Forwarded from: William Knowles <wkat_private> http://www.wired.com/news/conflict/0,2100,56896,00.html By Brian McWilliams Dec. 18, 2002 In a case that shows both the risks and rewards of vigilante tactics, an American man has hijacked two Web addresses apparently used by al-Qaida to laud terrorist attacks. The domains, jehad.net and jehadonline.org, are now in the control of a manager for a large Minnesota financial services firm. The man said he wrested control of the domains from their owners after reading on Dec. 8 that al-Qaida used jehad.net to claim responsibility for recent attacks on an Israeli airliner and a hotel in Kenya. "I believe in free speech, but it upsets me to see people using this great medium for such evil purposes," said the man, who asked not to be identified but said he was willing to cooperate with U.S. investigators. But some said the Minnesota man's actions, like those of other patriotic hackers, could hinder rather than help the U.S. government's war on terrorism. "This guy might think he's being a hero, but in fact he's an idiot," said an official with DV2, the Atlanta ISP that hosts the sites. "The FBI has been closely watching these sites, and by taking the law into his own hands he may have screwed that up." A spokesman for the FBI's terrorism task force in Atlanta said he could not comment on the incident. The owners of both jehad.net and jehadonline.org configured the domains to point to the same site at DV2. In an October message on the site, al-Qaida praised an attack in Yemen on a French oil tanker. Last July, the site posted an audio message attributed to an al-Qaida leader who threatened new attacks on the United States. The Minnesota man said he was able to gain control of the two domains last week after breaking into the MSN Hotmail account of someone using the name Julliou Armani, a resident of Saudi Arabia listed as the contact for jehadonline.org. The handful of saved messages in Armani's account included some with user names and passwords for managing the domains, the Minnesota man said. Armed with that information, the hacker vigilante could have modified the domains' records so that they no longer pointed to the al-Qaida messages. But he has so far resisted the urge to sabotage the sites. "If I see a crime taking place, I'm the sort of person who would jump in to try to stop it," he said. "I don't like that kind of thing happening in my world." Eugene Schultz, a security expert with the Lawrence Berkeley National Laboratory, said law enforcement has "been burned" in the past by trying to collaborate with online vigilantes. While Schultz said the government is unlikely to "deal effectively" with al-Qaida sites, he added that patriotic hackers might unintentionally tip off terrorists or even goad them into retaliatory action. "When faced with the opportunity to drive the bad guys off the Net, the only ethical and legal solution is to contact law enforcement and hope for the best," Schultz said. To gain access to Armani's e-mail account, the Minnesota man said he used a Hotmail feature that provides hints for users who forget their passwords. He said he correctly guessed the answer to Armani's self-chosen Hotmail "secret question," then he reset Armani's password. Microsoft representatives were not immediately able to comment on whether MSN would officially report the Hotmail account hijacking to law enforcement. The hacker said he is willing to provide officials with the information he got from the account, which included credit card data used by the original owners to register one of the domains with VeriSign, as well as aliases and addresses used by the site operators. But even the organizer of an online effort to shut down terrorist sites frowned on hacking al-Qaida. "I think information warfare is best left to governments and should not be waged by civilians," said Aaron Weisburd of the Internet Haganah, which relies exclusively on notifying ISPs and law enforcement. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Dec 19 2002 - 19:34:48 PST