#OpISIS 7
If you’ve never heard of Fawkes Security, lemme tell you a fun story about some terrorists who threatened to detonate a bomb on U.S. soil less than six months before the Tsarnaev brothers actually did detonate a bomb on U.S soil. Two, to be precise, that killed 3 and wounded 264 more.
According to knowyourmeme.com, the “self-proclaimed ethical hackers” first appeared in December 2011, aligned with Anonymous and using the same Twitter profile banner that Anonymous Scandinavia adopted approximately three years later. After deleting their old Twitter account shortly after I started publishing The Rabbit Files, Anonymous Scandinavia continued to use it for their new account:
According to this WordPress account, Fawkes Security has a private Facebook group that is supposedly run by “a blonde woman from New York named Jodie Rushforth.” Well, about three months after Fawkes Security and this “Jodie Rushforth from New York” opened a Twitter account that linked to this Facebook group, they promoted “The Plan,” a grifty, Anonymous operation that reeked of government involvement and that I reported on in #OpISIS Part 4:
TheAnonPress (aka TheAnonPress88, @AmenityParadox) created their Youtube account on April 4, 2011, approximately two months after Anonymous decimated HBGary Federal’s then-CEO, Aaron Barr, and two months before Sabu was initially arrested. According to one blogger, TheAnonPress was involved with a 2011 Anonymous campaign called “The Plan: One Year. Three Phases. A World a Change,” which you can find on the archived website whatis-theplan.org.
According to icann.org, the website was created on June 16, 2011, now just nine days after Sabu turned informant and amidst a number of other things happening, including former activist, Jennifer Emick, passing along her FBI handler’s phone number to online troll, William Welna, who, ironically, went on to snitch-jacket Barrett Brown a year later.
The Plan published an open letter praising Sabu’s fed-infested group, AntiSec, and on July 20, 2011, they announced an operation called “Onslaught,” the goal of which was fairly ambiguous unlike the stench of their fed-ish behavior. In their press video, the group behind “The Plan” expected activists/hacktivists to:
- Report to moderators who would assign them to teams and give them a “designated target and a message to spread”
- Take to the streets armed with stickers and flyers
- Keep track of the stickers and flyers they posted and then post those tallies directly to a “coordinator who will keep a tally on total posts”
- Change their Facebook profile picture to the flyers they were posting (presumably on the streets in their area)
I mean…if there was an Anonymous operation clearly meant to identify where you lived and possibly who you were, this would be one of them. From #OpISIS Part 4:
I’ve never been a part of Anonymous and I wouldn’t know how to access an IRC channel if my life depended on it, but common sense tells me that this is not standard operating procedure.
‘Comms systems’ so you can track your fellow team members who are armed with…stickers? Stick to the script, post only what they want you to post, keep track of what you post, how many times that you post, and then hand over that information directly to ‘The Plan?’ And just in case ‘The Plan’ can’t keep track of you, upload a picture of the flyer you’re distributing to your Facebook page?
Who were the moderators handing out targets and assigning teams? Who were the coordinators tracking everything these activists did? There’s no mention of hacking or cyber disruptions…
In case you forgot how we got here, TheAnonPress88 posted a video on February 9, 2012, announcing an operation against Israel, you know, about ‘systematically’ removing them from the internet. Eight months prior, they were part of and/or promoted ‘The Plan,’ some sort of monetized campaign that heavily endorsed Sabu’s fed-infested #AntiSec.
On February 12, 2012, Fawkes Security also reposted AnonPress88’s anti-Israel video mentioned above which talks about “three steps” just like The Plan’s “three phases.”
Five months later, in early August 2012, Fawkes Security used the hashtag #OpIsrael for the first time after it was reported (and confirmed by the website owner) that Anonymous hacked LettersForIsrael.com. It was stated by at least one Twitter account that the hack was carried out by “@Op_Israel via @saudianonymous1,” and based on Twitter accounts that are still alive as of today, the @Op_Israel account, which was mentioned in #OpISIS Part 6, was the first one to announce the hack.
