Date: Wed, 18 Jul 2012 09:16:29 -0400
From: Abdikarim Roble <ahroble@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: [Anonymous/iWot] Somaleaks !!!

After years of offensive hacking against many companies, governments,
etc, we [Anonymous], decided to share data related to an internal
confidential project from multiple l33t hackers worldwide. We called
that "iWot", meaning "Internet War On Terror".

Though we will never forget what happened with Megaupload, Pirate Bay,
Sopa, friends, etc, our sub-branch of the Anonymous was created with
trusted hackers, to follow a specific goal. This email will be the
first from us. Thanks to spread our words.

We officially declare War on Terror. This is a call for actions of
monitoring and/or destruction of companies and institutions that do
work with terrorists, rogue countries, etc.

We already broke the security of multiple networks on earth. Each time
we will be able to control them, and to steal data, we will then
publish our documents on the net, or share them directly to people
involved with Newspapers, Justice, etc, worldwide. Some documents,
about some banks working with rogue countries, were already shared to
some email addresses. And we are quite happy to see that the truth is
on its way.. sometimes..

As some of us already explained, we are not a terrorist organization.
It's just that we are fed-up with the fact that our society is loosing
time. So we just decided to speed-up actions against terrorists and
their friends. We will first try to eradicate the sources of terrorist
financing. It is not possible to know at this time the precise scope
or the duration of our actions to counter terrorist threats linked to
Internet.

Today, as a proof of concept, we will share information about a really
evil bank, hiding ugly activities with terrorists. It's called
"Dahabshiil", an international funds transfer company. Their networks
have been broken by different hackers teams for many years. And it's
time for us to share information here in this mail.

Thanks to Wikileaks, secret documents related to Guantanamo detainees
publicly explained part of the truth about Dahabshiil. A veteran
extremist and a probable associate of Usama Bin Laden, provided direct
financial support to Al-Qaeda, Al-Wafa and other terrorist and
terrorist support entities through the Somalia-based company
Dahabshiil. This bank is currently helping Al-Qaeda, including members
of Al-Shabaab.

Despite the fact that the CEO of Dahabshiil tried to get rid of some
people, and sometimes people from its own family, this will not be
enough for us. We have stolen many many many documents from
Dahabshiil. We have destroyed many workstations in Australia, Kenya,
USA, UK, Sweden, Somalia, Dubai, Djibouti, etc. We can transfer money
from accounts to accounts, despite the stupid security with tokens,
passwords, etc. We have modified Windows kernel on many servers and
workstations. We have added different kind of cyber-bombs hidden on
many workstations and servers. We have powned switches, routers,
firewalls, satellite stuff from Telco, etc.

As Dahabshiil members might think we are lying, we have to share data.
Feel free to download and copy the data before everything get
destroyed, as it's totally illegal. And now, if Dahabshiil members
were unable to understand why the network sometimes crashed, the
computers sometimes died, data from internal servers sometimes died,
etc, do not search. It was just our actions against you, with people
from our team. As an example, we recently destroyed data on the
internal LAN in Somaliland, from the Dahabshiil Headquarters
(Hargeisa, etc). That's why you guys, lost Gigs of internal sensitive
data on main servers like \\Dahabshiil7, \\Dahabshiil6...

Pictures:
https://plus.google.com/photos/113658519262476278700/albums/5766494975077833809

Sample of bank accounts (SQL export):
http://dahabshiil.hopto.org/Somaleaks/Rsa.Banking.dbo.CLIENTS_sample.txt

Backup of data (speed-up, gather everything and share it online
(pastebin, etc) before it's deleted):
http://dahabshiil.hopto.org/Somaleaks/

By the way, we also found out that many employees were looking at
facebook stuff, personal email, and tons of incredible hardcore porn
web sites especially in countries from the Arabian Peninsula, and from
the bank (not at home). Also, the password of the account
Administrator of the internal LAN in Somaliland, was mainly
"Dahab1234". Awesome. This is how they protect data of their
customers. Quite a serious bank. As we have remote 0days against some
of their tools, we easily took the control of any workstations there.
Then we bounced and bounced, in order to explore this bank. Hopefully,
we were a huge number of hackers at the same time, and during months,
which helped at stealing sensitive data, spying on end-users and
banking transactions, etc. After months and months of fun against
these guys who support Terror on earth, we just decided that it was
time to destroy them.

This was just the beginning... and just a proof. So from now, dear
Dahabshiil members and customers, you can expect a global internal
destruction in less than 2 months. You can keep on asking external
consultants, even in Europe, about how to install Antivirus,
Firewalls, NAC, IPS, Waf, etc. But we will still destroy your
networks, steal your data, and sometimes share internal stuff to the
public. This is called a sabotage... We had first to be sure that you
could not get rid of our offensive tools. That's why we used two
layers of tools. Skilled stuff (with kernel 0dd modifications, etc),
and easy tricks (to annoy and to play with your network/data). Now
it's ready. The bombs will kill your networks and your data in less
than 2 months. You can also backup the poor data that you still have,
but we also infected random Office/PDF documents left, so you'll just
backup some of our bombs, and your network will still die.

If you want us to immediately stop this cyber-sabotage, it's quite
easy. We just ask you to stop lying, to recognize your help with
Somalia terror, and to officially change your behavior. We need a
public message from you, as a proof. As you might have seen, public
excuses of far more bigger banks than Dahabshiil, were done recently,
from people who worked with rogue countries, etc. So, we just ask you
to do do the same and to change. We will monitor you, as we already
made these years. You have 2 months. Maximum. If we see that you are
still asking for help against us, to your supposed-to-be IT Security
consultants (UK, etc), or if we see that you are trying to clean our
stuff in your kernels, etc, we will then launch the cyber-bombs before
the 2 months. You don't have the choice. You have to submit. You have
to leave this world of hate, this world of slaughters, this world of
killers, and to leave terrorists behind you.

Of course you needed money. Of course most of your employees/customers
are not terrorists. Of course most of your employees/customers didn't
know your links with Terror. Of course someone else would have done
this in your place. Of course our offensive actions are totally
illegal (like yours when you support Terror). But according to us,
these reasons are not good reasons. The countdown is already running.
It's too late. You have the choice between living, or dying with
honors in the family of people who helped terrorists. You will be our
first public example of cyber-destruction, as others already changed
their minds. Be smart. Choose life.

And now a message to Dahabshiil customers: if you have money in this
bank, if you are a customer of this bank, if you use this bank to
transfer money from a country to another, and even if you are not a
terrorist, we will let you less than 2 months before we either publish
your personal information (passport, ID card, postal address, phone,
email, etc), or we destroy your account by moving your money
elsewhere, which will not be complex. As an example, we already shared
this kind of information, as a proof of capability. Less than 2
months. After that, don't cry if you lost your money at Dahabshiil,
even if they told your that everything was under control (lulz), that
they were able to clean their systems (lulz), etc. So, just take your
money out of Dahabshiil now (!), and leave them behind you, before the
destruction of this unofficial financial support for terrorists. First
casualty of war is innocence. Be smart. Choose life.

And now a message to people in the same situation than Dahabshiil: If
you are working with terrorists, if you are helping them, if you are
linked to them, we will find you, and you will also be destroyed by
our cyber-team, sooner or later. There is no place for you on earth.
No place for you on Internet. No place for hate. Make love. Make kids.
Be smart. Choose life.

We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us.

Anon iWot Team (Internet War On Terror)

Bonus: This is really sad to see that some companies helped Dahabshiil
after our intrusions (sometimes from Europe, etc). We won't reveal the
names of these IT Security workers, cause we understood that they just
wanted to make money. But, as a last advice for them and their family,
thanks to think twice the next time you will help Dahabshiil and
terrorists. You are helping people who helped Al-Qaeda, like many
other unscrupulous Islamic banks that helped at laundering kind of
donations. We know you. You are not anon anymore. *We are Anonymous.*

Credits: though we will hide the identity of the people who helped us,
we will at least share our thanks to their organizations, for those
who accepted it. So, many many thanks to people from Iomart (!), from
Vizada and from Somtel. Some of them accepted to share technical stuff
(passwords, remote access, etc) as they do follow our spirit and our
values against Terror. *We are legion.*

Contacts: no need to answer to this email address, as it's not ours.
If you want to meet us, as always we'll be at Defcon soon, and we hope
that there will be a special prize for Dahabshiil, though it's a bit
late to propose them to the Powney Awards. We do believe that being an
international bank, with really lame security, fake official answers,
and real links with terrorists to kill people in Africa, Europe or
America (Al-Qaeda), should bring them to a special prize. They deserve
it. *We do not forget.*

Future: if you want to participate, just share your thoughts or ideas
of targets on Internet with the official related proofs showing links
with terrorists. Like any skilled hackers, we can have remote access
anywhere on earth (gov, telco, comp, etc) as the current IT Security
community is just selling dreams and fake products. If you like our
values, thanks to support Anonymous iWot (internet War on terror) and
put tags like #anoniwot2012 so that we can find your list of targets,
your messages, your help, your ideas, etc. You cannot contact us
directly, so, please shout enough so that we can hear you. You can
just share message to our teams on public spaces, and we'll read them.
Before that, if you enjoyed our specific actions against terrorists in
Somalia, thanks to really show your support about this Somaleaks
operation, with the tag #somaleaks and just wait, as many other places
might burn sooner or later. *Expect us.*

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists