Anonymous’s team GhostSec thwarts Isis terror plots

Anonymous affiliate GhostSec has supported US law enforcement and Intelligence agencies in thwarting Isis terror plots in New York and Tunisia.

The popular Anonymous affiliate GhostSec has provided useful information on preventing terrorist attacks on New York and Tunisia planned by the Islamic State (Isis), according to a counterterrorism expert.

According to the Internation Business Times, Michael Smith, an adviser to the US Congress and co-founder of national security firm Kronos Advisory, admitted that information regarding potential attacks provided by the group GhostSec was used by US intelligence and law-enforcement agencies to interfere with IS operations.

“It is my understanding that data collected by the group, and presented to law enforcement and intelligence officials by me, was helpful to authorities in Tunisia, who disrupted a suspected Islamic State cell around 4 July,” revealed Smith. “This data was collected pursuant to the group’s efforts in monitoring social media accounts managed by suspected Islamic State supporters. As per their assessment, this plot would have been mobilised soon after the recent attack that occurred at a popular resort in Tunisia.”

The news is confirmed by one of the members of the collective GhostSec with the pseudonymous DigitaShadow. The man revealed that information gathered by the hacktivists from the social media regarding ISIS activities and potential attacks was shared with Smith that provided it to the US agencies.

The information allowed the identification and the arrest of 17 suspects in Tunisia earlier this month.

“GhostSec is constantly monitoring social media and the internet for threats against governments and its citizens,” DigitaShadow told IBTimes UK. “On 2 July, we encountered an Islamic State account engaging in threats against tourists in Tunisia. They made references to a suicide bomber in an area near the Homut Souk market, which is a very populated area. They also made direct threats against British and Jewish tourists, so we began looking for events near areas that those nationalities visited. We located two churches in the direct vicinity that were holding services where British and Jewish tourists frequented. We collected all of the relevant intel and evidence and forwarded it to the FBI through our government contact. Two days later, we were debriefed that arrests had been made as a result of our intelligence.”

According to the new revelations, DigitaShadow and GhostSec have done much more, the hacktivists helped the authorities to gather evidence used in foiling a terror attack in New York on 4 July. The FBI reported that more than 10 individuals were arrested because they were organizing terrorist plot planned for the Independence Day.

Neither Smith nor the FBI was able to confirm whether the arrests in New York came as a result of information gathered by GhostSec.

Smith did confirm that data shared by the GhostSec were used in counter-terrorism operations in Tunisia, but he didn’t provide information of the arrests in New York.

Emerson Brooking, a research associate at the Council of Foreign Relation, in March explained the importance to fund the efforts of hacktivists in taking down websites and social-media accounts associated with IS and other terrorist organizations.

 “How is it that the US government, capable of coordinating a complex air campaign from nearly 6,000 miles away, remains virtually powerless against the Islamic State’s online messaging and distribution network?” said Brooking. “If the United States is struggling to counter the Islamic State’s dispersed, rapidly regenerative online presence, why not turn to groups native to this digital habitat? Why not embrace the efforts of third-party hackers like Anonymous to dismantle the Islamic State – and even give them the resources to do so?”

In April GhostSec published a list of websites used by the ISIS and expose social media accounts of its members. The members of GhostSec initially leaked a list of 26,000 Twitter accounts that were allegedly linked to the ISIS. The list is available at the URL https://ghostbin.com/paste/ce5jz.

All the websites identified by Anonymous and related social media accounts were used by the ISIS members for propaganda, recruitment and communications.

“To date our operations have met with resounding success,” said a spokesperson for GhostSec. “We have terminated over 57,000 Islamic State social media accounts that were used for recruitment purposes and transmission of threats against life and property.

“Our operatives have also detected numerous terror plots and responded accordingly with federal law enforcement agencies. Defending and preserving freedom begins in cyberspace.”

Pierluigi Paganini

(Security Affairs – ISIS, GhostSec)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

ConnectWise suffered a cyberattack carried out by a sophisticated nation state actor<gwmw style="display:none;"></gwmw><gwmw style="display:none;"></gwmw>

ConnectWise detected suspicious activity linked to a nation-state actor, impacting a small number of its…

2 hours ago

Victoria’s Secret ‘s website offline following a cyberattack

Victoria’s Secret took its website offline after a cyberattack, with experts warning of rising threats…

19 hours ago

China-linked APT41 used Google Calendar as C2 to control its TOUGHPROGRESS malware

Google says China-linked group APT41 controlled malware via Google Calendar to target governments through a…

23 hours ago

New AyySSHush botnet compromised over 9,000 ASUS routers, adding a persistent SSH backdoor.

GreyNoise researchers warn of a new AyySSHush botnet compromised over 9,000 ASUS routers, adding a…

1 day ago

Czech Republic accuses China’s APT31 of a cyberattack on its Foreign Ministry

The Czech government condemned China after linking cyber espionage group APT31 to a cyberattack on…

2 days ago

New PumaBot targets Linux IoT surveillance devices

PumaBot targets Linux IoT devices, using SSH brute-force attacks to steal credentials, spread malware, and…

2 days ago