Ansar Al-Khilafah ZeroNet Edition…. Meh.
So a new jihadist/Da’esh site popped up in August (15th) that I was not aware of and was brought to my attention via a tweet at me this afternoon. The primary reason for not being really aware of it was that ostensibly the site is pseudo hidden by it’s being on “ZeroNet” which is a new form of darknet within the P2P systems like Bittorrent. The idea being that this site is hosted and torrented and is thus not really hosted on one system but potentially many.
Site location: Ansar Al-Khilafah http://127.0.0.1:43110/1F6yfsn94xyLo93zRgdKRjoLUtZGHYM11N/
Tweet by Manuel Torres pointing out the site
The site itself has a copy in the clearnet on wordpress so there is no great secret here. It is also a known quantity and the reality is that the site is marginal in the ranks of Da’esh wannabe’s but has a few solid heavy hitters that hang around. The site is more circumspect on membership and is much more oriented to a stricter OPSEC regimen ala the Andar1 site that the same guys hosted a while back. A cursory look at the clearnet site (the zeronet site was unable to load with 5 alleged seeders) doesn’t give any apparent leaks as to the owners real identities, email addresses and the like, but, one can always dig a littler deeper now can’t one?
ZeroNet is an interesting idea and it is rather new, so the security around it has yet to be really challenged I think. I will look into that some more as well in my off hours. One wonders that the anonymization might fail if one were hosting data as well as sharing data that might have metadata to look at or even some slip in protocols might cause information leaks. ZeroNet also suggests you use ToR or you use a proxy when you host or surf so there is that too. If you don’t then you are sharing your raw IP, which I can imagine some idiots might fail to comprehend and thus their OPSEC goes bye bye.