Interview with Cyber Warrior
Interview with Cyber Warrior
The Jester (th3j35t3r)
A fellow cyber trooper: The Jester (th3j35t3r)
He has a very interesting cyber side arm.
A Cyber stun gun.
I bumped into you on Twitter.
And we've seen you take down terrorist sites for 30 min to n hour.
And youv'e been doing this since Jan.
"Bio Hacktivist for good. Obstructing the lines of communication for terrorists, sympathizers, fixers, facilitators, oppressive regimes and other general bad guys."
And I'd like to ask you some questions for my readers.
Why only 30 min?
Well the idea of the 30-60 minute downtime here is to force the bad-guys to distrust their own technology. By hitting them randomly for short periods, rather than knocking them out totally, it will sooner or later make these services too unreliable for them to be of any real use to the bad guy.
Why not 24 hrs or take it down completely?
This approach is about disruption not destruction, XerXeS could quite happily drop a site (or multiple sites simultaneously) for any period. However, I need to also allow room for any spooks out there to collect intelligence (if any there is anything actionable). It's a big enough arena for us all to play nicely.
How did you get involved in CT.
Are you University trained or self taught?
I am self-taught mainly, I have never found a use for anything I learned on a course in a real world situation. Nothing more to say here G.
How did you discover this vector?
I need to be careful here, but basically I was messing around with Web Service Server Hardening stuff, and stumbled across it. I decided to develop it further, into what is now known as XerXeS. Once I realized it's effects I decided to make use of it against the people who recruit your 'homegrown' terrorist. Make no mistake, there is no need for any face-to-face contact now for a jihadi recruiter to zero in on a young muslim in your country and groom him to carry out acts of violent jihad on your own soil. And that goes from initial contact to, support, to providing instructional materials, to prepping and 'arming' the groomed person seconds before the attack. Its all done over the internet.
And its not bot driven or a DDOS attack?
Right. No definitely no bots, or Zombie PC's, this can run on a low powered netbook, over a 3G internet connection on your cellphone.
How do you select what sites to down?
I get fed possible marks from the general concerned public and other hacktivist types. But I have to be careful, firstly I look at where/who the tip came from, then I verify that the site is actively working to support violent jihad in some way, then I tentativley probe looking for signs of a honeytrap, after that it's weapons hot, weapons away. But to disrupt not destroy. It's the same tactics the any terrorist organization strives for, the death bombs create, is second to the disruption to public services they create.
Can you target an IP adr?
Yes, XerXeS treats a raw IP address exactly the same..
How long can you keep a site down?
Indefinitley. Actually XerXeS is now more effective, it will take out up to 20 target sites simultaneously all from one box.
Have you received many death threats?
I have received a few, but I am not really too concerned with them. I have taken every conceivable measure to protect myself.
XerXeS is developing into a fully loaded multi-vector attack platform, so if it can't get you via one angle, it will get you via another. Everything from DNS cache poisoning, DOS, to exploiting backend databases like SQL, MySQL, etc. .
Thanks for answering some of our Qs
Love your work.
XerXes Cyber side arm video.
Tactical Internet Systems analyst.
Paradigm Intel :
Its one hell of a Cyber Side Arm.
Labels: Interview with Cyber Warrior