Cyber Jihad Isn’t Here Yet
Friday November 9, 2007 at 1:33 pm CST
Posted by Matthew Wollenweber
There’s a lot of hype circulating around about a Jihad application meant to wage cyber war in the near future. A lot of people have speculated and while the experts are dismissive, the topic is still getting a lot of press and worrying average users. I took a bit of time to examine the binary and I don’t believe it poses a huge threat. Here are my reasons why:
- The program is written in Visual Basic. While there’s nothing wrong with that, VB is not the preferred programming language of very many professionals. C\C++\C# would tend to be better choices for complicated and efficient programs. VB tends to be a language for quick applications or for those beginning programming.
- There is a tracking website required to use the application. Terrrorists don’t like to be tracked. Further, the site tracks referrals – thus it would be trivial to create cliques of users, which again is something terrorists would be desperate to avoid.
- The website variables are in English. Extremists/Islamic Jihadists tend to not speak English, remember all the stories about the few English speakers they use? These guys have some understanding of English – indicating they might not be the stereotypical terrorist.
- The web url is hard coded and it’s to a real web server. We’re in an age of dynamic dns and fast flux. A static/real url is very amateur and easily blocked.
- There didn’t appear to be capability to dynamically update the program remotely – this would be key for updates and avoiding being blocked. I did a VERY QUICK analysis, but didn’t see this capability.
- The executable wasn’t encrypted and didn’t fight malware analysis – real malware writers love to do malicious things to AV guys. They weren’t in this executable.
- The webserver had frontpage extentions – this again just seems out of place for cyber war.
All told, the little bits of analysis make the code look to be written by high school or early college kids. If their network gets large enough, maybe they could have caused harm. Right now the websever isn’t working and the app seems like a no-go. I’d suggest everyone block traffic to the server http://al-jinan.net and stop worrying.
November 12th, 2007 at 3:34 pm
Just what the world needs, another propeller-head that has appointed himself critic. Remember, nobody asked him — he just volunteers his arrogant opinion — and you know what they say about opinions.
A skilled VB programmer can produce the exact same product as a skilled C++ programmer — this is petty programmer bias..
I would like to point out that it is easy to criticize any software product.
I would also loke to point out that this is undoubtedly an early version — it will get better.
This statement, “All told, the little bits of analysis make the code look to be written by high school or early college kids,’ is nothing more than bad manners.
Go back to your cubicle.
November 12th, 2007 at 11:19 pm
Good grief. What a load of condescension on your part. Not very security minded or forward thinking, are we?
1. “VB is not the preferred programming language of very many professionals. C\C++\C# would tend to be better choices for complicated and efficient programs.” So what? Jihadis like to hit and run. Simple, swift, and functional with as much collateral damage as possible is perfect.
2. “Terrrorists don’t like to be tracked. Further, the site tracks referrals – thus it would be trivial to create cliques of users, which again is something terrorists would be desperate to avoid.” True enough, however, ever hear of blind sites? how-about “freaking”, where you jump onto other peoples networks and sites and jump out again, with little thought for the other guy. Gee, that sounds Jihadish.
3. “Extremists/Islamic Jihadists tend to not speak English, remember all the stories about the few English speakers they use?” Not only is your head in the sand, but it must be up something else. Besides the obvious dolt speak, if you learn code you don’t need English, dufus. Knowledge of English did not stop 19 Islamonazi martyr boys from commandeering 4 jumbo jets and smashing them and their contents (people-real people) into things. They will learn what they need to learn to blow you and your neighbors cat into the next lifetime. Think, please.
4. “A static/real url is very amateur and easily blocked.” These guys count on spread. The more junk you throw the more potential damage. They don’t give a rat’s tail about “slick”. Only you care about that, and THAT is what they hope you are concerned with. THINK!
5. “rontpage extentions – this again just seems out of place for cyber war.” Look, for brevity I’m going to skip the rest of your curlish drivel. Has the thought ever occurred to you that this might just be the opening salvo? So what if they’re amatures? So what if they’re high school AV geeks? Don’t discount them. Two kids with guns and internet Goth ramblings terrorized suburban Colorado. Another solo nutter shot-up Virginia Tech, and you still want to brush this off?
