Anti-Jihadi Hacker The Jester Hits WikiLeaks Site With XerXeS DoS Attack
Infamous anti-jihadi hacker The Jester (th3j35t3r) is claiming responsibility for a denial of service attack (DoS) attack that temporarily disabled the WikiLeaks website just hours before the release of thousands of classified documents.
WikiLeaks, the secret-sharing website led by fugitive founder Julian Assange, has been plaguing the U.S. government with repeated postings of leaked materials.
The WikiLeaks Twitter account carried the message, "We are currently under a mass distributed denial of service attack," for several hours on Sunday.
The Jester Tweeted that he was carrying out the attacks, "for attempting to endanger the lives of our troops, 'other assets' & foreign relations..."
During the WikiLeaks website outage, The Jester's Twitter page indicated that he was conducting the denial of service attack, although several of the Tweets have since been deleted.
Earlier this year, I conducted several interviews with The Jester regarding his repeated attacks on militant Islamic websites, including successful disruptions of the sites administered by the Taliban and by Iranian President Mahmoud Ahmadinejad.
DoS attacks are nothing new, and are usually perpetrated by flooding a target server with simultaneous communications through several different techniques, but The Jester has developed a method that represents a twist to the tactic.
He employs an innovative tool he calls XerXeS, which can produce an automated DoS attack without relying on an army of zombie computers controlled through a botnet, and the attack can be carried out with one low-spec computer.
"Okay it started with a little script I wrote a while back to harden-test servers," The Jester told me in February.
"I modified this script, and it was just a nasty script, very cumbersome. When I realized the extent of the jihad online recruiting and co-ordination involvement (much later), I realized I could turn this script into a weapon."
"XerXes requires no zombie network or botnet to be effective. Once a single attacking machine running XerXeS has smacked down a box, it's down, there is no need for thousands of machines. But, XerXeS does not hurt intermediary nodes along its path to the target. So the answer is that such institutions' systems would still be intact, as it causes no collateral damage, just not functional."
I witnessed several live demonstrations of XerXeS capabilities, and The Jester subsequently supplied Infosec Island with two exclusive videos of the technique in action:
The videos show the high level of control XerXeS commands, as The Jester is able to take down a target website in a matter of minutes, and return the website to an operable state in seconds.
"Many people worry about the nodes between me and the target. This technique affects nobody but the intended target. All intermediaries remain unaffected," The Jester stated.
Now it appears The Jester is not limiting his attacks to militant jihadi websites, and has decided to unleash the wrath of XerXeS on the WikiLeaks outlet.
The bulk of the documents to be posted by WikiLeaks were previously provided to several news agencies, so the disruption to the WikiLeaks website would not have prevented the release of the so-called "Embassy" documents.
The classified data dump is supposed to contain diplomatic communications that reveal some unflattering statements from U.S. officials regarding the leadership of several allies, as well as information on several international hot spots like North Korea, Iran and Iraq.
Any operational business model relies heavily on IT support and the help desk to achieve maximum uptime for all IT systems. This white paper addresses ways for help desk analysts and IT support staff to easily and efficiently handle their workload by simplifying and automating processes to increase time and operational cost savings, enhance productivity, and boost customer satisfaction. more
