The Jester (hacktivist)

The Jester
th3j35t3r
NationalityAmerican
OccupationGrey hat hacktivist
Known forHacking anti-American, jihadist, and homophobic websites


The Jester (also known by the leetspeak handle th3j3st3r[1]) is a self-identified grey hat hacktivist. He claims to be responsible for attacks on WikiLeaks[2] and Islamist websites.[3] He claims to be acting out of American patriotism.[2]

Identity

The Jester has stated that he was a former soldier and had served in Afghanistan and elsewhere.[3] A former defense operative claimed that The Jester was a former military contractor involved in US Special Operations Command projects.[2]

Activities

On January 1, 2010, The Jester began a campaign against Jihadist websites. His first target was alemarah.info, which was the Taliban's website at the time.[4][5] The Jester posted several tweets claiming to be responsible for the downtime WikiLeaks was experiencing.[2]

On November 29, 2010, someone claiming to be The Jester stated that he had been raided by the U.S. and attempted to solicit money for legal fees. The Jester purported that the person was an impostor, though writers at InfoSecIsland believe the hoax was created by The Jester himself.[6][self-published source][7]

In February 2011, The Jester claimed credit for a DoS attack on several sites belonging to the Westboro Baptist Church for celebrating the death of homosexual U.S. servicemen.[8]

In June 2011 The Jester vowed to find and expose members of LulzSec.[9] He attempted to obtain and publish personally identifiable information of key members within the group, whom he described as "childish".[10] In March 2011, Barrett Brown said The Jester was trying to identify members of Anonymous with Backtrace Security, a group of former members of Anonymous who disagreed with the current Anonymous.[11][12][13] On June 24, 2011, he incorrectly claimed to have revealed the identity of LulzSec leader Sabu as an information technology consultant possibly from New York City.[14] In July of the same year, he falsely accused a Portuguese IT professional of also being Sabu, leaving The Jester's outing claims to be considered suspect.[15] However, in a post on his blog in November 2011, The Jester retracted his prior identifications for "Sabu", issued an apology and correctly identified "Sabu" as Hector Xavier Monsegur, 28, of New York.[16] Sabu's identity was confirmed on March 6, 2012, when Monsegur was arrested by the FBI and it was revealed that he had been acting as an FBI informant in the interim.[17][18]

On March 5, 2012, The Jester changed his Twitter account avatar from his signature Jester icon to a QR code without comment or explanation.[19] Scanning a QR code redirects a browser to a website. Scanning The Jester's icon led to a URL where he had an image of his signature Jester icon and an embedded, hidden code that allegedly exploited a vulnerability that affects Safari, Chrome and Android browsers.[19] "When anyone scanned the original QR code using an iPhone or Android device, their device would silently make a TCP shell connection back to my remote server," The Jester wrote.[19][20] This was however exposed to be fake[21] and the exploit was stolen from a 2-year-old CVE advisory.[22]

On May 14, 2012, The Jester's Twitter account appeared to have been deleted, along with all posts on his WordPress blog.[23] However, the Twitter account and WordPress blog were merely temporarily deactivated and were subsequently restored May 16, 2012.[24]

On July 2, 2013, The Jester took responsibility for a series of DoS cyberattacks against the Ecuadorean stock exchange and the country's tourism website, and promised to attack any other governments considering granting asylum to NSA leaker Edward Snowden. In tweets, The Jester also alluded to a plan to seize control of the fire alarms at the Ecuadorean embassy in London, which would force WikiLeaks founder Julian Assange to set foot on UK soil and face potential extradition to Sweden to face sexual assault charges.[25]

On October 21, 2016, The Jester took responsibility for "defacing" the official website of the Russian Ministry of Foreign Affairs. The "hack" was later shown to be fake.[26]

