The Brave New World of InfoSec

By Jeff Bardin

About this Blog:

A seasoned security pro's take on events around the world.

Read Jeff's Bio | See Jeff's Posts

Follow on Twitter

A Gift from the Islamic Faithful Network - Mujahedeen Secrets 2 Program

Posted February 02, 2008 to Identity Management |

. What's this?

A Gift from the Islamic Faithful Network – Mujahedeen Secrets 2 Program (Ø¨Ù€Ø±Ù†Ù€Ø§Ù…Ù€Ø¬ // Ø£Ø³Ù€Ù€Ø±Ø§Ø± Ø§Ù„Ù…Ø¬Ø§Ù‡Ù€Ø¯ÙŠÙ€Ù†) was released this week. The download was easy to find and available on several sites. After a couple hour review (very tentative at that just installing this on one of my machines), I have

come to the once again reinforced decision that the cyber jihad is ongoing and continuous.

The first edition (Ù…Ø²Ø§ÙŠØ§ Ø§Ù„Ø¥ØµØ¯Ø§Ø± Ø§Ù„Ø£ÙˆÙ„) zipped up in a .rar file contained several encryption algorithms (5 including AES 256); 2048-bit encryption keys (RSA), ROM compression (with encryption considerations); encryption and encryption auto-detection; and file shredding capabilities.

The second edition (Ù…Ø²Ø§ÙŠØ§ Ø¬Ø¯ÙŠØ¯Ø© ÙÙŠ Ø§Ù„Ø¥ØµØ¯Ø§Ø± Ø§Ù„Ø«Ø§Ù†ÙŠ), which is also zipped up in a .rar file and was just released last week, contains automatic (instantaneous-instant) message/messaging encryption/authentication and file encryption, as well as code signing and checking (digital signature creation/checking) and file shredding. (The key to open the file is Asrar@_EkLaAs.TsG@[$^/!p@]z-2008). I initially thought the key was auto-generated until I took a closer look at the beginning (Asrar (secrets)) and the end for the date – 2008.)

The actual contents of the file are to the right:

What is very interesting about the suite of encryption tools is just that. The sophistication level has increased covering several encryption methods. The logo for the product is below. Of note is the map in the background that provides locations of their global network. Also of note is the weapon (M16 with a key as the barrel). What is interesting here is that the usual weapon of choice is the AK47, giving one pause as to the author of the suite.

I was able to create keys, encrypt and decrypt files as well as utilize all the features of the toolset. The help screens were detailed, including indexing and search capabilities. What was also of interest was the fact that the tool was in English, although the download information as well as the help files were in Arabic. The key above was also in English.

This toolset provides groups like Al-Qaw-eda methods to securely transmit and wipe their files. Not that they haven’t had such tools in the past, but a second edition toolset demonstrates a software development lifecycle with some level of sophistication and planning. We should not underestimate our enemies. Even though there may be a distinct footprint, take the encrypted file, use steganography that does not use least common bit or expand the size of the image or file and you can hide the package in plain site. What if malware is contained within the encrypted packaged with a significant payload waiting to be triggered by some other event?

A comment from ‘alHambra’ on one of the download sites is as follows:

Mujahedeen Secrets #2 (Encryption Program) has been released today, and i just took a short look at it, but it is really a vast improvement compared to the first version, and seems like a really nice encryption program now. here's post and downloadinfo...

---------------------------------

If it is more in Arabic, does that change anything?

Previous Post: District of Columbia Fires 9 for 231,000 Visits to Porn Sites Next Post: Trojans, Worms and Spam

What is Tech Briefcase?

TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more

Bookmark content

Speed up your research efforts with content across the web.

Search and Store

Find the white papers you need. Create folders for any topic.

View Anywhere

Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.

Don't have an account yet?

View the discussion thread.

WHITE PAPER

Reduce Email Archives up to 60%

Are you considering implementing a proactive archiving and eDiscovery solutions? This paper summarizes 15 separate soft cost savings when implementing Symantec Enterprise Vault and the Clearwell eDiscovery Platform.

» Learn More

WHITE PAPER

Aberdeen Report: To Patch, or Not to Patch? (Not If, But How)

The report explores the correlation between the current use of patch management and the level of endpoint-related risk that companies are effectively accepting.

» Learn More

Browse CSO Blogs

See all CSO Blogs »

Recent Comments

Webcasts

» View All Webcasts

White Papers

» View All White Papers