened before! There is nothing about this that is revolutionary! Might I cite a little story about a Russian Pipeline back in the 80’s?
Disguised as an automated system test, the software instructed a series of valves, turbines, and pumps to increase the pipeline’s pressure far beyond its capacity, putting considerable strain on the line’s many joints and welds over a period of time. One day [in 1982], somewhere in the cold loneliness of Siberia, the overexerted pipeline finally succumbed to the pressure.
As satellites for the North American Aerospace Defense Command (NORAD) watched from orbit, a massive explosion rocked the Siberian wilderness. The fireball had an estimated destructive power of three kilotons, or about 1/4 the strength of the Hiroshima bomb.
It would be fourteen years before the real cause of the event would be revealed. When investigators in the USSR eventually discovered that the event had been triggered by sabotaged software, the KGB leadership were furious, but unable to lodge any official protest regarding the deliberate defect since that would also expose their own large-scale espionage efforts.
Upon realizing that the CIA was serving imitation intelligence, the other recent problems with US-derived designs were no longer so mysterious. Given the dramatic results of the pipeline bug, all of the burgled Western technology was immediately cast under suspicion, a situation which mired the Soviet’s borrowed progress in a pit of uncertainty and suspicion.
I remember this story from back in the day… Well, the 90’s as someone told me about it being an actual attack on a system with code by the CIA. Yep, I believe they even made it a subplot in a Bond film during the Brosnan years too.. So, Stuxnet was likely an attack on someone’s directed systems. Iran denied having Siemens systems and in fact Siemens said they did not sell equipment to them! However, a shipment out of Dubai was captured and in it was Siemens equipment that was confiscated.. So..
Hmmm We ALL knew they had the equipment to code to. Just as this document shows their connection to Siemens as wanting or actually doing business with them.
Meh.
Ok security community, time to get off the #Stuxnet FUD thing.. Here are the salient points and lets move on shall we?
- It was coded for a specific purpose for SCADA actions with Siemens PLC code
- Iran, India, Indonesia.. Well lets say “Asia” seems to have been affected the most
- We will NEVER know who made it.. Until it is declassified WAY WAY WAY in the future
- Iran’s nuclear facilities including Natanz are likely in paralysis still with it.
- All this one upsmanship on decoding and analysis is BS.. Finish the job before you go announcing shit at conferences
- Myrtus = Phallus in the eye.. In Jewish mysticism, the myrtle represents the phallic, masculine force at work in the universe. The end product here? Someone gave Iran an “Angry Pirate” with a circumcised penis!
- 19790509 = ANYTHING YOU WANT IT TO! It’s all subjective folks and just like Myrtus, likely a red herring!
Seriously, do you think that Israel is gonna put that much data into a code for the Iranians to latch onto substantiating that they did it? Ugh… Might as well paint a bullseye on their backs and pin a sign on that says “kick me”
To conclude, this is nothing new… It’s information warfare, only the means have changed with networked pc’s and new operating systems with 0days.
Give it up…
CoB
Krypt3ia 
