11/15/12

Iran Sites Open 2 Joomla -K-CMS Hacking

gAtO wAs – in the kitty box scratching and found some sites in Iran that have the same problem that Syria has. Outdated older Content Management systems like Joomla and KCMS_1.0[2] and many other sites have Microsoft Visual Studio.NET 7.0. These require more research as to vulnerabilities but we are working on that. But gAtO found you guessed it Joomla 1.5 CMS all over the place. The same vulnerabilities that Syria has they have

This is easy to do with any browser do a search on any search engine “site:.gov.ir” and you will get a list of all the .gov.ir sites everywhere. Now remember with a translate button(on your browser) you can read these site in any language you want. The other trick is once you get to any site on your browser just go to >>Edit>>Source Code. and lot’s of sites will tell you the content creation: All sites in any language the HTML is always in english.

<meta name=”generator” content=”Joomla! 1.5 – Open Source Content Management” />

If your smart and are doing this in a government site I would remove this information. Now besides Joomla 1.5 gAtO found lots of sites with KCMS_1.0[2] and you guessed it again they are older versions and have vulnerabilities. So now gAtO will publish this list and update it as we find more and more vulnerabilities. Why doe gATo do this. It my way of showing the world that anyone can help, anyone with any talent can contribute to making this world a better world. I hope this informtion helps someone to be free- gAtO oUt.

Some site have this warning be careful :This site may harm your computer.

Research Notes:

IRAN site:.gov.ir

http://xforce.iss.net/xforce/xfdb/33437 Apr 4, 2007 – CVE-2007-2106: Directory traversal vulnerability in index.php in Kai Content Management System (K-CMS) 1.x allows remote attackers to ..

K-CMS (Kai Content Management System) could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL request to the index.php script using the current_theme parameter to specify a malicious file from a remote system, which could allow the attacker to execute arbitrary code on the vulnerable Web server.

Many of Irans site use ArPortal 7.1.2 while many others us Microsoft Visual Studio.NET 7.0

[1] security tips for Joomla Websites http://www.itoctopus.com/10-security-tips-for-your-joomla-website

[2] <meta name=”generator” content=”KCMS 1.0″ />

K-CMS (Kai Content Management System) index.php file include

http://www.sarvabad.gov.ir/

http://www.abhar.gov.ir/index.php?limitstart=63

http://www.abhar.gov.ir/

pishva.gov.ir

http://www.zanjan.gov.ir/

http://chaloos.gov.ir/

http://mianeh.gov.ir/

http://easabt.gov.ir/protocol/

Saman Information Structure

http://ea.mim.gov.ir/

http://www.sadra-ntoir.gov.ir/

http://www.sarvabad.gov.ir

News – ????? ??? ????? ? ????? ???

sabtyazd.gov.ir/index.php?option=com_newsfeeds…id…

This site may harm your computer.

Joomla 1.5.15 Released. The Joomla Project is pleased to announce the immediate availability of Joomla 2.5.0. This is a security release. Version 2.5.0 is is the …

www.khodabandeh.gov.ir/ - Translate this page

www.sabtyazd.gov.ir/index.php?… - Translate this page

This site may harm your computer.

… C:\Inetpub\vhosts\sabtyazd.gov.ir\httpdocs\libraries\joomla\session\session. php … %PDF-1.5 3 0 obj < > endobj 4 0 obj < > stream x?U?k A ?? ? ?Zz s …

http://www.leader.ir/langs/en/

http://www.president.ir/en/

http://www.saamad.ir

iten.behdasht.gov.ir – Site News

http://uscyberlabs.com/blog/wp-includes/images/smilies/icon_confused.gif

07/21/12

Anon iWot Team (Internet War On Terror)

gAtO see – a new twist on Anonymous – They are going after the money trail of terrorist – Dahabshiil International Funds Transfer is their target. This team call’s itself iWot -“Internet War On Terror” Now the reason gAtO looked carefully at this group is because #1 they are going after bankers –lulz– #2 this is a well though out plan to first show they have the real information before the big data bump. But there is more to this first announcement -

I kind of followed the data and when I saw – BAYD0009016 MOHAMED MURSAL SHEIK A/RAHMAN - this is Omar Abdel-Rahman also know as the Blind Sheikh – famed World Trade Center 1993 bombing. and tied to — (Somali: Maxamed Mursal Sheikh Cabduraxman) is a former deputy district commissioner and Minister of National Assets and Procurement of Somalia - Well this posting has got my attention.

This list also has CHILDREN’S VIILLAGES of SOMALIA and some other innocent looking people. After looking at some of the names and email and google a few —> this one is real there are some real terrorist on this list. These guy’s have a little class and I like that in a hacktivist. I will have to keep and eye out for this groups they have interesting lulz -gAtO oUt

This new paste -http://pastebin.com/VqrSV5bG

Untitled

BY: A GUEST ON JUL 19TH, 2012 | SYNTAX: NONE | SIZE: 11.12 KB | HITS: 739 | EXPIRES: NEVER

After years of offensive hacking against many companies, governments, etc, we [Anonymous], decided to share data related to an internal confidential project from multiple l33t hackers worldwide. We called that “iWot“, meaning “Internet War On Terror“.

Though we will never forget what happened with Megaupload, Pirate Bay, Sopa, friends, etc, our sub-branch of the Anonymous was created with trusted hackers, to follow a specific goal. This email will be the first from us. Thanks to spread our words

We officially declare War on Terror. This is a call for actions of monitoring and/or destruction of companies and institutions that do work with terrorists, rogue countries, etc.

We already broke the security of multiple networks on earth. Each time we will be able to control them, and to steal data, we will then publish our documents on the net, or share them directly to people involved with Newspapers, Justice, etc, worldwide. Some documents, about some banks working with rogue countries, were already shared to some email addresses. And we are quite happy to see that the truth is on its way.. sometimes..

As some of us already explained, we are not a terrorist organization. It’s just that we are fed-up with the fact that our society is loosing time. So we just decided to speed-up actions against terrorists and their friends. We will first try to eradicate the sources of terrorist financing. It is not possible to know at this time the precise scope or the duration of our actions to counter terrorist threats linked to Internet.

Today, as a proof of concept, we will share information about a really evil bank, hiding ugly activities with terrorists. It’s called “Dahabshiil“, an international funds transfer company. Their networks have been broken by different hackers teams for many years. And it’s time for us to share information here in this mail.

Thanks to Wikileaks, secret documents related to Guantanamo detainees publicly explained part of the truth about Dahabshiil. A veteran extremist and a probable associate of Usama Bin Laden, provided direct financial support to Al-Qaeda, Al-Wafa and other terrorist and terrorist support entities through the Somalia-based company Dahabshiil. This bank is currently helping Al-Qaeda, including members of Al-Shabaab.

Despite the fact that the CEO of Dahabshiil tried to get rid of some people, and sometimes people from its own family, this will not be enough for us. We have stolen many many many documents from Dahabshiil. We have destroyed many workstations in Australia, Kenya, USA, UK, Sweden, Somalia, Dubai, Djibouti, etc. We can transfer money from accounts to accounts, despite the stupid security with tokens, passwords, etc. We have modified Windows kernel on many servers and workstations. We have added different kind of cyber-bombs hidden on many workstations and servers. We have powned switches, routers, firewalls, satellite stuff from Telco, etc.

As Dahabshiil members might think we are lying, we have to share data. Feel free to download and copy the data before everything get destroyed, as it’s totally illegal. And now, if Dahabshiil members were unable to understand why the network sometimes crashed, the computers sometimes died, data from internal servers sometimes died, etc, do not search. It was just our actions against you, with people from our team. As an example, we recently destroyed data on the internal LAN in Somaliland, from the Dahabshiil Headquarters (Hargeisa, etc). That’s why you guys, lost Gigs of internal sensitive data on main servers like \\Dahabshiil7, \\Dahabshiil6…

By the way, we also found out that many employees were looking at facebook stuff, personal email, and tons of incredible hardcore porn web sites especially in countries from the Arabian Peninsula, and from the bank (not at home). Also, the password of the account Administrator of the internal LAN in Somaliland, was mainly “Dahab1234″. Awesome. This is how they protect data of their customers. Quite a serious bank. As we have remote 0days against some of their tools, we easily took the control of any workstations there. Then we bounced and bounced, in order to explore this bank. Hopefully, we were a huge number of hackers at the same time, and during months, which helped at stealing sensitive data, spying on end-users and banking transactions, etc. After months and months of fun against these guys who support Terror on earth, we just decided that it was time to destroy them.

This was just the beginning… and just a proof. So from now, dear Dahabshiil members and customers, you can expect a global internal destruction in less than 2 months. You can keep on asking external consultants, even in Europe, about how to install Antivirus, Firewalls, NAC, IPS, Waf, etc. But we will still destroy your networks, steal your data, and sometimes share internal stuff to the public. This is called a sabotage… We had first to be sure that you could not get rid of our offensive tools. That’s why we used two layers of tools. Skilled stuff (with kernel 0dd modifications, etc), and easy tricks (to annoy and to play with your network/data). Now it’s ready. The bombs will kill your networks and your data in less than 2 months. You can also backup the poor data that you still have, but we also infected random Office/PDF documents left, so you’ll just backup some of our bombs, and your network will still die.

If you want us to immediately stop this cyber-sabotage, it’s quite easy. We just ask you to stop lying, to recognize your help with Somalia terror, and to officially change your behavior. We need a public message from you, as a proof. As you might have seen, public excuses of far more bigger banks than Dahabshiil, were done recently, from people who worked with rogue countries, etc. So, we just ask you to do do the same and to change. We will monitor you, as we already made these years. You have 2 months. Maximum. If we see that you are still asking for help against us, to your supposed-to-be IT Security consultants (UK, etc), or if we see that you are trying to clean our stuff in your kernels, etc, we will then launch the cyber-bombs before the 2 months. You don’t have the choice. You have to submit. You have to leave this world of hate, this world of slaughters, this world of killers, and to leave terrorists behind you.

Of course you needed money. Of course most of your employees/customers are not terrorists. Of course most of your employees/customers didn’t know your links with Terror. Of course someone else would have done this in your place. Of course our offensive actions are totally illegal (like yours when you support Terror). But according to us, these reasons are not good reasons. The countdown is already running. It’s too late. You have the choice between living, or dying with honors in the family of people who helped terrorists. You will be our first public example of cyber-destruction, as others already changed their minds. Be smart. Choose life.

And now a message to Dahabshiil customers: if you have money in this bank, if you are a customer of this bank, if you use this bank to transfer money from a country to another, and even if you are not a terrorist, we will let you less than 2 months before we either publish your personal information (passport, ID card, postal address, phone, email, etc), or we destroy your account by moving your money elsewhere, which will not be complex. As an example, we already shared this kind of information, as a proof of capability. Less than 2 months. After that, don’t cry if you lost your money at Dahabshiil, even if they told your that everything was under control (lulz), that they were able to clean their systems (lulz), etc. So, just take your money out of Dahabshiil now (!), and leave them behind you, before the destruction of this unofficial financial support for terrorists. First casualty of war is innocence. Be smart. Choose life.