I’m curious as to why Fawkes Security was intent on promoting Commander X. Don’t worry, I’ll explain later.
Soon thereafter, Fawkes Security posted a series of tweets claiming that they took down banking giant, HSBC, at the same time another hacking group called Izz ad-Din al-Qassam Cyber Fighters also took credit for the attack.
The disagreement became a very public one and websites like theregister.com began publishing headlines like, “Shove off, credit-hoggers, WE took down HSBC,” in reference to Fawkes Security:
Several posts in @FawkesSecurity’s timeline (such as this) provide circumstantial evidence to support its claim that it launched what it variously describes as #OpHSBC and #OpDosLikeABoss. In a YouTube video the group said it was holding back on its reason for the attack.
However, in March 2016, seven Iranian state-sponsored hackers from two different security firms, MERSAD and ITSEC, and associated with the Izz ad-Din al-Qassam Cyber Fighters, were indicted for DDoS attacks against several banks that “escalated in frequency and occurred on a near-weekly basis” between September 2012 through May 2013. This included the cyber assault on HSBC that occurred on approximately October 18, 2012.
According to one website:
Credit for the attacks was taken by a group that called itself the Izz ad-Din al-Qassam Cyber Fighters, which said the attacks were reprisal for a YouTube movie trailer that the group deemed to have cast Islam in a negative light. Many security experts, however, suggested that this explanation was a ruse, and that the DDoS disruptions could be Iran’s response to the Stuxnet malware attack, ascribed to a U.S.-Israeli cyberweapon program.
It’s worth noting that after growing concerns about Iran’s nuclear program, in 2010, the U.S. and Israel hit their nuclear centrifuges with Stuxnet, a “500-kilobyte computer worm” that crippled their nuclear program. Between 2010–2012, Israel was also suspected of assassinating at least four Iranian nuclear scientists, virtually guaranteeing that both countries would become targets for political activism and cyber intrigue.
For example, in #OpISIS Part 4, it was reported that Sabu started a #FuckIsrael campaign in January 2012, after the senior supervisor at Iran’s Natanz uranium enrichment facility, Mostafa Ahmadi Roshan, was murdered in a magnetic car bomb explosion. This was *after* Sabu became an informant for the FBI and while his computer was being monitored by the feds 24 hours a day.
It was also reported in #OpISIS Part 3, that Sabu a.k.a. the feds gave hacktivist Jeremy Hammond a list of foreign countries to attack, including Iran and the Iranian Academic Center For Education and Cultural Research.
Pay attention to what Hammond wrote, “The FBI took advantage of hackers who wanted to help support the Syrian people against the Assad regime, who instead unwittingly provided the U.S. government access to Syrian systems, undoubtedly supplying useful intelligence to the military and their buildup for war.”
This is the degree to which Anonymous was infiltrated back in 2011–2012, and it seems fairly naive to look back now at a hacking community saturated with feds and informants and believe that they were not able to do the same thing during #OpIsrael and #OpISIS. Or even #FreeAssange
You would also have to be pretty gullible to believe anyone from the leaderless collective who claims that they were able to clean up an entire global community of anonymous hackers.
FFS the activist community can’t even get rid of Suzie Dawson, documented abusers like Ray Johansen, and his hacking associate, Aubrey Cottle, a.k.a. the “founder” of Anonymous who literally allowed child porn to be posted on his website, 420chan, but we’re expected to believe that Anonymous rooted out every bit of fed infiltration? Please.
In #OpISIS Part 5, I also reported on how Johansen got in on the Iranian story line by claiming that fellow hacktivist Higinio Ochoa gave him “20 million dollars to find 17 kidnapped people in Iran.” After “negotiating with Hezbollah and Iran,” Johansen stated, “we got them out in the end.”
