A secret British spy unit has waged war on the hacktivists

A secret British spy unit has waged war on the hacktivists

Thursday 28 December 2017 > français

34c3 - Ethics, Society & Politics - Chaos Computer Club.

Uncovering British spies’ web of sockpuppet social media personas.

A secret British spy unit created to mount cyber attacks on Britain’s enemies has waged war on the hacktivists of Anonymous and LulzSec, according to documents taken from the National Security Agency by Edward Snowden.

The Joint Threat Research Intelligence Group (JTRIG), a unit in one of Britain’s intelligence agencies, is tasked with creating sockpuppet accounts and fake content on social media, in order to use "dirty tricks" to "destroy, deny, degrade [and] disrupt" enemies by "discrediting" them. In this talk, we reveal some of that content, in relation to infiltrating activists groups around the world, including during the Arab spring and Iranian revolution.


Mustafa Al-Bassam #Anonymous #LulzSec #T-Flow:

In 2011, I was unknowingly messaged on an IRC channel by a covert agent from the UK’s Government Communications Headquarters (GCHQ), who was investigating the hacktivist groups of Anonymous and LulzSec. Later that year, I was arrested (and banned from the Internet) for my involvement in LulzSec.

Then, in 2014, I discovered through a new Snowden leak [1] that GCHQ had targeted Anonymous and LulzSec, and the person that messaged me was a covert GCHQ employee, pretending to be a hacktivist.

Because I was myself targeted in the past, I was aware of a key detail, a honeypot URL shortening service setup by GCHQ, that was actually redacted in the Snowden documents published in 2014. This URL shortening service enabled GCHQ to deanonymize another hacktivist and discover his real name and Facebook account, according to the leaked document.

Using this key detail, I was able to discover a network of sockpuppet Twitter accounts and websites setup by GCHQ, pretending to be activists during the Arab spring of 2011 and Iranian revolution of 2009, and we published an article about it last summer in Motherboard as a piece of investigative journalism.

[Video] 34c3 - Chaos Computer Congress:

  • go into detail about how and why GCHQ setup a network of fake social media accounts, blogs, honeypot proxies and news sites during revolutionary events;
  • reveal new details about other fake websites that GCHQ setup in other parts of the world for different purposes.

The people responsible, the Joint Threat Research Intelligence Group (JTRIG), is a group within GCHQ that has the aim of "using online techniques to make something happen in the real or cyber world".

To fulfill this aim, a wide but basic array of technological tools and software are used at JTRIG’s disposal, as detailed in the published document titled "JTRIG tools and techniques" [2]. These tools include "DEADPOOL", described as a "URL shortening service", and "HUSK", a "secure one-to-one web based dead-drop messaging platform".

How can seemingly innocent web services be used as honeypots to conduct signal intelligence, being part of something more sinister?

More info - media.ccc.de


Anonymous Shop

One-of-a-Kind Products. Unique designs on trendy gear you simply can’t get anywhere else. Powered by Pros. Spreadshirt prints and ships your order fast and on-demand.

NordVPN, shield your browsing from hackers and surveillance.

Protect all your devices.

2-Year Plan | Discount -72%
Anonymous Shop

One-of-a-Kind Products. Unique designs on trendy gear you simply can’t get anywhere else. Powered by Pros. Spreadshirt prints and ships your order fast and on-demand.

NordVPN, shield your browsing from hackers and surveillance.

Protect all your devices.

2-Year Plan | Discount -72%
GnuPG Fundraising Rally

GnuPG Fundraising Rally

GnuPG needs your support to help protect online privacy. Activists, journalists, lawyers, and many others rely on GnuPG to protect their (...)


eelo - mobile OS and associated web-services

eelo - mobile OS and associated web-services

Your data is YOUR data! eelo in short. eelo recognises the need shared by everyone for better data privacy. The eelo project will provide an (...)


Why the NordVPN network is safe

Why the NordVPN network is safe

Why the NordVPN network is safe after a third-party provider breach. Information has recently surfaced about a NordVPN breach caused by (...)


Tutanota - Encrypted mailbox for free

Tutanota - Encrypted mailbox for free

Tutanota, Freedom Fighters. Secure email for everybody! Every day Tutanota fights for freedom and privacy. Tutanota strives to bring the most (...)


Mastodon social network

Mastodon social network

Mastodon is a free, open-source social network. Mastodon, a distributed, open-source version of Twitter, is almost identical to the platform (...)


Riseup - Secure and private email accounts

Riseup - Secure and private email accounts

The Riseup Collective is an autonomous body based in Seattle with collective members world wide. Our purpose is to aid in the creation of a free (...)


WikiLeaks

Submit documents to WikiLeaks

WikiLeaks publishes documents of political or historical importance that are censored or otherwise suppressed.


/e/ Foundation
eFoundation is a non-profit organization leading the development of Open Source mobile operating systems that respect users’ data privacy.

Tor Browser
Tor Browser
Tor protects your privacy

NordVPN
Protect all your devices.
2-Year Plan | Discount -72%