And now a message to people in the same situation than Dahabshiil: If you are working with terrorists, if you are helping them, if you are linked to them, we will find you, and you will also be destroyed by our cyber-team, sooner or later. There is no place for you on earth. No place for you on Internet. No place for hate. Make love. Make kids. Be smart. Choose life.

We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us

Anon iWot Team (Internet War On Terror)

Bonus: This is really sad to see that some companies helped Dahabshiil after our intrusions (sometimes from Europe, etc). We won’t reveal the names of these IT Security workers, cause we understood that they just wanted to make money. But, as a last advice for them and their family, thanks to think twice the next time you will help Dahabshiil and terrorists. You are helping people who helped Al-Qaeda, like many other unscrupulous Islamic banks that helped at laundering kind of donations. We know you. You are not anon anymore. *We are Anonymous.*

Credits: though we will hide the identity of the people who helped us, we will at least share our thanks to their organizations, for those who accepted it. So, many many thanks to people from Iomart (!), from Vizada and from Somtel. Some of them accepted to share technical stuff (passwords, remote access, etc) as they do follow our spirit and our values against Terror. *We are legion.*

Contacts: no need to answer to this email address, as it’s not ours. If you want to meet us, as always we’ll be at Defcon soon, and we hope that there will be a special prize for Dahabshiil, though it’s a bit late to propose them to the Powney Awards. We do believe that being an international bank, with really lame security, fake official answers, and real links with terrorists to kill people in Africa, Europe or America (Al-Qaeda), should bring them to a special prize. They deserve it. *We do not forget.*

Future: if you want to participate, just share your thoughts or ideas of targets on Internet with the official related proofs showing links with terrorists. Like any skilled hackers, we can have remote access anywhere on earth (gov, telco, comp, etc) as the current IT Security community is just selling dreams and fake products. If you like our values, thanks to support Anonymous iWot (internet War on terror) and put tags like #anoniwot2012 so that we can find your list of targets, your messages, your help, your ideas, etc. You cannot contact us directly, so, please shout enough so that we can hear you. You can just share message to our teams on public spaces, and we’ll read them. Before that, if you enjoyed our specific actions against terrorists in Somalia, thanks to really show your support about this Somaleaks operation, with the tag #somaleaks and just wait, as many other places might burn sooner or later. *Expect us.* –DATA Dump http://www.animegist.com/old//Somaleaks/

07/7/12

Cyber Jihad Intelligence last 6 months in 2012

Jihad Intelligence last 6 months in 2012

gAtO found the International Institute for Counter Terrorist pretty good site

Periodical Review: Summary of Information from Jihadi Forums

The Second Half of May 2012

This report summarizes notable events discussed on jhadist Web forums during the second half of May 2012. Following are the main points covered in the report:

Sheikh Ayman Al-Zawahiri calls on the residents of Saudi Arabia to organizemass protests to overthrow the Saudi regime.
The Pakistani Taliban publish a video of the storming of Bannu Prison, duringwhich nearly 400 Muslim prisoners were freed, among them Taliban involvedin an attempted assassination of the former president of Pakistan.
The Islamic State of Iraq exhorts Sunnis to realize that it is protecting theirinterests, while the Shiites are the real enemy, and must be fought.
Al-Qaeda in the Arabian Peninsula (AQAP) takes responsibility for an attack against Yemen’s minister of defense and US military officers at a military basenear Sana’a.
Ansar Al-Din and the National Movement for the Liberation of Azawad jointlyagree to establishment an Islamic state in Azawad, northern Mali.
A new Libyan Salafi-jihadist group, “The Imprisoned Sheikh Omar Abd Al-Rahman Brigades”, publishes its first announcement.
The Islamic Emirate of Afghanistan publishes the second issue of the Urdu-

language magazine Shariat.

Fatwas, March-April 2012

This review reports the main fatwas [religious-legal rulings] appearing in March and April 2012 on Minbar Al-Tawhid wal-Jihad, a Web site
run by the Salafist ideologue Abu Muhammad Al-
Maqdisi.1 The fatwas are issued by the prominent

Salafists who comprise the site’s Sharia Committee, in
response to Web surfers’ questions.
Among those we have chosen to highlight in this review
are fatwas covering the following: the religious-legal
obligation of every Muslim to join jihad in Syria;
affiliation with a Salafist political party; enlisting in an infidel army for the purpose of espionage; involvement in Libya’s National Transitional Council; and the status of the Free Syrian Army vis a vis the Salafist-jihadist Front for the Defense of the Syrian People.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Jihad Intelligence last 6 months in 2012

28/6/2012 Periodical Review: Summary from the Jihadi Forums – The Second Half of May 2012

ICT’s Jihadi Websites Monitoring GroupThis report summarizes the most prominent events brought up in the Jihadi online forums in the second half of May 2012. Following are the main issues raised in this report:
• Sheikh Ayman Al-Zawahiri calls on the residents of Saudi Arabia to organize mass protests to overthrow the Saudi regime.
• The Pakistani Taliban publish a video of the storming of Bannu Prison, during which nearly 400 Muslim prisoners were freed, among them Taliban involved in an attempted assassination of the former president of Pakistan.
• The Islamic State of Iraq exhorts Sunnis to realize that it is protecting their interests, while the Shiites are the real enemy, and must be fought.
• Al-Qaeda in the Arabian Peninsula (AQAP) takes responsibility for an attack against Yemen’s minister of defense and US military officers at a military base near Sana’a.
• Ansar Al-Din and the National Movement for the Liberation of Azawad jointly agree to establishment an Islamic state in Azawad, northern Mali.
• A new Libyan Salafi-jihadist group, “The Imprisoned Sheikh Omar Abd Al- Rahman Brigades”, publishes its first announcement.
• The Islamic Emirate of Afghanistan publishes the second issue of the Urdulanguage magazine Shariat.

14/6/2012 Periodical Review: Summary from the Jihadi Forums – The First Half of May 2012

This report summarizes the most prominent events brought up in the Jihadi online forums in the first half of May 2012. Following are the main issues raised in this report:
• Ayman Al-Zawahiri calls on the Muslims of Afghanistan, Somalia and Yemen to fight Western forces in the lands of Islam and revolt against “collaborator” regimes.
• Al-Qaeda again threatens to execute American-Jewish hostage Warren Weinstein.
• The Shura Council of the Islamic Emirate of Afghanistan declares “open season” against occupation forces in Afghanistan.
• Sheikh Fahd Al-Quso Al-Awlaki, a senior military leader of Ansar Al-Sharia, has been assassinated.
• The English-language jihadist magazine Inspire resumes publication after a hiatus with two issues on individual jihad.
• A new jihadist magazine about efforts to free Muslim women prisoners has hit the cyber newsstand: Majalat Al-Asirah [The Woman Prisoner].
• The second issue of the jihadist magazine Al-Qaeda Airlines appears.

ICT’s Jihadi Websites Monitoring Group26/5/2012 Periodical Review: Summary from the Jihadi Forums – The Second Half of April 2012

ICT’s Jihadi Websites Monitoring GroupThis report summarizes the most prominent events brought up in the Jihadi online forums in the second half of April 2012. Following are the main issues raised in this report:
• The leader of Al-Qaeda in the Islamic Maghreb (AQIM) calls on the Algerian people to boycott the coming elections in Algeria.
• AQIM threatens to attack Britain following its decision to extradite Abu Qatada Al-Filastini to Jordan.
• The Front for the Defense of the Syrian People steps up terrorist activity against Syrian government forces.
• Abd Al-Ghnai Jawhar, an explosives expert for Fath Al-Islam, is killed in Syria.
• Senior Salafi-jihadists in Egypt increase their propagandizing in Tahrir Square.
• A new series on preparing poisonous substances is published.
• Fursan Al-Balagh, a new jihadist media outlet, appears.

16/5/2012 Periodical Review: Fatwas – March – April 2012

ICT’s Jihadi Websites Monitoring GroupThis review reports the main fatwas [religious-legal rulings] appearing in March and April 2012 on Minbar Al-Tawhid wal-Jihad, a Web site run by the Salafist ideologue Abu Muhammad Al- Maqdisi. The fatwas are issued by the prominent Salafists who comprise the site’s Sharia Committee, in response to Web surfers’ questions. Among those we have chosen to highlight in this review are fatwas covering the following: the religious-legal obligation of every Muslim to join jihad in Syria; affiliation with a Salafist political party; enlisting in an infidel army for the purpose of espionage; involvement in Libya’s National Transitional Council; and the status of the Free Syrian Army vis a vis the Salafist-jihadist Front for the Defense of the Syrian People.

10/5/2012 Periodical Review: Summary from the Jihadi Forums – The First Half of April 2012

ICT’s Jihadi Websites Monitoring GroupThis report summarizes the most prominent events brought up in the Jihadi online forums in the first half of April 2012. Following are the main issues raised in this report:
• The leadership of Al-Qaeda and of its Somali affiliate Al-Shabab Al- Mujahideen threaten Britain with retribution for its intention to extradite al- Qaeda spiritual leader Abu Qatadah Al-Filastini to Jordan.
• Waliur Rehman, deputy commander of the Pakistani Taliban, threatens the UK with attack if it refuses to release Islamist prisoners – or at least improve their conditions.
• The Islamic Emirate of Afghanistan takes responsibility for a series of synchronized terrorist attacks against embassies and other targets throughout Afghanistan.
• Sheikh Abu Ubayda Yusuf Al-Annabi expresses solidarity with the Syrian people in their struggle against the regime of Bashar Al-Assad.
• A new jihadist series on military affairs, Al-Qaeda Airlines, is released.
• A new jihadist magazine is issued in Swahili.
• Evidence increases of the involvement of contributors to jihadist Web forums, such as Shumukh Al-Islam, in actual jihad and in terrorist activities.
• Leading jihadist Web forums Shumukh Al-Islam and Al-Fida resume operation after a temporary takedown last month.

21/4/2012 Periodical Review: Summary from the Jihadi Forums – The Second Half of March 2012

ICT’s Jihadi Websites Monitoring GroupThis report summarizes the most prominent events brought up in the Jihadi online forums in the second half of March 2012. Following are the main issues raised in this report:
• In two separate audio files, Al-Qaeda leader Ayman Al-Zawahiri exhorts the Pakistani people to oppose their army and government, and the Afghani people to join jihad and beware of Muslims who collaborate with the US.
• Muhammad Al-Zawahiri, brother of Ayman Al-Zawahiri, is released from prison in Egypt.
• The Pakistani Taliban will wreak vengeance on the Pakistani regime and gain control of Pakistan’s nuclear weapons, according to top Taliban commander in Mohmand tribal region Sheikh Omar Khaled Al-Khurasani.
• Al-Qaeda in the Islamic Maghreb (AQIM) will strike at the heart of Germany, it says, unless the German government frees a Muslim woman prisoner in exchange for the release of a German hostage being held by AQIM.
• Contributors to jihadist Web forums praise Mohammed Merah, the terrorist from Toulouse, and urge Muslim youth in the West to emulate him.
• Leading jihadist Web forums Al-Fida, Shumukh Al-Islam, and Ansar Al- Mujahideen cease functioning during the latter half of March 2012. Ansar Al- Mujahideen and Shumukh Al-Islam resume activity in early April.