References

  1. ^ Keizer, Gregg (2010-11-30). "WikiLeaks moves to Amazon servers after DOS attacks". Computerworld New Zealand. Retrieved 2010-12-29.
  2. ^ a b c d Vance, Ashlee (2010-12-03). "WikiLeaks Struggles to Stay Online After Attacks". The New York Times. Retrieved 2010-12-29.
  3. ^ a b Rosenbach, Marcel; Stark, Holger (2010-12-07). "Julian Assange Becomes US's Public Enemy No. 1". Der Spiegel. Retrieved 2011-12-02.
  4. ^ th3j35t3r (2010-06-30). "Hacker macht Jagd auf Online-Dschihadisten". Die Welt (Interview). Interviewed by Florian Flade. Retrieved 2010-12-29.{{cite interview}}: CS1 maint: numeric names: authors list (link)
  5. ^ "Afghan Taliban deny meeting U.N. envoy". Reuters. 2010-01-30. Retrieved 2011-01-03.
  6. ^ "Did WikiLeaks Hacker The Jester Pull Police Raid Hoax?". Infosecisland.com. 2010-12-02. Retrieved 2011-08-30.
  7. ^ Sullivan, Bob (2010-12-07). "Red Tape - WikiLeaks hacker a villain or a hero?". MSNBC. Archived from the original on 2011-05-02. Retrieved 2011-08-30.
  8. ^ Leyden, John. "Jester claims credit for knocking Westboro Baptist Church offline". www.theregister.com. Retrieved 2022-11-14.
  9. ^ Poeter, Damon (24 June 2011). "Will LulzSec's Hit on Arizona Cops be its Last Hurrah?". PC Magazine. Ziff Davis. Archived from the original on 28 December 2013. Retrieved 25 June 2011.
  10. ^ Halliday, Josh (24 June 2011). "LulzSec: the members and the enemies". The Guardian. London. Guardian Media Group. Archived from the original on 26 June 2011. Retrieved 25 June 2011.
  11. ^ "Splinter Group Says Document Outs Anonymous Members". threatpost.com. 22 March 2011. Retrieved 2022-12-19.
  12. ^ Greenberg, Andy. "Ex-Anonymous Hackers Plan To Out Group's Members". Forbes. Retrieved 2022-12-19.
  13. ^ Greenberg, Andy. "Anonymous And Ex-Anonymous Hackers Wage A War Of Identification". Forbes. Retrieved 2022-12-19.
  14. ^ Chapman, Stephen (24 June 2011). "LulzSec's leader, Sabu, revealed?". ZDNet. CBS Interactive. Archived from the original on 27 June 2011. Retrieved 25 June 2011.
  15. ^ "The Quest to Unmask the Ringleader of Anonymous - Technology". The Atlantic Wire. 2011-07-14. Retrieved 2011-08-30.
  16. ^ Wagenseil, Paul (8 March 2012). "Despite Being Anonymous, Hacktivist Sabu Wasn't Hard to Find". Security News Daily. Retrieved 13 March 2012.
  17. ^ "5 'Anonymous' hackers busted after one becomes FBI informant". Newsday. AP. March 6, 2012.
  18. ^ Goldman, David (March 6, 2012). "Anonymous in disarray after major crackdown snares leaders". CNN.
  19. ^ a b c Wagenseil, Paul (March 13, 2012). "Anti-Anonymous hacker threatens to expose them". MSNBC. Archived from the original on December 10, 2015.
  20. ^ Wagenseil, Paul (March 12, 2012). "Pro-American Hacker's Attack Threatens to Expose Anonymous". Security News Daily.
  21. ^ "th3j35t3r and QR Exploits Exposed Part 2". Wordpress. March 13, 2012.
  22. ^ "Cve - Cve-2010-1807".
  23. ^ ""Patriotic hacktivist" The Jester unmasked—or maybe it's a big troll". Ars Technica. May 15, 2012.
  24. ^ th3j35t3r (16 May 2012). "Not totally sure what just happened, but damn it's getting out of hand now". Retrieved 2012-05-28.{{cite web}}: CS1 maint: numeric names: authors list (link)
  25. ^ Snowden and Assange Targeted by Mysterious Hacker "The Jester", Mother Jones, 2 July 2013
  26. ^ "How the Jester fooled Russians—and Fox News—with one simple trick. [Updated]". 25 October 2016.