And in #OpISIS Part 6, I reported on a March 4, 2012 interview with Mauritania Hacker (the founder of Mauritania Hacking Team, Teamr00t, and Anonghost) who pushed a pro-Iran agenda almost immediately upon their arrival in the hacktivist scene.
As for Fawkes Security, despite what appeared to be a more reasonable explanation as to why HSBC was targeted (unless, of course, Fawkes Security was actually a group of Iranian state-sponsored terrorists), Fawkes Security continued to take credit for the attack, vowing to hit more banks in the future…but they never did.
Perhaps targeting banks, or at least claiming that they did, wasn’t the thrill they were looking for and so on October 22, 2012, the “self-proclaimed ethical hackers” posted a bomb threat on Pastebin.com during the U.S. presidential debate:
Members of Anonymous decried Fawkes Security’s actions as the work of the FBI to demonize the hacking collective and paint them as a terrorist group. Given that no one from Fawkes Security was ever arrested for the bomb threat (or their alleged attack on HSBC, again, unless they were arrested in 2016), their Pastebin is still available, and the group’s social media accounts are still intact, they may very well be right.
Now I ask you, as a member of Anonymous would you adopt the Twitter banner of Iranian state-sponsored terrorists posing as Anonymous or, even better, feds that posted a bomb threat online to discredit Anonymous? Should we revisit SheliJ, Exeintel, Jaime Chanaga, and the Federal Bureau of Investigation? Right. Nothing to see here, moving on…
Regardless of whether or not Fawkes Security was a group of federal agents, a private security firm posing as hackers, state actors, or a jackass in his mom’s basement, Anonymous posted a bomb threat and no amount of denials can change that. Don’t blame us, blame yourselves. Again, from Anonymous’ favorite archenemy, the Jester, who can’t be quoted enough times for absolutely nailing it about the so-called leaderless collective:
I am not saying all Anons are Terrorists and I am not saying all Terrorists are Anons, what I am saying is that the Anonymous structure, or lack thereof, allows really bad elements to speak as if they are you, and because you are leaderless and have no spokesperson…there’s NOTHING you can do about it. Like it or not you are hiding behind ‘a brand’ that anyone can claim…
You can even (as you have done) disown @fawkessecurity and publicly burn him because he’s a fucking fruit-loop. But your business model makes it very easy for elements of terror to throw on a V mask and do some crazy ass shit then take it off again, and you all get tarred with same brush, AND THERE’S NOTHING YOU CAN DO TO STOP IT.
My question is this: How the can you disown @fawkessecurity, and say that those anons up there flag-defacing with Jihadis are not part of Anonymous? Anyone can be Anonymous, wear the mask and act under your banner, that’s what you say, right? Hell, how can Anonymous withdraw support for Assange and Wikileaks if you have no leader and are the chaotic collective.
You can’t have it both ways.
The really sad thing about it all is, it’s not the small percentage of clever ones that are gonna get V& and ruined by your flighty unprofessional ‘movement’ — it’s the evidently vulnerable and stupid ones, which by my current figures makes for exactly 45.2% of your ‘legion’ numbers.
Despite Fawkes Security’s highly questionable behavior, we’ll later see that some accounts still tagged them in tweets, including posts about Teamr00t, the same hacking team that was created by Mauritania Attacker — the hacker who portrayed himself/herself as pro-Iranian.
We’ll also see that of all the websites that were covering #OpIsrael, Fawkes Security pushed LocalLeaks.com as the “main central opisrael” website to follow. This is the same website I mentioned in the last article that was created and controlled by a hacktivist called “Commander X,” who has been less than truthful about events that transpired between 2009–2012.
More Teamr00t Shenanigans (June 2012 — November 11, 2012)
While Fawkes Security was busy posting bomb threats, Teamr00t, which I reported on extensively in #OpISIS Part 6 for their straight up manipulation of the public, brought back their “Fuck USA” campaign around mid-September after a short-lived run the month before.