11/4/2012 Periodical Review: Summary from the Jihadi Forums – The First Half of March 2012

ICT’s Jihadi Websites Monitoring GroupThis report summarizes the most prominent events brought up in the Jihadi online forums in the first half of March 2012. Following are the main issues raised in this report:
• Given what he calls the Iranian-Shiite conspiracy to attack and take over Saudi Arabia, Sheikh Abu Sufyan Al-Azdi Al-Shari, the deputy head of Al- Qaeda in the Arabian Peninsula (AQAP), urges Sunnis to wage jihad against the Shiite population of Saudi Arabia.
• Al-Qaeda in the Arabian Peninsula (AQAP) takes responsibility for assassinating an American military intelligence officer in Aden, Yemen.
• Ansar Al-Sharia declares Shabwa Province the Islamic Emirate of Yemen.
• Ahmad Faruq, Al-Qaeda’s head of the propaganda department of Al-Qaeda in Pakistan, calls for jihad against the Pakistani Army. He confirms the death of Ilyas Kashmiri, the operations officer of Al-Qaeda in Pakistan.
• Al-Balagh, a new jihadist magazine that focuses on events in Syria, is published.
• Majlat Al-Salafiyya, a new electronic Tunisian Salafi-jihadist weekly, is published.
• Leading jihadist forums embark on a massive campaign advocating Ansar Al- Sharia in Yemen.

30/3/2012 Periodical Review: Summary from the Jihadi Forums – The Second Half of February 2012

ICT’s Jihadi Websites Monitoring GroupThis report summarizes the most prominent events brought up in the Jihadi online forums in the second half of February 2012. Following are the main issues raised in this report:
• A new video clip was issued, in which Ayman Al-Zawahiri calls for the revolution in Egypt to continue until the representatives of the previous regime have been eliminated, ties to the US have been severed, and the peace treaty with Israel has been nullified.
• The Islamic Emirate of Afghanistan encouraged Afghans serving proximate to Western security forces to attack them, and cited the Afghani chef who poisoned American soldiers as an example.
• Propaganda has increased against the Syrian regime, as have appeals to assist the Syrian people in their struggle against the regime.
• Al-Qaeda in the Arabian Peninsula (AQAP) took responsibility for an attack on the presidential palace in Yemen on the eve of the transfer of power from Yemen’s former president, Ali Abdullah Saleh, to its former vice president, Abd-Rabbu Mansour Hadi.
• Two new jihadist media institutions have been established: Al-Tahadi, and Inform Foundation for Media Production.
• A new jihadist Web forum called Al-Qital has been established.

19/3/2012 Periodical Review: Fatwas – January – February 2012

ICT’s Jihadi Websites Monitoring GroupThe following report details the main fatwas published in January and February 2012 on Minbar Al-Tawhid wal- Jihad, a Web site run by the Salafi ideologue Abu Muhammad Al-Maqdisi. Web surfers’ questions are answered by the site’s Sharia Committee, which comprises a number of prominent Salafi sheikhs.This publication presents some of the religious-legal rulings [fatwas] handed down in January and February 2012. Among them, we highlight fatwas concerning the Islamic laws regulating participation in Libya’s National Transitional Council; the status of property looted from the estate of the deposed tyrant Muammar Qadhafi and, similarly, the status of property looted from members of the Syrian regime; the stance one should take toward Sunni soldiers fighting in the Syrian Army; and whether or not it is permissible under Islamic law for a Muslim to work for one of the security forces (police, military, FBI) in the West.

6/3/2012 Periodical Review: Summary from the Jihadi Forums – The First Half of February 2012

ICT’s Jihadi Websites Monitoring GroupThis report summarizes the most prominent events brought up in the Jihadi online forums in the first half of February 2012. Following are the main issues raised in this report:
• Ayman Al-Zawahiri, the leader of Al-Qaeda, announced that the Somali movement Al-Shabab Al-Mujahideen had officially joined Al-Qaeda.
• Al-Shabab Al-Mujahideen organized a large celebration in honor of its having joined the ranks of Al-Qaeda.
• Ansar Al-Sharia in Yemen executed three Yemeni citizens suspected of collaborating with US forces.
• The Islamic State of Iraq took responsibility for assassinating Mullah Nadim Al-Juburi, a former leader who had left the organization.
• Abu Muhammad Al-Tahawi, an influential Salafi-jihadist in Jordan, called for jihad against the regime of Bashar Al-Assad.
• A new volume was published of Al-Shamikha, a jihadist magazine for women.
• New volumes appeared of three publications that cover the jihad in Afghanistan.
• The Salafi-jihadist media outlet Al-Faroq, which focuses on Egypt, launched a new Facebook page.

28/2/2012 Periodical Review: Summary from the Jihadi Forums – The Second Half of January 2012

ICT’s Jihadi Websites Monitoring GroupThis report summarizes the most prominent events brought up in the Jihadi online forums in the second half of January 2012. Following are the main issues raised in this report:
• The Nigerian group Boku Haram has taken responsibility for a series of coordinated attacks perpetrated on January 20, 2012, against several police institutions in Kanu, the second-largest city in Nigeria.
• Using a car laden with explosives, the Somali group Al-Shabab Al-Mujahideen carried out a suicide terrorist attack against the regional headquarters of the Ethiopian Army in the city of Beledweyne.
• Ansar Al-Sharia has succeeded in taking over the city of Rada’a in Yemen.
• The Shari’a Council of Al-Qaeda in the Arabian Peninsula (AQAP) has ruled that the faithful may kill the Houthis in Yemen, and stating that, in fact, it is the duty of every Muslim to wage war against the Houthis.
• The spokesman for the Islamic State of Iraq has emphasized that the jihad in Iraq will continue even though the US has withdrawn its troops, and that now the majority of effort will be directed against Iran’s agents in Iraq and their Shi’ite allies.
• A new jihadist group called “The Aid Front for the Syrian People” has been established, with the central goal of overthrowing Bashar Al-Assad.
• A new Salafi group has been established in Egypt named “Followers of the Sunna for the Salvation of Egypt” and headed by Hani Al-Sibai and Tariq Abd Al-Halim.
• A new jihadist Turkish periodical, ?slam Dünyas?, has been published.

12/2/2012 Periodical Review: Summary from the Jihadi Forums – The First Half of January 2012

ICT’s Jihadi Websites Monitoring GroupThis report summarizes the most prominent events brought up in the Jihadi online forums in the first half of January 2012. Following are the main issues raised in this report: • The Chairman of Al-Qaeda in the Islamic Maghreb’s Political Committee addresses the Algerian people, telling them to bring down the Algerian regime.
• The Emir of the “Al-Tawhid wal-Jihad” Group in western Africa threatens France with war and claims responsibility for the abduction of three Europeans from south Algeria.
• The Emir of the Nigerian “Boko Haram” Group promises to continue with the operations against the Christians.
• The leader of the Kenya branch of the “Al-Shabab Al-Mujahideen” movement stresses that Kenya is a legitimate Jihad arena.
• The “Al-Qayrawan” Tunisian Salafi-Jihadi media institute expands its propaganda activity and is embraced by the “Shumukh Al-Islam” Jihadi forum.
• Three new issues of the Islamic Emirate of Afghanistan.
• A new newsletter called “Shahada”, focusing on the Somali jihadi arena.

22/1/2012 Periodical Review: Fatwas – November – December 2011

ICT’s Jihadi Websites Monitoring GroupThe following report details the main fatwas published in November and December, 2011 on Minbar Al-Tawhid wal-Jihad, a Web site run by the Salafi ideologue Abu Muhammad Al-Maqdisi. Web surfers’ questions are answered by the site’s Sharia Committee, which comprises a number of prominent Salafi sheikhs.This publication presents some of the religious-legal rulings [fatwas] handed down in November and December 2011. Among them, we highlight fatwas concerning joining the Free Syrian Army and the revolutionaries in Libya; participation in protests against the continued rule of the Supreme Council of the Armed Forces in Egypt; participation in demonstrations against the regime in Morocco, alongside elements whose principles contravene those of Islamic religious law [shari'a]; the appropriate response to a French newspaper’s having derided the prophet Muhammad; and the essence of the relationship with the Al-Nahdha Party in Tunisia.

16/1/2012 Periodical Review: Summary from the Jihadi Forums – The Second Half of December 2011

ICT’s Jihadi Websites Monitoring GroupThis report summarizes the most prominent events brought up in the Jihadi online forums in the second half of December 2011. Following are the main issues raised in this report: • Abu Yahya Al-Libi summarizes the key events of 2011.
• A new video clip in memory of Anwar Al-Awlaki is produced by Al-Qaeda in the Arabian Peninsula (AQAP), and a message is sent to Muslims living in the US to join the battlefields of jihad or to fight the US on its own soil.
• In an audio file, Ibrahim Al-Rubaysh discusses the achievements of the Arab revolutions, especially as reflected in the weakening of the US in the Middle East.
• A new jihadist organization, calling itself Ansar Al-Din, is established in northern Mali.
• Al-Tawhid wal-Jihad in West Africa takes responsibility for abducting three European citizens in Algeria.
• A new jihadist organization calling itself Ansar Al-Mujahideen is established in the Sinai Peninsula.
• Three new jihadist media outlets are established: Al-Ibda, Ibn Taymiyyah (identified with the Palestinian Salafi-jihadist Army of Islam), and Al-Faroq (based in Egypt).

References:

The Deep Dark Web -Book

gAtO sAy -mEoW you all- we have a new book coming out soon “The Deep Dark Web” and just wanted to write this as the foreword for the book, I thought it was interesting …//looking for peer review of book…write us

This book is to inform you about “The Deep Dark Web”. We hear that it’s a bad place full of crooks and hackers, but it is more a place were you have total anonymity as an online-user and yes there are ugly places in the dark web but it’s a small part of it. What it really is all about it’s freedom of expression, freedom of speech worldwide, supported by “us/we” the users of the network. It’s not controlled by any government, but blocked by a few like Syria, Iran, Ethiopia, China to name a few governments that want to deny their own people free access to information, to speak freely about their grievances and unite to tear down there walls of oppression.

Pierluigi and I (gAtO) share a passion for cyber security we write different blogs Pierluigi has http://securityaffairs.co/wordpress/ and my site is uscyberlabs.com . We also write at other blogs and print media. We did’nt know it at the time but, we were writing cyber history as the 2011- 2012 cyber explosion took off we were at ground zero writing about Stuxnet, HBGrays, the LulzPirates, Anonymous but the Arab Spring was an awaking :

The recent revolution in Egypt that ended the autocratic presidency of Hosni Mubarak was a modern example of successful nonviolent resistance. Social Media technologies provided a useful tool for the young activist to orchestrate this revolution. However the repressive Mubarak regime prosecuted many activists and censored a number of websites. This made their activities precarious, making it necessary for activists to hide their identity on the Internet. The anonymity software Tor was a tool used by some bloggers, journalists and online activists to protect their identity and to practice free speech.

