Share This Post

General / Press Coverage / Wikileaks / WikiSneaks

Time to Speak Up – Part Two

Time to Speak Up – Part Two

“Often the surest way to convey misinformation is to tell the strict truth” – Mark Twain

Skiddie? DDOS? WTF? So I really need to clear up a few things that certain folks aren’t quite grasping regarding XerXes, methods and tactics.

Contrary to popular belief, I do not have C&C of a botnet, by their very nature botnets require the injection in some form or other of malware onto unsuspecting user’s machines in order to gain enough ‘zombies’ to facilitate an attack. Any skiddie can create a botnet at the expense of the resources that don’t belong to them. (For example 4Chan/Anonymous).

XerXeS however, as has been shown numerous times, does not require a botnet, zombie PC’s or other people’s bandwidth in order to successfully pull down a site.

An early beta video of a XerXeS hit can be viewed HERE

A later version of XerXeS against another target can be viewed HERE

So, if as has been suggested, I really am a ‘Skiddie’ here is my question, where can you download XerXeS? I know you can’t download it anywhere because it exists in only 3 places, and all of those places are accessible to me only. Who’s the skiddie here?

What XerXeS is:

  • Denial of Service Attack
  • Surgical
  • Precise
  • Effective
  • Causes NO collateral damage
  • Causes NO long term damage
  • Not limited to Apache Servers Only
  • Never going to be released.


What XerXeS is NOT:

  • Distrubuted Denial of Service Attack
  • Clumsy
  • Cumbersome
  • A Botnet
  • A government sponsored project.


Methodology and Tactics

As you may know I normally target Jihadist sites, but recently turned my attentions to Wikileaks.

So what was I thinking?

Initially, hitting Wikileaks servers hosted by OWNI (France), PRQ (Sweden), and BAHNHOF with ease, had the desired outcome of ‘coralling’ the Wikileaks operation onto a US hosted platform that could resist XerXeS – Amazon EC2.

The WL perceived victory was short-lived as enough pressure was now building both politically and technically (by that I mean service providers were aware that WL was now a prime target and couldn’t risk their own operations by providing services to WL).

As predicted, providers to WL started dropping them – first EveryDNS, then Amazon, then Paypal and Mastercard soon followed. The service providers acted as a force-multiplier, leaving the Wikileaks name nowhere to go except rely on volunteer mirrors.

So the head of the snake is almost cut off. The Wikileaks name is something few people, as far as service providers, will deal with. Their supply chain is being cut off.

So, great they have 2000 voluntary mirrors! By the very nature of volunteers providing ‘mirrors’ causes WL to be highly unstable as they will be up and down and sporadic on a day-by-day basis.

Final note on this:

With regard to hits I pull and hits I don’t. Those of you who know of me will know that I say what I mean and mean what I say:

It works like this: strike-verify-tweet – doesn’t get much simpler eh? And by saying nothing I am also saying something, if you see what I mean.

‘There’s an unequal amount of good and bad in most, the trick is to work out the ratio and act accordingly’

Stay Frosty and Peace out.


Share This Post

Profile photo of JΞSTΞR ✪ ΔCTUAL³³º¹
Proud infidel. Cyber Minuteman ● Listed in TIME Magazine 30 Most Influential People on the Internet ● My laptop is exhibited in the International Spy Museum, DC

Lost Password


SANS REPORT: Jester Dynamic