God help us all. And remind me not to call on you to save my chestnuts. WAKE -UP! Stop whacking-off on World of Warcraft, and start planning a strategy about “Whack-a-Jihadi”.
November 13th, 2007 at 3:01 am
“… C\C++\C# would tend to be better choices for complicated and efficient programs. VB tends to be a language for quick applications or for those beginning programming.”
What a maroon. Could you be any more clueless? C# is .net managed and so is VB (version after 6). Both ‘compile’ to the same executable. You seem to be too busy getting stuck on stupid in your efforts to talk down VB.
If you had listed C/C++ and maybe added assembly, then you could have made a valid point about the sophistication of the binary
November 13th, 2007 at 6:25 am
Wow, the commenters are a bunch of dicks, aren’t they? The review seems pretty clear cut and reasonable. A cursory investigation of the program reveals signs that its pretty amateurish, easily countered, and not that big a deal. You don’t have to be a September 10th-er to believe this is possible. While cyber-jihadism is real and ongoing (youtube is full of jihadi propaganda), this “hacker” program is largely a creation of media hype. It appears as if the program is more valuable as propaganda than as a DDOS tool. Its not surprising. The jihadis are a pretty fucking stupid bunch of twats. They can pull a trigger, press a butan and receive paradise, and film themselves while sawing off heads, but that’s about it. I mean, look, VB? Get the fuck outta here.
November 13th, 2007 at 7:38 am
Um… why would you be showing them the shortcomings of their design? Are you gonna volunteer to re-write it for them next?
November 13th, 2007 at 7:56 am
RTOFL… looks like the author hurt the feelings of some terrorist / jihadi sympathizers (aka anti-war liberals, 60s retreads desperately trying to ‘matter’)
That or the actual clowns who wrote the thing defending their buffoonish amateur work.
Seriously… the comments sound like people trying to promote some new product (it will get better, just wait and see!), rather then commenting on a malicious piece of software “supposidly” written by a bunch of thugs and murderers.
I say supposidly, because the thing honestly appears to be a middle-school “intro to programming” joke. Its THAT BAD. Might as well be “10 goto 10″
November 13th, 2007 at 1:57 pm
All the nitpicking over computer language and programming aside, doncha think if the ‘cyber jihadists’ were that hellbent and capable of blowing the internet to smithereens, they would have done so already?
Sheesh.
November 13th, 2007 at 3:27 pm
C+ was my English grade.
VB is Virginia Beach.
what code?
those are my bonafides.
the “killer app” here is Phase One. (Kos’s opening salvo).
could it be a “shake-down cruise”? try it to see what happens and then refine. how about a diversion?
or even worse, a “plant”. eliminate the talkers.
the threat has always been there.
when would the threat become real and succeed?
stay tuned.
same Bat Time, same Bat Channel.
November 14th, 2007 at 6:58 am
Apologies, I didn’t mean to start a fight about which programming language is better than another. In my opinion each has it’s own place. I can code in VB and I’ve used it many times.
I won’t get into a flame war with you guys. However, there’s a rational discussion in here if you want it. First, VB is a very powerful language. However, the bar to start righting graphical, internet driven programs in VB is significantly less than it is to do the same in C/C++. Simply put, someone with less experience can more quickly produce a more featureful program. Clearly, none of this is a negative.
From my personal experience, I’ve seldom seen performance oriented software written in VB. To me, performance, is key in a DoS application — you want it to dump as much data as you can. True, VB supposedly compiles down to the same binaries as MS Visual C++, but that’s fairly recent. Likewise, I’ve found the syntax difficult to scale into large projects. Finally, I’ll say that I’ve never seen many examples of writing raw packet tools in vb. I’m sure it can be done, but it’s far more common in other languages.
So again, apologies for anyone that feels I insulted VB. That wasn’t my intention. Personally, I’m fairly language agnostic. But, I do stick by my analysis of the tool. It wasn’t very sophisticated or modular. It didn’t appear that it could upgrade the feature set easily. Ultimately, no apparent attack happened. Some combination of the tool and/or planning appeared inadequate — which fits with my analysis.
November 24th, 2007 at 9:42 am
You’ve provided a good explanation of why al Qaeda’s malware jihad is a dud. I’ve updated this blog post to link to your article:
al Qaeda Declares Internet Jihad Starting November 11, 2007