Today we have lot’s of anonymity communication tools I2P, Freenet, Gnunet and Tor to name a few. Why did the TorProject.org Tor-.onion network become the facto application to get free, private, anonymized Internet access. My conclusion is it’s humble beginnings with “Naval Research Project & DARPA (Defense Advanced Research Project Agency) ” sponsored, maybe you heard of DARPA they kinda created the Internet a long time ago. The government wanted to have a communication secure media that would piggy-bak on the establish Internet. From my point of view when they saw how good this worked the government used it to allow it’s agents to quietly use the network for CIA covert operations (just to name a few alphabet soup government agencies that use it). For example a branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently. Law enforcement uses Tor for visiting or surveilling web sites without leaving government IP addresses in their web logs, and for security during sting operations.

Journalist got a hold of this tool and they too were able to file reports before governments agents censored their interviews and film footage. The EFF (Electronic Frontier Foundation) got a hold of the Tor-networks and promoted it to maintaining civil liberties online. When the common business executive visited a foreign country (like China know to monitor foreigners Internet access) they now had a way to securely connect to their corporate HQ data-center without being monitored and giving away IP (Intellectual Properties). The Tor-Network became to good and the bad guy’s moved in to keep their illegal business safer from the law. The Internet Cyber-criminal has used the claer-web since the start so of course they went over to the Tor-.onion network because it works if you use it right and keeps you anonymous online.

With all this happening and the “Year of the Hack 2011” you can see why security geeks like Pierluigi and I became intrigued with this subject and we teamed up to write this manuscript hoping to answer some of the questions our friends, and peers were asking us about this mysterious hidden world call the deep dark web. We outlined a table of content and started to write about it in our blogs and the story unfolds from here to you. We hope to educate you on how this network works without too much geek talk (ok just a little). We cover the cyber criminals and their ecosystem we cover the financial currency (bitCoins) that is replacing fiat currencies all over the world during this unstable financial times. We tried to cover all the good , the bad and the ugly of the .onion network. We hope it will answer some of your questions but I am sure that more question will come up so feel free to come to our websites and give us a shout and ask your questions about the deep dark web…. - gAtO oUT

06/5/12

Iran Cyber Problems -bad antivirus software

Iran Cyber Problems

gAtO mOnItOrEd – Iran Tor-Relays last night they had blocked all public relays so nobody could use the ToR network. Of course as long as you have private unlisted ToR relay people from Iran could still use the ToR network on the Internet. On the other side of Iran’s Cyber Warfare the Flame cyber worm – is still kicking ass and taking names in Iran. U.S and Israel have accepted the role of chief cyber warrior of the Stuxnet, DuQu and Flame. Some of the first cyber weapons ever made and deployed on a covert mission’s. Do you think that this cyber weapons did not use ToR networks to hide their C&C server never to be found??? So here we have a country suppressing ToR communication (and suppressing Flame, DuQu and StuxNet C&C ToR Communication) and being attacked by 2 of the largest countries in the world. gAtO would call this cyber warfare.

cyber war profiteers –> Who stands to make the most business ($$$) in this cyber warfare. We in the west have Norton, McAfee and other’s to protect our computers and business and government computer enterprise systems – but they cannot do business with Iran- We just had Symantec pull out of a deal with China’s Huawei because of a U.S-DOD contracts-/ a friend pointed to eset.com as the number one anti-virus software distributor to Iran./ When the Iranian government want’s to protect their computers they turn to Eset corporation for their enterprise cyber security support and service. So who are they?

Alexa the number one SEO company – http://www.alexa.com/siteinfo/eset.com – shows Iran is their number one customer—. Why? Eset is based out of the Slovak Republic , Bratislava the capital of Slovakia. It’s not silicone valley – I never heard of a high tech center and educated cyber security experts from that side of the world— We know this area more for cyber criminals but now this little company out in the middle of know-where has some interesting customer. Those countries that nobody wants are becoming their cyber customers, and it looks like Eset is a growing business.

Eset – Contact info: – http://www.eset.com/us/about/contact/ – They have offices in Czech Republic, Singapore, Argentina and the U.S.A – —/$#@! – So the company that is providing the anti-virus software for Iran has offices in America, with American business as customers- gAtO don’t like that much that is why I mentioned it.

Anti-virus software controls every aspect of the safety and security of your computer, your anti-virus software has deep ties to your computers. So this little anti-virus company is now a world player. It could also be our allied and work with us.

From a business point of view – First of all I would fire them. If I was the Iranian government, Stuxnet, DuQu and Flame the same MO and my anti-virus software does not catch it -new business but, oh well if Iran fires them who else would step into this position. This show to gAtO that the old weapon dealers have turn to legit, cyber counter weapons dealers/

customers metric’s: Imagine the statistics from Eset on Iranian government sites?

As a security researcher I just don’t like that Eset is in the U.S.A if they get American customers they can maybe sell their stats to Iran. Security companies like anti-virus have a lot of power. Just a simple update and the new spy-ware can get in and turn on your camera or just record your speech in your house or office. I would stay away from Eset anti-virus software solution – just for me gAtO oUt…

Reference:

Iran Top Sites : http://www.alexa.com/topsites/countries;0/IR

Bratislava: http://en.wikipedia.org/wiki/Bratislava

Alexa-Eset – http://www.alexa.com/siteinfo/eset.com

Eset about page - http://www.eset.com/us/about/contact/ .

WhoIs - http://whois.domaintools.com/eset.com

Registrant:

ESET, spol. s r.o.

Peter Pasko

Einsteinova 24 Aupark Tower, 16th Floor

Bratislava, 85101

Phone: +421.232244111

Email: sysadmin@eset.com

Registrar Name….: Register.com

Registrar Whois…: whois.register.com

Registrar Homepage: www.register.com

Domain Name: eset.com

Created on…………..: 2001-04-18

Expires on…………..: 2013-04-18

Administrative Contact:

ESET, spol. s r.o.

Anton Zajac

610 W Ash St, Ste 1900 Suite 1900

San Diego, CA 92101

Phone: +1.6198765404

Email: sysadmin@eset.com

Technical Contact:

ESET, spol. s r.o.

Anton Zajac

610 W Ash St Suite 1900

San Diego, CA 92101

Phone: +1.6198765404

Email: sysadmin@eset.com

DNS Servers:

e.ns.lanechange.info

ns4.lanechange.net

ns2.lanechange.net

ns3.lanechange.net

ns1.lanechange.net

http://uscyberlabs.com/blog/wp-content/uploads/2012/06/eset_traffic.tiff

02/23/12

Syrian Electronic Army is Open to Hacking

gAtO SeEn- the news about Syria and the Homs murder of protesters and this is a bad thing for the people of Syria and the dissidents. While Russia and China think about this more and more killings have happened. So gAtO thought what is Syria doing in cyberspace? gAtO jimped in and started looking first at the Syrian Cyber Army website www.syrian-es.com this is their main site now with google translator I started to read the site.:

http://translate.google.com/translate?hl=en&sl=&tl=en&u=http%3A%2F%2Fwww.syrian-es.com%2F

As I looked over the site I noticed that they use Joomla 1.5, this is an older version of Joomla full of holes and an easy hack. There is so much open on this site were you can get any of the scripts and look at the code, all this from any browser[1]. This is not rocket science.

Well if the Syrian Army uses this version of Joomla maybe some other government offices in Syria do:

www.raqqa.gov.sy/ar/index.php/local-news.feed

www.industrialbank.gov.sy/index.php?…91

www.uok.edu.sy/…/index.php?

www.reefnet.gov.sy/reef/index.php?

http://parliament.sy/

http://www.rtv.gov.sy/

http://www.addounia.tv/web/main.php

http://www.sana.sy/

Here are a few more sites that yes you guessed it they have the same Joomla 1.5 app running their websites. Knowing that this version has security holes why would a government use it. My only guess is they started in 2008 and if something works well keep it. If this department uses this Application well others will use it. The Syrian government is built on treats and intimidation so anything that is accepted no one will call attention to it, under fear of reprisal this is how all dictatorships work.

Now it comes to us the rest of the world to do something. gAtO contacted USSTRATCOM and Ya’akov Yehudi (Israel Security) to report this and I got nothing back from them so what do I do with information that can help people from getting murdered and killed by an oppressive state. Well here it is I am publishing this information and hope that someone will pick this up and do something with it. It’s a moral thing that gAtO must do, I have seen murder and killings like this in my former country and I could do nothing at that time so here it is, let the chips fall were they fall -gAtO Out

[1] Here are some links from their site and their CODE:

<meta name=”generator” content=”Joomla! 1.5 – Open Source Content Management” />

http://www.facebook.com/pages/%D8%A7%D9%84%D8%AC%D9%8A%D8%B4-%D8%A7%D9%84%D8%B3%D9%88%D8%B1%D9%8A-%D8%A7%D9%84%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A/340192589337632?sk=wall

http://twitter.com/syriansoldier1

http://www.youtube.com/user/syrianes1

www.syrian-es.com/templates/jv-framework/favicon.ico

www.syrian-es.com/templates/jv-framework/themes/jv-melody/css/horizontal.css

www.syrian-es.com/templates/jv-framework/themes/jv-melody/css/vertical.css

www.syrian-es.com/templates/jv-framework/themes/jv-melody/css/accordion.css

www.syrian-es.com/templates/jv-framework/basethemes/css/typo.css

www.syrian-es.com/templates/jv-framework/themes/jv-melody/css/layout.css

www.syrian-es.com/templates/jv-framework/themes/jv-melody/css/template.css

www.syrian-es.com/templates/jv-framework/themes/jv-melody/css/css3.css

www.syrian-es.com/templates/jv-framework/themes/jv-melody/css/template_rtl.css

www.syrian-es.com/modules/mod_nice_social_bookmark/css/nsb.css

www.syrian-es.commodules/mod_yt_content_slideshowii/assets/style.css

http://www.syrian-es.com/modules/mod_jvhotnews/assets/css/jvhotnews.css

http://uscyberlabs.com/blog/wp-content/uploads/2012/02/Syria_Cyber-Army.tiff

02/13/12

tor-talk- Help Users in Iran Reach the internet

Hi,

In the last 48 hours a major campaign of filtering has started in Iran -
it started slow and now appears to be that nearly all SSL/TLS traffic is
blocked on a few major Iranian ISPs. Details are rather rough but we're
working on some solutions - we've long had an ace up our sleeves for
this exact moment in the arms race but it's perhaps come while the User
Interface edges are a bit rough still.

Here's the deal - we need people to run Tor bridges but a special kind
of Tor bridge, one that does a kind of traffic camouflaging - we call it
an obfuscated bridge. It's not easy to set up just yet because we were
not ready to deploy this for everyone yet; it lacks a lot of analysis
and it might even only last for a few days at the rate the arms race is
progressing, if you could call it progress.

There are highly technical instructions here:
tor-assistants at torproject.org ) about it or you'll need
to share these bridges with people you want to help directly. It's a
pain and we're working on it.