In case my audience doesn’t remember what Teamr00t was doing during the summer of 2012 because, admittedly, it’s been awhile since an article has been published in this series, here’s a reminder:
During the last two weeks of June 2012, Teamr00t boasted about hacking big, scary websites like real estate agencies, graphic design firms, and a number of dentists because nothing says legit like hacking the websites of innocent people within a particular medical field that is already rife with higher than average suicide rates.
And I don’t even know if these were legit websites because I only have so much time to research every single thing they claimed to hack. Then they hacked a WordPress Theme website because no revolution is complete without taking down some blog designs. This level of stupidity continued for months.
On July 8th, they announced that they hacked “all Israel FB [Facebook] accounts” and then they only listed 24 because I guess only 24 Israeli Facebook accounts exist. The day before, someone jumped on Twitter and posted to Teamr00t, “…you guys are freaks…” and, frankly, I couldn’t agree more.
A handful of accounts like Hackread.com promoted some of Teamr00t’s alleged website defacements but they still garnered very little attention on Twitter between June — October 2012.
Maybe it was because Teamr00t also bragged about hacking a female-only photography group in Ghana, the Centre for Human Rights and Rehabilitation in Malawi, a non-profit fundraiser for animal welfare, small U.S. businesses like yoga studios and a convenience store in Miami Beach, and two websites that provided a forum for the disabled to share with each other accessibility and parking around major cities like Chicago and Philadelphia.
Gee, I wonder what kind of person from Mauritania ::cough cough:: would target websites for the disabled? Unbelievably, none of these rotten shenanigans stopped @Malwareconf from announcing on November 11, 2012, that Teamr00t had conducted “special attacks” against Israel. They even posted a Pastebin that included a list of these cyber feats — cyber feats that were so magnificent even @YourAnonCentral couldn’t resist from retweeting (was Cassandra Fairbanks one of the account’s administrators at this point?).
Hackread.com also reported on Teamr00t’s big day in an article entitled, “12 Israeli Websites Defaced by Teamr00t Hacktivists.” They retweeted the article at least 43 times that day and tagged accounts like @Anon99Percenter and @An0nKn0wledge, both of whom later became members of hacktivist Ray Johansen’s AnonIntelGroup.
This was also approximately six months after @An0nKn0wledge, a close associate of Johansen’s, publicly announced that he had been compromised. Four years later, @An0nKn0wledge worked with Cassandra Fairbanks and alleged Russian intelligence agents via the online persona, Alice Donovan, at WeAreChange.org, a media outlet run by right-wing activist, Luke Rudowski.
The Southern Poverty Law Center (SPLC) described WeAreChange.org “as part of the antigovernment ‘Patriot’ movement, which is obsessed with alleged government conspiracies.” In 2010, the leader of their Los Angeles chapter was charged with four criminal counts related to making threats and the SPLC reported that he was part of both the far-right “sovereign citizens” movement and the Oath Keepers, a “conspiracy-oriented Patriot group.”
WeAreChange.org also heavily promoted Fairbanks, Mike Cernovich, and WikiLeak’s pro-Trump, Pizzagate-ish “spirit cooking” narrative during the 2016 U.S. election.
@An0nKn0wledge eventually left WeAreChange.org and joined Suzie Dawson’s pro-Julian Assange #Unity4J campaign in 2018, and threatened fellow activists, journalists (including myself) and WikiLeaks supporters for questioning the campaign’s fashy elements and the inclusion of far-right/alt-right Trump insiders and U.S. intelligence-linked individuals like Cassandra Fairbanks and Jack Posobiec. Then he tried to steal other groups’ vehemently anti-fash, pro-Assange campaigns in the name of #Unity4J.
In addition to @An0nKn0wledge, Hackread.com also tagged @FawkesSecurity despite the fact that they posted a bomb threat a few months prior that members of Anonymous denounced as a fed move.
https://twitter.com/HackRead/status/267792722612609025?
