(Information on the Wikileaks attack and Jester’s house being raided can be found here – https://cyberarms.wordpress.com/2010/12/01/the-jester-raided-and-equipment-seized-after-wikileaks-dos-attack/)
The infamous Jester released a video today of his DDoS program called XerXes. The video can be found on the infosecisland blog. This is a very interesting if not somewhat controversial story. The Jester has written his own utility to bring down websites.
His targets? Taliban recruiting websites. Yes, The Jester is a cyber vigilante. His mission is to hinder terrorist communications by tying up recruiting web servers. His attacks just take down the target website and provides no collateral damage. When he halts the attack, the website appears to return to its normal operation. This attack shows why protecting internet sites is so difficult. This is not an off the shelf virus, or botnet. This is a hand coded program.
This type of attack is very hard to defend against because anti-virus programs do not recognize them and firewalls do not block them. They are the equivalent of an operating system Zero day attack.
The program interface looks interesting; it appears from the video that the attack is using a group of several servers. This could be how he increases the traffic to bog down the target server or to hide his tracks. And finally, the piece de la resistance, the program sends a tweet to the target server when done. Nice.
Some would say that legally what he is doing is wrong and he is a criminal. Some would say that he hinders the Taliban from training kids to blow up innocent people, so he is a hero. What do you think?