Here's a bug report where we're working around the clock to get stuff
going in a user friendly manner:
https://metrics.torproject.org/users.html?graph=direct-users&start=2011-11-12&end=2012-05-10&country=ir&events=on&dpi=72#direct-users

Here's the same graph but for Tor bridge users in Iran:
help at rt.torproject.org. We'll try to
get you a working obfsproxy bridge address and working client software.

All the best,
Jacob Appelbaum jacob at appelbaum.net

https://lists.torproject.org/pipermail/tor-talk/2012-February/023070.html

02/12/12

Cyber Iran

gAtO hEaR- In Iran the nation’s telecommunications ministry publicized in early 2011, it would disconnect Iran from the rest of the world and run a parallel internal service (“Islamically permissible ‘halal’ network”) that would automatically censor material and block popular global sites. In Iran two-thirds of the country’s 78 million people are under the age of 35, and about 40 percent of the population have Internet in their homes, according to Internet World Stats, making Iran one of the highest per capita cyber-connected populations in the world. Iran has a pollution of about 77 million people, about 53% of the people are on the Internet and not one of them is a Facebook user. In nearby Jordans they have 1.7 million users and 1.6 millions of them are on Facebook.

Stuxnet was deployed and stopped their nuclear weapons program. 2 leading scientist were killed Iran blames Massad -CIA. Iran is spending billion on cyber Hardware. Arab Spring. Iran took down U.S Drones. Iran threatens closing down the Straits of Hormuz. Iran claims new Cyber Army is ready for war in Cyberspace.

Now with the March 2, 2012 parliamentary elections we see official of Iran’s Judiciary announced “new limitations” on using cyber space and content publishing on the internet. A task force of 250,000 cyber police currently monitors the Internet, specific sites, blogs and individuals suspected of using circumvention tools. Israeli intelligence officials have revealed that they believe Iran has, in the last few years, spent over a billion dollars to upgrade their Cyber War capabilities.

Iranians have friends like Venezuela and China-based Hauwei corporation which is being investigated by Senators like Rhodes Islands Sheldon’s Whitehouse (“gAtO knows Senator Sheldon Whitehouse he is one of several leaders that understand the complex cyber security issues”) for supplying critical cyber infrastructure to Iran while it supplies equipment and supports the (TS)Top Secret DOD projects. This is clearly a violation when a communist country is providing TS support to our governments and we hear that some of the equipment may have digital backdoors into the infrastructure defeating all virus scanning software. On the other side of friendships Univision uncovered Iranina and Venezuelan diplomats working on launching cyber-strikes against energy facilities and to other U.S assets (NYT 12-13-2011).

Iran’s leaders saw what the Arab Spring brought down last year and they see the Parliamentary elections in March as the most sensitive in the history of the Islamic republic and they will do everything to control it. Beacause of the March 2 elections Iran has ordered all Internet Cafe implement all cyber security monitoring software installed and functioning by Jan. 18. The monitoring include requiring a user to provide full name, father’s name, Iranian identification number, zip code and telephone number, in addition to presenting photo identification. The laws require cafes to install closed-circuit surveillance cameras that must be checked at the end of every business day. Cafes also must keep records of all websites and browsing history, along with surveillance tapes, for six months.

The new restrictions forbid cafes to allow the use of any circumvention technology, such as Virtual Private Networks (VPNs) or proxy servers, the devices Iranians typically use to access blocked sites.

This latest attack on Internet users comes amid increasing tensions between Iran and the West and deteriorating economic conditions as the Islamic Republic preemptively prepares for possible civilian unrest during its parliamentary elections. The Iranian people use tools like TOR to circumvent authorities to get their message thru even though these free TOR networks are getting hammered by the Iranians to try and take them down or get the information of the dissidents.

Let’s support these projects and keep Freedom of Speech open in cyberspace -gAtO oUt.

References:

Internet cafes to install surveillance cameras,

U.S. Expels Venezuelan Diplomat Reportedly Involved in Cyber Attack Plot

http://www.nti.org/gsn/article/us-expels-venezuelan-diplomat-reportedly-involved-cyber-attack-plot/

Parliamentary elections in March seen as the most sensitive in the history of the Islamic republic

http://www.guardian.co.uk/world/2012/jan/08/iran-upcoming-parliamentary-elections-march

Huawei’s Work in Iran May Violate U.S. Sanctions, Lawmakers Say

http://www.businessweek.com/news/2012-01-10/huawei-s-work-in-iran-may-violate-u-s-sanctions-lawmakers-say.html

Iran blocks Tor; Tor releases same-day fix

https://blog.torproject.org/blog/iran-blocks-tor-tor-releases-same-day-fix

Iran’s strict cyber regulations lay groundwork for ‘halal’ network

http://www.foxnews.com/world/2012/01/11/irans-strict-cyber-regulations-lay-groundwork-for-halal-network/#ixzz1jYfN3DAV

Iran Sets Cyber Crime Policy ahead of New Elections

http://www.stopfundamentalism.com/index.php?option=com_content&view=article&id=1299:iran-sets-cyber-crime-policy-ahead-of-new-elections&catid=70:iran-uprising&Itemid=80

02/6/12

Middle East Cyber War Diagram 2012

gAtO sEeN- The last month and a half Israel has been in a slowly escalating cyber war. But suddenly it stopped on Jan 26, 2011. Since there is more to come gAtO wanted to look at the players… I can’t tell if the hatred blinds these people but I do see some of the Israeli hackers being a little cautious and that’s a good thing. From the outside looking in, it’s people against people, there’s a vigor and passions on both sides that sometimes blinds them. I hope it get’s better than worse- gAtO oUt

Middle East Cyber Players

Saudi Side

Khalid Islambouli

1/22/11 Haaretz.com

Capo0_TunisiAno0

a.k.a. – http://qik.com/tunisiano0/videos

Insurance Israeli -revivo.co.il

IGT

Islamic Ghost Team

DEFACEMENTS:

http://www.medradio.ma/forum/ defaced by IslamiC GhoSts TeaM

http://mizpe-ramon.co.il defaced by islamic ghosts team

http://smiles.co.il defaced by islamic ghosts team

http://idankahalani.co.il defaced by islamic ghosts team

http://idan.root.co.il defaced by islamic ghosts team

http://script.root.co.il/index.htm defaced by islamic ghosts team

http://www.elazar.org.il/index.php defaced by IslamiC GhoSts TeaM

http://www.galuku.com/x.html defaced by IslamiC GhoSts TeaM

http://www.lipa.gov.lr/doc/x.html defaced by IslamiC GhoSts TeaM

http://www.mecsindh.gov.pk/x.html defaced by IslamiC GhoSts TeaM

11/20/10 – http://www.computersecurityarticles.info/security/pro-gaza-hackers-target-israeli-websites/

01/21/11 – Smiles.co.il

Watchful Eye Hackers

1/20/11 - Israeli religious new

nayessnet.com

cAligulAsAquARium [FCA]

1/19/11-

CRFI Council of Jewish Institutions of France

Gaza-Hackers

1/19/11 – Israel Anti-Drug Authority

1/18//11 - Calls for Cyber Jihad

Top Iman Tareq Mohammed Al-Suwaidan -

1/18/11 - #OpFreePlasestine hacked

kgsgbank.co.in

indiantvnes.com

sail.co.in

tfkolkata.bsnl.co.in

punjab.bsnl.co.in

Pakistan

Pak Cyber Combat Squad PCCS

1/19/11 -

http://obapaslanmaz.com.tr/

http://noskturkiye.com/

http://narlicpl.k12.tr/

http://bezirgankoyu.com/

http://beykoztrakyalilar.com/

http://bestelhobi.com/

http://bestelmodelarabalar.com/

http://gayegencadam.com/

http://www.beselmobilya.com/

0x0mar

Israeli Side

Yourikan

1/23/11 - King Saudi University

a.k.a – youri2203

TheJ0k3rS

1/22/11 -Sdarabia.com

Security & Defence Arabia

1/22/11 -

Ofra Haza Memorial WebSite

1/20/11 – Iran.tv

Dr. Net

1/22/11 -

Ofra Haza Memorial WebSite

AlienZ Group

1/26/11

http://economistpakistan.com/

http://edutecher.net/

http://phdeb.org

1/20/11 -

LebanonI.com

http://www.cyberwarnews.info/tag/alienz/

1/19/11 -

http://uabonline.org/

1/20/11 – thisweekinpalestine.com

1/20/11 – Lebanonl.com

1/19/11 -

uabonline.org – 500 Arab Accounts

Hannibal

1/21/11 -

Dumps 100k Emalis and Facebook accounts

White Bishop

1/20/11 – Dumps Saudi CC

Anon972

1/20/11 -

codecity.ir Iranina Code site Dumps accounts

HaX.ROOT

CFR Robot Pirate Pakos Hacker

1/19/11 - The Hacker Army

#OpFreePalestine

Prx3RO Li3ht

1/17/11

ZionOps

IDF-Team

0x0mer

Amir Phadida

Middle East Cyber War TimeLine

References:

http://paulsparrows.wordpress.com/tag/hamas/

http://zionops.wordpress.com/2012/02/05/minister-of-public-diplomacy-on-cyber-war-against-israel/

http://uscyberlabs.com/blog/wp-content/uploads/2012/02/Middle-East-Cyber-Players1.png

01/19/12

Timeline Middle East Hacker Cyberwar | 0xOmar -Hannibal

GaTo pUt – this timeline together to better understand the cyberwar that has begun with Israel and -Saudi Arabia and/or Iran. While the el Al Airlines and the Stock Exchange from Israel and Saudi Arabia have been dDoS we get an underground war of hackers that only a few know about. These are the message threads they paint an interesting picture.

Cyber Warfare has started in the middle east and if the same old tit for tat continues this will get ugly very soon. I hate to be the crazy gAtO crying “the sky is falling” but this is big. You can see the Israelis putting out credit cards but not the cvs numbers, holding back much more. Now you have players ready to post bank account numbers and that’s another thing all together. A credit card is one thing a bank account is another to post online.

Then come the cyber war profiteers.

We also have March 2 Iran elections and the U.S elections Nov 4 will the hackers hack.. you betcha….;)-gAtO oUt

Update:————————————–

Jan 20th, 2012

http://adk.co.il/1DM

Credit Cards:

http://adk.co.il/1DM

Download:

http://adk.co.il/1DM

Over 300 thousand tickets have been broken!
0xomar
0xomar
0xomar
0xomar
0xomar Dear Arabs,
I have published over 300 thousand credit cards
Continued to publish and flood sites in Israel:

http://adk.co.il/1DM

Credit Cards:

http://adk.co.il/1DM

Download:

http://adk.co.il/1DM

Over 300 thousand tickets have been broken!
0xomar
0xomar Dear Arabs,
I have published over 300 thousand credit cards
Continued to publish and flood sites in Israel:

http://adk.co.il/1DM

Credit Cards:

http://adk.co.il/1DM

Download:

http://adk.co.il/1DM

Over 300 thousand tickets have been broken!
0xomar

Update:————————————–

JAN 18TH, 2012

Important message from 0xOmar from group-xp

Important message from 0xOmar from group-xp the largest Wahhabi hacker commando of Iran.
Things do not go as well as they should:
* First came the Russians (must be KGB agents) and hacked my 0xOmar@mail.ru email account and changed password.
** Then someone (American FBI feds most likely) hacked my pastebin/0xOmar
*** If this was not enough… some mysterious hand (Allah himself/herself?) keep deleting our group-xp information of none existing cc numbers!
**** Anyway, since I am the greatest 0xOmar with direct power from the President in Iran – I knew what to do. To start my own website at: http://204.188.197.33 But guess what????? Now this has also got hacked and turned into an Apache server start page! This time I have no doubt who is behind this brutal and illegal actions of vandalism! It must be the Apache Indians themselves.
***** Updated: now I am using torrents – just in case, if you discover that you are infected with one of my Trojans while downloading my torrent, the Trojan will only pick your credit card number and any password if possible and be sent further to all your contacts!
Please do not worry about this small technicalities its for the sake of helping the poor Palestinian children in Jerusalem who stand in the middle of the road while throwing stones on Israeli drivers, we will attempt to use your credit card for teaching them where to stand next time they try killing Israeli drivers.
- http://www.youtube.com/watch?v=XlXRAJ7SuVI
- http://www.youtube.com/watch?v=At9b3YQSQ_E
And if its OK with you, I will use the rest of the credit on your card for learning what hacking is, because I am complete clueless lamer when it comes to hacking!
Thank you!
0xOmar from group-xp the largest Wahhabi hacker commando of Iran

0xomar = alm3refh. He is from Iran.
It’s the same one. He tried to disguise himself by presenting a new hacker alias + state.
1.Motives: create intrigues between Israel and Saudi-Arabia – exactly when both countries need to unite against Iran.
2. Old Group-XP defacements from zone-h: http://www.zone-h.org/archive/notifier=Group-XP Note that all the sites hacked are from *.ir peculiar? Not at all- none of the those sites (dozens of them!) exist any more. Showing that they were simply dummy sites used for training by Iranian Cyber unites.
3. Logs from Anonymous IRC networks show great activity from a small group of 3 hackers located in Iran, desperately and unsuccessfully trying to mobile hackers to join them on the relevant #op channels.
But what does it matter? After all is Iran, how to get him ?
The last two days I worked a lot on so it does not hack more than not mess with the Israelis
I sent him e-mail dozens of examples of bank accounts threatened him and he understood with whom he was dealing
Apparently the path to cyber war, and I get a break. Of course after I’ve put one on Saturday night about 100,000 emails and Facebook accounts.
If hackers Arabs will attack Israel and I always show up again. Trust me.
Hannibal

Exposure – Deputy Prime Minister of Iran threatening me

Hi
I now publish the letter he sent me deputy prime minister of Iran
Funny to me that he had time to go into a mailbox and curse and threaten me ..
Mr. Muhammad, you do not scare anyone! You never find me !!!!!
Say thank you at least who censored you the email ..
Link to the picture :
http://i40.tinypic.com/143mkpk.png
State of Iran, I’m so going to teach you a lesson soon
Today I post about 25 000 e-mail accounts and Facebook accounts of arabs to my new permanent procedure.. On Saturday night I will publish new list of 100,000 emails and Facebook accounts
Hannibal
contact email : hannibal@inbox.com
#############################
New List Of 25,000 Emails And Facebook Accounts Of Arabs Hacked By Hannibal
18.1.12
#############################

JAN 17TH, 2012

0xOmar Got Pwned by ZionOps

0xOmar Got Pwned by ZionOps
These guys seems to counterhack him – http://zionops.wordpress.com/

0xOmar, we are coming to take you away hahaha…

Oh mamma, me BIG 0xOmar got hacked! Shame ON me, I nearly convinced everyone that I am NOT from Iran… well I guess I will have to ask the kids IN the neighborhood to help me WITH DDOS… Keep clicking Ayatollah! You hear me!
Yes, I am AN IDIOT http://bit.ly/0xOmar
*Payback:
Israel hacker named Hannibal published information enabling Web users to break into the accounts OF 20,000 Arab Facebook users.
Hannibal said he held information that would allow for the breaking IN to 10 million Iranian AND Saudi bank accounts, AND threatened to cause billions OF dollars IN damage.
http://www.jpost.com/NationalNews/Article.aspx?id=253893
Ein israelischer Hacker, der sich Hannibal nennt, soll unterdessen die Login-Daten von 20.000 arabischen Facebook-Usern veröffentlicht haben.
Derselbe Hannibal drohte auch, er verfüge über Daten, die ihm Zugang zu zehn Millionen arabischen Bankkonten verschaffen könnten. Bereits am Freitag erklärte 0xOmar, der “Cyberkrieg gegen Israel” habe nun begonnen. Die Hamas applaudierte und rief die Hacker zu weiteren Aktionen gegen Israel auf, “um den Widerstand gegen die Besatzer zu verstärken”.
http://www.spiegel.de/netzwelt/web/0,1518,809356,00.html
El domingo, un hacker identificado como Hannibal publicó lo que asegura son datos de log-IN de 20.000 usuarios árabes de Facebook, y aseguró que accedio a datos de cuentas bancarias de 10 millones de usuarios iraníes y saudíes, amanazando con publicarlos y provocar miles de millones de dólares en daños si Irán continúa amenazando a Israel.
http://www.noticias24.com/tecnologia/noticia/13742/hackers-vuelven-a-atacar-importantes-paginas-web-en-israel/
0xOmar, we are coming to take you away hahaha… watch your back!

New 10k Emails+Facebook Accounts Of Arabs Hacked By Hannibal

Here Hannibal
Currently, I published on 100,000 emails and Facebook accounts of Arabs and Muslims around the world
And I will continue to publish tens of thousands every day, after all I have got about 30 million e-mails of Arabs.
Unfortunately today I received an email from Mohammad Reza Rahimi who threatens that would raise most of his men to find me and kill me
I assure you Mr. Fool, you can keep looking as you want, you will not find me even if you have a staff of 1,000 people who search for and carry out search for information about me.
I post today about 10,000 Facebook and email accounts.
In addition, I give hackers attacking the State of Israel a huge threat from me.
Soon I will reveal another surprise. The most cruel surprise. Be prepared to Arabs!
Follow me to get more updates : pastebin.com/u/hannibal
contact email : hannibal@inbox.com
#################################################
New list of 10,000 Emails And Facebook Accounts Of Arabs Hacked By Hannibal
17.1.12
contact email : hannibal@inbox.com
#################################################

JAN 16TH, 2012

Fuck 0xOmar

here is some fucking arabs Gmail accounts for you.
* ALL CREDITS GOES TO THE JEWISH HACKER THAT GOT THE BIGGEST BALLS FOR NOW .oO HANNIBAL Oo,
here’s the links for you….
http://www.megaupload.com/?d=8G213VDX
http://www.uploadking.com/87NN2BFH8W
http://www.uploadhere.com/9P7P60BKT0
http://depositfiles.com/files/qr09c960p
https://hotfile.com/dl/141940776/8cf1e10/15.1.12.txt.html
http://www.filesonic.com/file/POwXJyU
http://www.wupload.de/file/2642852497/15.1.12.txt
.oO HANNIBAL Oo.

Nightmare and 0xOmar DDoS bank Massad of israel

Breaking News:
Nightmare ( Expert Muslim Hacker ) joined to 0xOmar hacking movement.
Nightmare now DDoS Bank Massad of Israel www.bankmassad.co.il
Nightmare and 0xOmar invite all muslim hackers to fight against Israel.
Go Ahead!

Nightmare group & 0xomar saudi hacker against Israel

Nightmare group who successfully Downed bank of America website(http://204.188.197.33/index.php?topic=15.msg36#new) claim they are attacking to DDOS two critical website of Israel :
http://tase.co.il (Tel Aviv Stock Exchange)
http://elal.co.il (Israel Airline)
the Nightmare Group joined to 0xOmar movement and Islamic hackers against Israel

New 30,000 Facebook&Emails Accounts Hacked By Hannibal

Hello there
I noticed that poor intelligence of 0x omar and his friends.
State of Israel, not to worry, you’re in the hands of the world’s best hacker that I am.
I will continue to support the government of Israel will continue to attack the Arab countries
In addition, I received thousands of emails helpless Arabs, who are begging me to stop publishing the Facebook accounts because it violates their browsing experience.
I have about 30 million e-mails of Arabs with passwords I’ll post them throughout my life and my personal list is growing every day hundreds of thousands of emails
Also, I received hundreds of emails of senior politicians from France and other countries, who asked me not to publish the list of the 10 million my bank accounts.
So guys, if the state’s chief Benny Gantz, or Prime Minister Netanyahu declare cyber war, I will have to publish the list of 10 million bank accounts. In addition I also have about 4 million credit cards. Just give a command and i will do it !!
Well guys, I will continue the tradition of mine.
Today will publish about 30,000 accounts Facebook & E-mails
Go Work Jews And Israel !
Begin to corrupt!
Your
Hannibal
contact email : hannibal@inbox.com
#############################################
New List Of 30,000 Facebook&Emails Accounts Hacked By Hannibal
Date : 16.1.2012
############################################

JAN 15TH, 2012

Before I go to rest..

I think about it for ages. I hacked into 3 very large banks in Iran and Saudi Arabia, whom I will not name.
I currently have 10,343,112 of bank accounts.
Do post them? After all there are good citizens, but Arabs are Arabs.
I do not know what to do. If I were to publish them it would be the biggest leak and damage the most ever issued worldwide.
This is billions of dollars in damage.
Lately I’ve been getting many offers various hackers who want to join me, also the group Anonymous
I’d love to get on that guest opinions, what to do about it. Funny one man controls billions of dollars.
Get ready for tomorrow, tomorrow I will publish about 30,000 new Facebook and e-mails of Arabs and Muslims all over the world.
Your
Hannibal
contact email : hannibal@inbox.com

20,000 Arabs Facebook Accounts Hacked By Hannibal

#######################################
20,000 Arabs Facebook Accounts
Hacked By Hannibal
(For more accounts follow me pastebin.com/u/hannibal)
Contact me : Hannibal@inbox.com
I have 30 Million Emails&Passwords of Arabs.
( Every day i will post 2000-100,000 Depends on my mood )
Enjoy it And Share
#######################################
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
#######################################
#######################################
#######################################
A warning to the State of Iran and Saudi Arabia *
In addition, I have 10 million bank accounts of the countries of Iran and Saudi Arab. If Iran continues to threaten Israel and already this week I will publish the private bank accounts and thus make them billions of dollars in damages estimated
#######################################

