Internet Security Company Cracks Special Jihadist Software
By Andrew Cochran
CT Blog posting from Jim Melnick, iDefense Intelligence Team, VeriSign, Inc.
On January 1, 2007, the pro-terrorist group, "Global Islamic Media Front" (GIMF) announced the "imminent release" of what they called "the first Islamic computer program for secure exchange on the Internet." Some Western websites that track online terrorist activity reported on the GIMF announcement, but it has otherwise not received any serious media attention. iDefense/VeriSign has since found a copy of this program, "Mujahedine Secrets," on a pro-terrorist Arabic language forum and has begun analyzing its capabilities and assessing what its impact will be. Earlier this week we announced this to our client base, which includes numerous key elements of the U.S. government. We are continuing to discover new aspects about the software, which we believe is bound to spread quickly in the online pro-terrorist world. As far as is known, none of this new information has been announced publicly anywhere else other than among the pro-terrorists themselves.
The "Mujahedine Secrets" encryption program offers terrorists and their sympathizers several key features, some of which are common features of PGP programs that are currently available elsewhere as well as other features that appear to be new. Technical analysis is ongoing and will be assessed in future iDefense reporting. Most importantly, this program is an executable application that does not need to be installed onto a PC and can be used with a USB drive. According to iDefense Middle East analyst Andretta Summerville, "the program's 'portability' as an application (not requiring installation) will become an increasingly desirable feature, especially considering the high use of Internet cafés worldwide by pro-terrorist Islamic extremists." The use of the 'Mujahedine Secrets' on a portable USB drive will offer additional anonymity to those who use the program, which may make it increasingly difficult or even impossible for investigators to track down the source of activity further than the Internet café itself.
Due to the strong "marketing" campaign of the program by the Global Islamic Media Front in Arabic-language forums, specifically on hacker and pro-terrorist forums, "Mujahedine Secrets" is likely to reach a broad audience of pro-terrorist supporters online and Arabic-speaking hackers. The PDF file included with the software assists non-English speaking users in the application's operation. This, unfortunately, could greatly impact the threat landscape of pro-terrorist communications worldwide, since it will make it easier and more comfortable for those Arabic speakers who may have been wary of using English-based encryption programs to use a program developed by "their own" people. According to a statement within the Arabic PDF file, this is a code that they have been developing for years. iDefense/VeriSign is continuing to assess what the impact will be with this new software - both as to its technical characteristics as well as how it will be greeted in the pro-terrorist online world. Requests for follow-on information on this development or information on how to obtain iDefense products can be sent to: di@idefense.com. Jim Melnick, Director of Threat Intelligence, iDefense/VeriSign, Inc.
Jim Melnick is director of threat intelligence for iDefense, the security intelligence arm of VeriSign, Inc., which operates the systems that manage the ".com" and ".net" domains. (Note: VeriSign is a client of GAGE LLC)
CT Blog posting from Jim Melnick, iDefense Intelligence Team, VeriSign, Inc.
On January 1, 2007, the pro-terrorist group, "Global Islamic Media Front" (GIMF) announced the "imminent release" of what they called "the first Islamic computer program for secure exchange on the Internet." Some Western websites that track online terrorist activity reported on the GIMF announcement, but it has otherwise not received any serious media attention. iDefense/VeriSign has since found a copy of this program, "Mujahedine Secrets," on a pro-terrorist Arabic language forum and has begun analyzing its capabilities and assessing what its impact will be. Earlier this week we announced this to our client base, which includes numerous key elements of the U.S. government. We are continuing to discover new aspects about the software, which we believe is bound to spread quickly in the online pro-terrorist world. As far as is known, none of this new information has been announced publicly anywhere else other than among the pro-terrorists themselves.
The "Mujahedine Secrets" encryption program offers terrorists and their sympathizers several key features, some of which are common features of PGP programs that are currently available elsewhere as well as other features that appear to be new. Technical analysis is ongoing and will be assessed in future iDefense reporting. Most importantly, this program is an executable application that does not need to be installed onto a PC and can be used with a USB drive. According to iDefense Middle East analyst Andretta Summerville, "the program's 'portability' as an application (not requiring installation) will become an increasingly desirable feature, especially considering the high use of Internet cafés worldwide by pro-terrorist Islamic extremists." The use of the 'Mujahedine Secrets' on a portable USB drive will offer additional anonymity to those who use the program, which may make it increasingly difficult or even impossible for investigators to track down the source of activity further than the Internet café itself.
Due to the strong "marketing" campaign of the program by the Global Islamic Media Front in Arabic-language forums, specifically on hacker and pro-terrorist forums, "Mujahedine Secrets" is likely to reach a broad audience of pro-terrorist supporters online and Arabic-speaking hackers. The PDF file included with the software assists non-English speaking users in the application's operation. This, unfortunately, could greatly impact the threat landscape of pro-terrorist communications worldwide, since it will make it easier and more comfortable for those Arabic speakers who may have been wary of using English-based encryption programs to use a program developed by "their own" people. According to a statement within the Arabic PDF file, this is a code that they have been developing for years. iDefense/VeriSign is continuing to assess what the impact will be with this new software - both as to its technical characteristics as well as how it will be greeted in the pro-terrorist online world. Requests for follow-on information on this development or information on how to obtain iDefense products can be sent to: di@idefense.com. Jim Melnick, Director of Threat Intelligence, iDefense/VeriSign, Inc.
Jim Melnick is director of threat intelligence for iDefense, the security intelligence arm of VeriSign, Inc., which operates the systems that manage the ".com" and ".net" domains. (Note: VeriSign is a client of GAGE LLC)
posted by Marko at 1/29/2007 11:17:00 AM
<< Home