[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ISN] One Man's Info War on al-Qaida
Forwarded from: William Knowles <wk@xxxxxxx>
By Brian McWilliams
Dec. 18, 2002
In a case that shows both the risks and rewards of vigilante tactics,
an American man has hijacked two Web addresses apparently used by
al-Qaida to laud terrorist attacks.
The domains, jehad.net and jehadonline.org, are now in the control of
a manager for a large Minnesota financial services firm. The man said
he wrested control of the domains from their owners after reading on
Dec. 8 that al-Qaida used jehad.net to claim responsibility for recent
attacks on an Israeli airliner and a hotel in Kenya.
"I believe in free speech, but it upsets me to see people using this
great medium for such evil purposes," said the man, who asked not to
be identified but said he was willing to cooperate with U.S.
But some said the Minnesota man's actions, like those of other
patriotic hackers, could hinder rather than help the U.S. government's
war on terrorism.
"This guy might think he's being a hero, but in fact he's an idiot,"
said an official with DV2, the Atlanta ISP that hosts the sites. "The
FBI has been closely watching these sites, and by taking the law into
his own hands he may have screwed that up."
A spokesman for the FBI's terrorism task force in Atlanta said he
could not comment on the incident.
The owners of both jehad.net and jehadonline.org configured the
domains to point to the same site at DV2. In an October message on the
site, al-Qaida praised an attack in Yemen on a French oil tanker. Last
July, the site posted an audio message attributed to an al-Qaida
leader who threatened new attacks on the United States.
The Minnesota man said he was able to gain control of the two domains
last week after breaking into the MSN Hotmail account of someone using
the name Julliou Armani, a resident of Saudi Arabia listed as the
contact for jehadonline.org.
The handful of saved messages in Armani's account included some with
user names and passwords for managing the domains, the Minnesota man
said. Armed with that information, the hacker vigilante could have
modified the domains' records so that they no longer pointed to the
al-Qaida messages. But he has so far resisted the urge to sabotage the
"If I see a crime taking place, I'm the sort of person who would jump
in to try to stop it," he said. "I don't like that kind of thing
happening in my world."
Eugene Schultz, a security expert with the Lawrence Berkeley National
Laboratory, said law enforcement has "been burned" in the past by
trying to collaborate with online vigilantes.
While Schultz said the government is unlikely to "deal effectively"
with al-Qaida sites, he added that patriotic hackers might
unintentionally tip off terrorists or even goad them into retaliatory
"When faced with the opportunity to drive the bad guys off the Net,
the only ethical and legal solution is to contact law enforcement and
hope for the best," Schultz said.
To gain access to Armani's e-mail account, the Minnesota man said he
used a Hotmail feature that provides hints for users who forget their
passwords. He said he correctly guessed the answer to Armani's
self-chosen Hotmail "secret question," then he reset Armani's
Microsoft representatives were not immediately able to comment on
whether MSN would officially report the Hotmail account hijacking to
The hacker said he is willing to provide officials with the
information he got from the account, which included credit card data
used by the original owners to register one of the domains with
VeriSign, as well as aliases and addresses used by the site operators.
But even the organizer of an online effort to shut down terrorist
sites frowned on hacking al-Qaida.
"I think information warfare is best left to governments and should
not be waged by civilians," said Aaron Weisburd of the Internet
Haganah, which relies exclusively on notifying ISPs and law
"Communications without intelligence is noise; Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@xxxxxxxxxxxxx with 'unsubscribe isn'
in the BODY of the mail.