New Hacked Arabs Emails By Hannibal 15.1.12

Hi
Unfortunately much, I’m very nervous today.
What the hell is this shit, I publish emails tens of thousands of Arabs and Muslims around the world, this is the thanks I get? I ask you, spread this link address to a forum site, some media outlets.
More knowledge annoyed me is that media in the country of Israel as YNET, MAKO, etc write i hacked about 30,000 instead of 30 million emails. This is their huge mistake
(Maybe the fail of 2012 ).
I’ve got 30 million Emails ! 30 million e-mails! 30,000,000 emails !
You Jews, Israelis, are requested to publish the list of hacked emails at any hole on the Internet to spread awareness.
Do not get me wrong, I love Israel.
_____________________
Also, I have details of 10 million bank accounts of Arabs from Iran And Saudi arab who are only available to me. If Iran will worsen the security situation I will have to publish them and thereby harm them of billions of dollars in damages.
_____________________
Today, I continue the tradition and my promise, about 2,000 Facebook and email accounts of Muslims and Arabs. A new list from the oven: D
Go Jews and israelis, begin to destroy them! Enjoy it!
Do not forget to distribute the list of emails in any source, ranging from Facebook to the forums.
Download links —–
http://www.megaupload.com/?d=8G213VDX
http://www.uploadking.com/87NN2BFH8W
http://www.uploadhere.com/9P7P60BKT0
http://depositfiles.com/files/qr09c960p
https://hotfile.com/dl/141940776/8cf1e10/15.1.12.txt.html
http://www.filesonic.com/file/POwXJyU
http://www.wupload.de/file/2642852497/15.1.12.txt

JAN 14TH, 2012

Second Update

Hello world!
I noticed that many Israelis and Jews like the thousands of emails that I published yesterday,
They connect to their mail accounts, changing passwords, began to destroy Facebook to accounts from various sites, with the flag of Israel. That I have to say – I’m proud of you, keep so!
Today I will post 2000 mail accounts and Facebook combined Of Muslims and Arabs from all over the world, go work guys!!
I have fucking 30 milion emails !! every day 2000 emails!!!!
mail contact : hannibal@inbox.com
Enjoy
Download Links ———
http://www.megaupload.com/?d=XMU2N1EL
http://www.uploadking.com/9L7M5E44EB
http://www.uploadhere.com/JOEMYURQ2I
http://depositfiles.com/files/dk75k4td8
http://www.filesonic.com/file/AdZJqKq
http://www.fileserve.com/file/eJzxWQY/14.1.12.txt
http://www.wupload.co.uk/file/2642455927/14.1.12.txt

0xOmar Hack New Fresh Visa Card And Paypal Accounts 2012

0xOmar Hack New Fresh Visa Card And Paypal Accounts 2012
Hi all
visa = 4504
Hacked By Premium-login.com

Dodos attack on bank of America 0xomar Saudi hacker

0xomar official site claim sucsessfully dodos attack on bank of America
Here is original link :
http://204.188.197.33/index.php?topic=15.msg36#new

JAN 13TH, 2012

First update

Wow .. What do I have to tell you …..
I did not like the shit “Arab hackers” did ..
I am very angry about it, Jews were the Holocaust. 6 million died. That’s how you behave?
Hell, you have all the territories in the world to live in, what was special in Israel?
Keep at it, things would not be good anyway.
So let’s move forward, my name is Hannibal Lecter (yeah right ..) and I am a Jew who lived somewhere in the world.
Well, I have about 30 million e-mails of Arabs.
I intend to publish it every day for 55 years until they’re available all the platform.
( 1500 EMAILS+PASSWORDS EVERYDAY )
I do not publish credit cards, bank information and the like. Innocent civilians. Why hurt them financially?
I will destroy them with the online experience.
Want to contact me? Yes yes .. Forget it. (Hannibal@inbox.com)
** Note – Israeli hackers or anyone else in the world are welcome to send me emails+password or other stuff thus unite together and hit the browsing experience of all the Arabs in the world **
Download links —–
http://www.megaupload.com/?d=TSVROXKM
http://www.uploadking.com/UOLAYACUKB
http://www.uploadhere.com/3YXMIBW0P5
http://depositfiles.com/files/ic7qqu21f
http://www.zshare.net/download/98602831f2d397bf/
http://www.filesonic.com/file/RKVglC2
http://www.fileserve.com/file/dddV6nw/13.1.12.txt
http://www.wupload.com/file/2641951207/13.1.12.txt

JAN 12TH, 2012

0xOmar New Update – 2

Pastebin as an Israeli website, deletes all my entries, but keeps Israeli leaks about Saudi cards, keeps other peoples data aginst muslim countries, but deletes my entries in some hours. Pastebin is my next target, dear Pastebin, you can wait for me. People, please follow me in
text-upload: http://www.text-upload.com/user.php?a=0xOmar
You can have my daily 200 fresh Israeli card leak here

0xOmar New Update – 1

Hi
Russian intelligence closed my mail.ru email, so I have created this one. 0xOmar@gaza.net
I saw some stupids said, they’ve found me, one in Mexico, one in Riyadh, one in Dubai, look, let me explain my method, as I know no one can find me, I easily explain it:
I create an exploit page using a browser based exploit, I email URL and put hidden iframe to my exploit page, I infect a lot of PCs around world with my bot, my bot is coded in C++ all by myself, it have a functionality in addition to all features of other bots, it has an encrypted SOCKS5 protocol, I can see live bots in my administrator server, I use them to connect to other and from there to another and … I do it sometimes 2 times, sometimes 4 times, it depends on my hurry. ISPs doesn’t store details of connections on those ports, so don’t waste your time, it’s for Mossad.
I use a really complicated hand-made method for hiding myself, so if you reach to Dubai, Mexico, Riyadh, Minsk, Helsinki, New York, Tel-Aviv, Haifa, Tokyo, Moscow, etc. excellent! You found one my my poor victims.
Ok? Enough said? So stop telling my bots location to media and infecting media with false details.
My other message is to Gazza hackers who have hacked stupid Dany Ayalon’s website and put a foot on his face and sent me a message.
From here, I invite all hackers of world from Islamic world to come together, it’s not matter what you think, I invite all Muslim hackers to unite against Israel, the big enemy of all Muslims.
I invite all Arab-Muslim Hackers to unite against Israel and join this war. I also invite great Turkish hackers which hack a lot of websites daily and notify them to zone-h. Do you remember Gaza flotilla raid? Do not stay silent as you didn’t stay before, let’s do something in return. Let’s fight for ourselves, for what we believe.
I invite all Muslim hackers to fight in two methods:
a) Hack Israeli military, intelligence and their contractors to extract sensitive and hidden information and publish them in internet. It could be even Israeli people data like what I did to credit cards
b) Hack Israeli important sites and publish your message on them
I shout to Israeli authorities and people, you are not safe from me and Muslim hackers. We’ll fight all of our live against Israel, we’ll harm you in any way we can.
From now, I shout to all Israeli people, daily I’ll publish 200 credit cards of Israeli people. All people who’s interested in fresh working credit cards, join our movement, subscribe to our page to receive daily 200 credit cards. Using this method, Israeli banks shred all sites in a day and people will be able to purchase all they want.
So my last message to world, let’s destroy Israel and have a free Palestine without enemies.
My message in Arabic:
http://pastebin.com/4QHukbmc

Message to Poor Isareli Hacker

a) Change your name, you are totally unrelated. You copy everything from me, at least have an original name.
b) You cannot even leak a single working Saudi card, you are nothing, you may publish 10-20 cards, I publish 200 working cards per day.
c) You ask world to help you, how poor you are.
d) Is this a card you published?
Full name: ???? ????? bla bla bla
Full name: ??? ????? WTF??? His name is 3 ? sign and his last name is 5 ?
How poor! How stupid!
You call me to come to your home, do something important, then challange world! I’m only person who can challenge Interpol, Mossad, Danny Ayalon, etc. Because I hurt them in the ass.
Mossad, your 2 weeks of deadline is finishing

JAN 11TH, 2012

Untitled

http://twitter.com/0xOmer
0xOmar You are fucking gay!
You can call me 0xOmer right now,
My name is Omer Cohen from Israel,
I want you come to me house with all your friends and your country!!!
But you don`t have any friend so shut up!!!!
Follow me: http://twitter.com/0xOmer
Here Saudi`s Credit Cards! – Just for you!!!!:

0xOmar from Iran

0xOmar are from Iran:
1. Motives: create intrigues between Israel and Saudi-Arabia – exactly when both countries need to unite against Iran.
2. Old Group-XP defacements from zone-h: http://www.zone-h.org/archive/notifier=Group-XP Note that all the sites hacked are from *.ir peculiar? Not at all- none of the those sites (dozens of them!) exist any more. Showing that they were simply dummy sites used for training by Iranian Cyber unites.
3. Logs from Anonymous IRC networks show great activity from a small group of 3 hackers located in Iran, desperately and unsuccessfully trying to mobile hackers to join them on the relevant #op channels.
See also: http://pastebin.com/VhQWJSt9
4. Thats his real name: ???????? ?n?i?gg?e?r????? http://pastebin.com/3vrUFyj1

0xOmar ARE from IRAN

Source: http://pastebin.com/VhQWJSt9
0xOmar is from IRAN.
Not SAUDI ARABIA
We have several proofs for this. He hacked pcgames.co.il with an IRANIAN IP (stupid idiot was unable even to cover his IP)…
Of course he will pretend to be saudi arabian because he knows what Israeli hackers can do and they will blame their biggest enemy in the region so they’ll take all the fire.
No saudi will say “long live king abdullah”… He is so fake its pathetic. Also there is no “wahabi” section of anonymous cause the religious fanaticism of wahabbia is against everything anonymous stands for.
Iranian citizen should be prepared for the stone age
viva israel

JAN 8TH, 2012

0xOmar Hacker Location Detected

0xOmar is not Saudi, we’ve detected his IP address after his breach into our shopping website using a simple vulnerability in our CMS. I don’t want to name our website here, it’s just a Hebrew shopping website.
We took our website down and started to trace his IP address, he’s located in Dubai, UAE. We have a lot of proofs of it. We’ll forward all proofs to the police. They’ll take care of him.
Just to let you know, he’s a stupid, he can’t even use a simple VPN to hide his IP, there is no VPN service in Dubai and we’ve found his direct IP address.
I’ve contacted another shopping website who’s hacked by same hacker, asked him to search his IP in their logs and they found his PHP shell in log files which has been access with same IP.
My message to 0xOmar, wait for Mossad, he’s coming, wait for a knock knock on your door, you’ll see our power in detecting hackers.
I was sure he’s not Saudi and he’s not part of Anonymous hacking movement, Anonymous also confirmed it. He also didn’t mentioned anonymous in his other posts.
Wait for us 0xOmar, wait for us… It’s COOOOOMMMMMMIIIIINNNNNGGGGGG!

