'Jester' ex-military hacker takes the distributed out of DDOS attacks

Whilst single point denial of service software has been available in the hacker domain for some time, its usage has been restricted to relatively high-powered computers with T1 or better upload speeds, Infosecurity notes. According to online reports, however, a patriotic Islamic hacker — with possible military connections — and with the moniker of `Jester' on Twitter has been creating denial of service attacks on a number of sites he associates with al-Qaeda and Jihadist terrorists.

What is interesting about the attack vectors used is that the attacks are reportedly being made through the Anonine.com Swedish IP anonymiser service, which offers users high levels of anonymity in return for a modest monthly payment.

Unlike many other anonymiser services, Anonine does not impose IP traffic limitations, which appears to allow the Jester the ability to open up multiple IP sessions across a single internet connection.

According to Richard Steinon, a senior analyst with IT Harvest, the hacker has been documenting his attacks against a number of sites including www.alemarah.info, www.radicalislam.org, islamicpoint.net, www.almaghrib.org, www.as-ansar.com, www.islamicnetwork.com, www.islamicawakening.com, and www.ansarnet.info, since the start of the year.

Last Thursday, Steinon said that the Jester has posted a message that the Presidential website of Iran (www.president.ir) was going to be unavailable for the next 40 minutes, due to the country's oppressive Islamic regime.

"I approached The Jester through (direct messaging on Twitter) and provided my email address. I wanted to understand his/her motivations and intentions. These are still not completely clear but this post sums it up — the Jester Tweets; the Jester is taking on radical Islam through the web," he said in an online report.

Steinon also got a response via email from the Jester:

Hi again Richard,

Forgive me if I may sound vague on any of the following, as you can probably understand I need to protect my own identity for the moment.

I am an ex-soldier with a rather famous unit, country purposely not specified. I was involved with supporting Special Forces, I have served in (and around) Afghanistan amongst other places. Since `leaving' the governments payroll, it has occurred to me that the bad-guys are in fact starting to utilise the web more and more as a recruitment, communication, and propaganda medium.

I have been and continue to develop methods and tools to disrupt, mis-inform and obstruct this kind of terrorist activity. Kinda like taking them down from the inside, and using my weapon of choice. The method I have used to take-down the sites mentioned on twitter is rather special, it's only downfall right now is that it is obviously only temporary disruption. But I can however take down and put back their sites at will. The attack is like a DDOS attack, except without the first.

There is nothing 'distributed' about this. It is possible with very low bandwidth and a single low-spec linux machine. I am still refining the tool, but if you check right now — www.alemarah.info is in fact temporarily down, until I decide to bring it back.

According to the Jester, he is not defacing websites, a practice he denounces as mere graffiti, but wants to demonstrate a denial of service attack system he claims works over layer 7 of the internet and which runs from a linux server.

What’s hot on Infosecurity Magazine?