As for the 12 Israeli websites that Teamr00t allegedly defaced that caused such a newsworthy stir, one of them was a company that sold picture books for weddings, anniversaries, birthdays, etc. Another was dedicated to the work of Israeli artist and mechanical drafter, Michal Binheim, who has exactly two followers on Flickr and still uses Hotmail. One website sold insurance for car and home owners, as well as cyclists, and another was dedicated to “raw materials for super health, vegan, organic and fair trade”
You can also find both a yoga and pilates studio on the list, a kitchen remodeling business, and a company that sells fish tanks and filters. However, a Google search revealed that the owner of the fish tank company was once quoted in The New York Times back in 2002 about the situation between Israel and Palestine so I guess this was payback a decade later?
Teamr00t also made it sound like they hacked Israel’s equivalent of the U.S. Bar Association, just like they had done previously with an alleged U.S. lighthouse (don’t ask, it’s that f*cking stupid), but like the majority of their cyber feats, it was not at all what they claimed it to be. A Google search of that website only returns three results, all of which are about Teamr00t’s alleged hack.
I mean, for all I know Teamr00t registered the website themselves and then defaced it. Additionally, the defacement is still live and if this was the actual page for Israel’s version of the Bar Association, I can assure you that they wouldn’t allow the defacement to stay up for almost a decade.
Complete and Utter Bullshite
Right. So, HOLY MOTHER OF DISINFO, all of this stuff about Teamr00t that came straight from the Anonymous community was meant to deliberately manipulate the masses into believing that Mauritania Attacker and his/her hacking teams (Mauritania Hacking Team, Teamr00t, Anonghost) were legit. And maybe you should start asking why.
Let’s briefly revisit the 2013 Reuters interview that Mauritania Attacker was inexplicably able to obtain, shall we? From #OpISIS Part 3:
According to the Reuters article, Mauritania Attacker and his team members were not extremists and were fighting for Islam ‘using peaceful means.’
Mauritania Attacker aims to promote ‘correct Islam’ by striking at servers hosted by countries they see as hostile to sharia law. ‘There is no Islam without sharia,’ he said.
Just so my audience understands exactly how this whole thing went down, Mauritania Attacker’s “Mauritania Hacking Team” came out of nowhere in late January 2012, approximately 6 weeks before the FBI pulled Sabu from the field.
In approximately June 2012, Teamr00t, another hacking team allegedly created by Mauritania Attacker, showed up and started attacking websites dedicated to things like dentistry, animal welfare, human rights, artists, and disabled individuals because apparently these groups are well-known for being hostile to Sharia Law (that’s sarcasm btw).
Mauritania Attacker did nothing less than target the weak and defenseless in a blaze of manufactured prowess and yet, despite all of this, Teamr00t’s leader was handed an interview with a Western news outlet — a news outlet that went on to showcase Mauritania Attacker as a hero “fighting for Islam using peaceful means,” not some rando online targeting disabled American citizens.
That, my friends, is sketchy AF and it gets much, much worse.
Ironically, Teamr00t seethed about Israel’s abuses against the Palestinians in the defacements they posted…on websites they hacked into that belonged to yoga studios and animal welfare organizations, screaming at the site owners, “Expect us soon in your server” and “We WILL BE BACK AGAIN !”
Okay, terrorists.
The day after @Hackread.com tagged soon-to-be members of Johansen’s AnonIntelGroup and @FawkesSecurity, Teamr00t allegedly defaced the website of Wokinham, UK’s town council and, folks, Wokingham is a borough in the U.K. with a population of about 45,000. I mean, I’ve attended concerts with more people.
Two days later, on November 14, 2012, Israel commenced Operation Pillar of Defense, an operation targeting “terrorist organizations in the Gaza Strip,” and it was this military campaign that sparked an official #OpIsrael campaign within Anonymous and the advent of Mauritania Attacker’s “Anonghost.”