JAN 7TH, 2012

ty 0xomar and group-xp from Israeli anon

ty 0xomar and group-xp from Israeli anon
a lot of Israeli retail website’s became a lot safer to use due to your efforts
the privacy of users hes been long overlooked in these industry for a long time
your hack of reckless DB holders witch legitimate there data gathering
in the clams of it is necessary for billing and put it on the table of Israel debates
am not “”"big fan of your opinions”"” but am a huge fan of the consequence of your actions
ty for making Israel a better state to live in good luck in future efforts
lulzylu@gmail.com

JAN 6TH, 2012

0xOmar

0xOmar MOSSAD IN COOOOOOMMMMMMMIIIIIIIINNNNNNNNGGGGGGGG……

@0xOmar Omar Habib

everyone meet the great “Hacker” @0xOmar,
he is actually a 19 years old loser, who had been exposed by israeli Student.. no, not mossad, or any other cyber fighting force.. just a student.
Omar Habib was born in Saudi Arabia, currently living in Mexico, and works in a Caffe there.
(of course the poor gay bastard claims it’s not him, and no one will ever catch him (just like Carmen San Diego LoL)
but he also claimed to be part of Anonymous.. wich denny any connection with this moron ))
smile loser, you’re becomming a celebrity.. )))))))))))

JAN 5TH, 2012

to @0xOmar

childish arrogance..
you know you’ll be caught eventually?..
they all thought they won’t be.. all the greatest ones.. even k. mitnick went down eventually..
the question is only what will they do with you, when they eventually will..
.. Mabhouh “tasted” the consequense.. it was strangely tasting like a pillow..

JAN 3RD, 2012

Untitled

Hi
It’s 0xOmar from group-xp, largest Wahhabi hacker group of Saudi Arabia, the Saudi Arabia hackers of Anonymous hacking movement.
We have posted this message in pastebin, but it seems they have deleted the file. So I try to use this page.
We decided to relase first part of our data about Israel.
and bla bla bla…
we claimed to have leaked 400000, wich eventually summed to only 6000 working ones
and a Uber shitload of usless ones.
the super secured government servers we hacked, were just some shopping website databases..
and those 6000 working were closed just couple of hours later by the credit companies
the credit companies were harmed by our great hacking skills, just as a tank harmed by a toothpick.
so it seems we’re just a bunch of usless |4m3><0rz

@0xOmar and @XP-Group

To @0xOmar and @XP-Group
It takes but one flap of a butterfly’s wings to start a hurricane. It takes but one spark to ignite the flames of revolution. I have not taken the time to read up on your motives yet, but I trust they are true. You are not |am3><0rz, you hurt them more than you know. They are trying to downplay the incident, to cover it up. You have instilled fear in them. If your motives are true and your intentions are pure, you will triumph.
Signed,
@S133K

JAN 2ND, 2012 – The Begining

0xOmar

It’s 0xOmar from group-xp, largest Wahhabi hacker group of Saudi Arabia. We decided to relase first part of our data about Israel. We have hacked a lot of Israeli servers and extracted a lot of information about Israeli people, their name … We decided to give the world a new year gift, about 400000+ Israeli people information!
But forget it, I forgot where I left my glasses.

Hi
It’s 0xOmar from group-xp, largest Wahhabi hacker group of Saudi Arabia, the Saudi Arabia hackers of Anonymous hacking movement.
We have posted this message in pastebin, but it seems they have deleted the file. So I try to use this page.
We decided to relase first part of our data about Israel.
We have hacked a lot of Israeli servers and extracted a lot of information about Israeli people, their name, address, city, zipcode, Social Security Numbers (Israeli ID
numbers), mobile phone number, home phone number, credit card number (including exp year, month and CVV) and…
We daily use these cards to solve our problems, purchasing VPNs, VPSes, softwares, renting GPU clusters, renting cloud servers and much more!
We decided to give the world a new year gift, about 400,000+ Israeli people information!!!
Here is list of data I leak:
** 4000.htm, it includes 4000+ credit cards and all needed information. All is Israeli.
** 27000.htm, it includes 27000+ credit cards and all needed information. All is Israeli.
** Cards1.mdb, it includes 260272 credit cards and all needed information. It includes address, emails and passwords of 260272 Israeli people.
** Cards2.mdb, it includes 120745 credit cards and all needed information. It includes address, emails and passwords of 120745 Israeli people.
** IsraCards1.txt, it includes 184 working fresh Israeli credit cards and all needed information.
** Business.mdb, it includes 22604 Israeli business people details, including, names, addresses, phone numbers, passwords, etc.
** Judaism.txt, it includes 65 Zionist people who purchased stuff from Judaism web site
** TblDonate.htm, it includes 500+ people who donated to Israeli Zionist Rabbis.
If you need to purchase something, you have to use Google Translate to convert hebrew letters to engish.
It’s first part of our release, my goal is reacing 1 million non-duplicate people, which is 1/6 of Israel’s population.
We have it already, including 1M Israeli social security numbers (ID numbers) and all of their details, we want to see reactions to first part, later we’ll release rest!
Enjoy purchasing stuff for yourself in internet, like VPN, VPS, Software licenses, commercial emails, domains, etc.
We even purchased security scanners like Acunetix to hack more servers using these cards!
What’s fun for us?
- Watching 400,000 people gathered in front of Israeli credit card companies and banks, complaining about cards and that they are stolen
- Watching Israeli banks shredding 400,000 credit cards and re-generate new cards (so costly, huh?)
- Watching people purchasing stuff for theirself using the cards and making Israeli credit cards untrustable in the world, like Nigerian credit cards
- and much more…
Enjoy our work and feel free to contact us.
Web Contact Form: http://www.alm3refh.com/vb/sendmessage.php?s=320f490dcb6c84895a4b62321bb6a4ae
Our website: http://www.alm3refh.com/vb/
Saudi Arabian hacker rules!!!
Israeli Data Leak File:
http://goo.gl/k9Iws
(30 MB compressed, 210 MB uncompressed)
We are anonymous, we are legion, we do not forget, we do not forgive…
Enjoy and share it!

References:

Exposing the identity of 0x0mar	Jan 18th, 12	Never	1,195	None	Public	-
Exposure – Deputy Prime Minist…	Jan 18th, 12	Never	1,875	None	Public	-
New 10k Emails+Facebook Accoun…	Jan 17th, 12	Never	5,651	None	Public	-
New 30,000 Facebook&Emails…	Jan 16th, 12	Never	19,726	None	Public	-
Before I go to rest..	Jan 15th, 12	Never	4,686	None	Public	-
20,000 Arabs Facebook Accounts…	Jan 15th, 12	Never	8,807	None	Public	-
New Hacked Arabs Emails By Han…	Jan 15th, 12	Never	2,230	None	Public	-
Second Update	Jan 14th, 12	Never	2,246	None	Public	-
First update	Jan 13th, 12	Never	6,383	None	Public	-

NAME / TITLE	ADDED	EXPIRES	HITS	SYNTAX	STATUS	OPTIONS
Important message from 0xOmar …	Jan 18th, 12	Never	197	None	Public	-
0xOmar, we are coming to take …	Jan 17th, 12	Never	252	LOL Code	Public	-
0xOmar from Iran	Jan 11th, 12	Never	183	None	Public	-
0xOmar ARE from IRAN	Jan 11th, 12	Never	541	None	Public	-

NAME / TITLE	ADDED	EXPIRES	HITS	SYNTAX	STATUS	OPTIONS
0xOmar Official Site	Jan 13th, 12	Never	1,219	None	Public	-
Recent Updates	Jan 12th, 12	Never	575	None	Public	-
Credit Cards Location	Jan 12th, 12	Never	742	None	Public	-
Message to Poor Isareli Hacker	Jan 12th, 12	Never	317	None	Public	-
My Message Day 2	Jan 12th, 12	Never	433	None	Public	-
0xOmar New Update – 2	Jan 12th, 12	Never	961	None	Public	-
0xOmar New Update – 1	Jan 12th, 12	Never	622	None	Public	-
????? ???	Jan 11th, 12	Never	17,650	None	Public

http://pastebin.com/search?cx=partner-pub-4339714761096906%3A1qhz41g8k4m&cof=FORID%3A10&ie=UTF-8&sa.x=0&sa.y=0&sa=Search&q=0xomar&tbs=qdr:d

http://pastebin.com/u/hannibal

http://pastebin.com/search?cx=partner-pub-4339714761096906%3A1qhz41g8k4m&cof=FORID%3A10&ie=UTF-8&q=0xomar&sa.x=0&sa.y=0&sa=Search

http://uscyberlabs.com/blog/wp-includes/images/smilies/icon_sad.gif

contraseña vIeJa

Weaponize the Tor Network:

Mapping Tor Relays

Cyber Illuminate – Prism

Government use of Cyber Weaponized Exploits

Stopping Pedophile websites in Tor

Tor friendly ISP

Tor Websites over 1/3 TANGO DOWN

Do You Want To Play a Cyber War Game China?

Tor OR-relay map of Italy

Finding Tor Websites –geo-location

Tor – Unix Commands

Tor Tells It’s Secrets

Tor is NOT the ONLY Anonymous Network

China Hackers found in Tor

Finding the Bad Guy’s in Tor -triangulated irregular network

Tor Website 36% are Criminals Sites

Mapping Tor Websites

Currency of the Cyber Economy

Cyber Women and Hollywood

China Cyber Attack -AGAIN

@gAtOmAlO2 tweets
Loading tweets ...
Follow @gatomalo2 on twitter.

-0-1-0-1-0-1-0-1-0-1-0-1-
.onion network Anonymous Banks BitCoins Black Hats China Attacks china cyber china espionage China Hack China security Chinese Goverment cyber-spies cyber-thieves Cyber Criminals Cyber Dissident Cyber Espionage Cyber Financial Cyber Intelligence Cyber Monitoring Cyber Notebook Cyber Policies Cyber Politics Cyber Reputation Cyber Revenue Cyber Strategy Cyber Study Cyber Threats Cyber Tools Cyber War Cyber Warfare Cyber Weapon Dark Web Deep Web Goverment Hackers Hacks Hacktivist human rights Information Warefare Infrastructure Notes to Myself Onion Web Social Media ToR Tor Network

mUsIcA by gAtO

Celtic Salsa

d-beat of my heart

classical Maggie

alissa's song

gAtO_jam 01

gravity down

mandy's soundsbox

gAtO_jam 02

1-cry-4-d-night

Copyright Notice 2012

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of USCyberLabs.com and the USCyberLabs member that posted this content--this includes using our RSS feed for any purpose other than personal use. ©Copyright ™uscyberlabs.com 2012

USCyberLabs

Cyber Security Notebook

Category Archives: Middle East

Iran Sites Open 2 Joomla -K-CMS Hacking

Anon iWot Team (Internet War On Terror)

Cyber Jihad Intelligence last 6 months in 2012

Jihad Intelligence last 6 months in 2012

Jihad Intelligence last 6 months in 2012

Iran Cyber Problems -bad antivirus software

Syrian Electronic Army is Open to Hacking

tor-talk- Help Users in Iran Reach the internet

Cyber Iran

Middle East Cyber War Diagram 2012

Timeline Middle East Hacker Cyberwar | 0xOmar -Hannibal

Jan 20th, 2012

JAN 18TH, 2012

JAN 17TH, 2012

JAN 16TH, 2012

JAN 15TH, 2012

JAN 14TH, 2012

JAN 13TH, 2012

JAN 12TH, 2012

JAN 11TH, 2012

JAN 8TH, 2012

JAN 7TH, 2012

JAN 6TH, 2012

JAN 5TH, 2012

JAN 3RD, 2012

JAN 2ND, 2012 – The Begining

References: