Hacking the Kuffar: Updated

The original Hacking the Kuffar post gave relatively detailed background on the Jihadist cyber-attacks on a multitude of Western blogs and websites. Specifically, Distributed Denial of Service attacks via botnets and website defacements. Aarons Rantblog was defaced as recently as this morning by a defacer who left his mark as "NeEe0_Hack". It seems that NeEe0_Hack likes to do a bit of site defacing on site's other than Aarons, this is evidenced by the archives over at Zone-H.

Realizing that NeEe0_Hack probably doesn't take that much care in hiding his tracks I decided to do a bit of Googling and see what I could find.

The search actually returned three pages of results, some more revealing than others. There were a few hit's for defaced pages, a few for forums and Yahoo groups he's been posting on and the interesting websites of "kkjmj.com" and "soofaa.org". The first one appears to be a placeholder website for NeEe0_Hack, the second is a site that NeEe0_Hack was evidently affiliated with (you'll see his name about halfway down).

The kkjmj site isn't that remarkable in itself at first glance because it initially goes to a red page with NeEe0_Hack's name on it and then after a few seconds it redirects from "http://www.kkjmj.com" to "http://www.kkjmj.com/home/" with a different page residing in /home. The /home web page is complete with ant-Denmark banners and claims of "The World Hacker".

The page seems to be empty of anything interesting and even the links are dead, with that in mind direct your attention back to the "kkjmj.com" page.Notice how that page waits a few seconds before redirecting you to the other one? When the page with the red background appears "right click" with your mouse and quickly select "view page source" from the menu.

Stay with me here, this is where it gets good. The source of that page reveals (in English):

<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1256">

Let's perform a WHOIS lookup on that "kkjmj.com domain name shall we?

khalid waleed (KKJMJ-COM-DOM)
Suadi arabia, 159789
Domain Name: KKJMJ.COM
Administrative Contact:
khalid waleed kahhhl2006@hotmail.com
Suadi arabia, 159789
Technical Contact, Zone Contact:
Khaled domain@hostingarabs.com
Record last updated on 26-Jul-2005.
Record expires on 26-Jul-2006.
Record created on 26-Jul-2005.
Domain servers in listed order:
Name Server: ns7.hostingarabs.com
Name Server: ns8.hostingarabs.com

Note the email address of "kahhhl2006@hotmail.com" as a registrant contact.

Let's google that and check the results. This leads us off to the website "Hurricane Net" which has a focus on computer hacking. There are inumerable other bit's of information to be found if one is willing to spend the time Googling for them. This DNS record may or may not be goood info on our target here but I'd say there's a pretty good chance it's him. Remember what I mentioned in the previous article about "no fear of law enforcement?" If this is our guy and he really is in Riyadh you can give up any hope of ever getting to him.

As always, questions and comments are welcome.


13 Responses to “Hacking the Kuffar: Updated”

  1. Ok we saw that sir Aarons.cc was hacked but can u say us what we have to do when ur blog was attack like that, what r the method to reorganize the blog ? and how long it takes ? hopes to see him again soon and that time will copy all the photo of his site and put them in my site, lol.

  2. That’s really interesting. thanks for the information.

  3. I hope you don’t mind that I put up a post about this article on CommonTimes.

    I’ve always suspected that there were terroist hackers out there. I guess this confirms it.

  4. damianmann,
    I don’t mind at all if you link anything here. On a side, there definately is the capability within the jihadi community to carry out cyber attacks. As I mentioned before, if there is no threat of prosecution from the police forces in the attackers home country there’s nothing else stopping them. I give full credit to controlling American “hackers” to the associated Agencies, it would be foolish to believe that no such hacker capability exists in the West.

  5. An email address. Hmmmmmmm. How…fascinating.

    They like to do jihads. Why don’t we respond by sending them spam?

  6. hi all if you wantid me come to my city ok

    i’m a hacker and i Always see that i’m despised for do this so what you want to do ???

    fuck you all :)

    have nice day

  7. Hello NeEeO_HaCK,
    No, I don’t think many of us would care to visit Riyadh.

    “i’m a hacker and i Always see that i’m despised for do this so what you want to do ???”

    While alot of people “despise” hackers as you say, I do not. A look around this site should indicate to you that I am a hacker as well. You and I both know that defacing and rooting vulnerable webservers isnt hard to do. The biggest difference between us is that I get paid big money for what I know and you don’t (unless your carding, but that’s a different story altogether).

    There is no “magic” to hacking and given the right tools even a child could accomplish it. Running a mass defacer script that someone else wrote, or packeting/DoS’ing a webserver with a bunch of perl bot’s hardly qualifies as “l337 h4x0ring sk177s”.
    Is it commonly done? Yes.
    Does it take exceptional skill? No.

    Being a true hacker takes commitment, study and hardwork, shitty attitude and arrogance is no substitute for effort.

    Thanks for stopping by.

  8. O Great One!

    What the difference between hacking and cracking? And what’s carding?

    Sorry for the n00b questions. I’m not very computer-savvy.

  9. Evening Muslihuun,
    There’s not that much difference (technically) between hacking and cracking. The main difference in the two terms is social, hacking is “mostly” conducted in a legal manner and mainly focuses on computer security and the acquisition of knowledge. Cracking is basically openly accessesing systems that dont belong to you with criminal intent, ie: theft or destruction of property. “Carding” describes credit card fraud on the Internet, it’s big business and ties in with website cracking and phishing.

    See wikipedia or google for more on the above topics.

  10. Thank you so much, blackflag!

  11. Do you think that could be arrested by the police so easily?

    You do not know something about me that I make sure I surveyed all the (ip)
    After hacked web or hosting .

    Do you think this site kkjmj.com or domin it’s my ??
    no this site hacked by me like you before

    You do not know how I deal with hosting or sites

    so No yourself trying to search for me


  12. Don’t worry kid, nobody’s wasting time looking for you.

  13. i want to learn hacking….. call me money no problem

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: