Share This Post

Featured News / Featured Slider / General / Main Slider / Press Coverage / Wikileaks

In Soviet Russia, We Get Out-Propagandered By A Guy in a Jingly Hat

In Soviet Russia, We Get Out-Propagandered By A Guy in a Jingly Hat

NOTE: This post has multiple updates at the bottom.

So my mom called last night and asked me “How’s things, anything interesting going on with you?” I replied, “Ahh you know nothing much. Plodding along”. She has no idea I even have a blog, and if I told her she wouldn’t have a clue what I was jabbering about anyhow.

Last Friday evening, I decided to give Russia a little gentle prod. Nothing too spectacular,  just a message that all their meddling in US affairs, up to and including their salvos in Cyber against US targets wasn’t going unnoticed. It’s a dirty job, but someones gotta do it.

My ‘message’ came in the form of a simple XSS injection, made possible by a vulnerability in the Russian Ministry of Foreign Affairs website. This flaw allowed me put the following message ‘on their site’ – Screenshot:

.

finalscreengrabCLICK TO ENLARGE

It’s not rocket salad, but it is simple and effective. Let me explain how effective. Now any security researcher who dissects this ‘attack’ will be able to tell you that while it was a valid exploitation of an XSS vulnerability, the target site was in no way damaged or breached. No credentials were stolen or cracked, and nothing was taken from, or put into the back-end database. In effect, no harm, no foul. Because who wants to spend the next 70 years in a Siberian gulag? Not fuckin’ me, that’s who. This was the cyber equivalent of driving by the Rooskie Embassy and flipping them the bird. You know like Mav & Goose so righteously did in Top Gun. I mean Mother Russia should have known this, but clearly they’re awful jumpy. I Don’t know what they’re running over there, but no shit, the paranoia is clearly YUGE. The last time I hacked a Compaq Presario running Kapersky AV, I needed a blowtorch and wood glue.

CNN first covered the incident right here, (and since many other places) where I explained it was a simple XSS injection, and they reported the incident correctly. This was not meant to be an earth-shattering mega-hack. It was a gentle light hearted message, for which I do not apologize.

… that didn’t stop the Russian Government spokesperson for the Ministry of Foreign Affairs from freaking the fuck out, and screeching to Kremlin mouthpiece – Russia Today with the following hilarious statements:

“The website has been hacked, by whom – that’s what experts are trying to figure out.” – Well, that’s not too hard, I already told you. Also “experts are now checking what happened to the website” – well, lemme break it down, nothing ‘happened’ to the website.

I grabbed ‘at-the-time-of-writing screenshots’ for you guys (below) because they have keep updating the original article – trying to backpeddle and minimize the incident after scurrying around trying to work things out, and unscrambling the jets. I guess now we have an idea of the state of their cyber-preparedness, or lack thereof given the weapon-grade meltdown Foreign Ministry Spokesperson Maria Zhakharova displayed to the world. The more you know huh?

.

rttailspinCLICK TO ENLARGE

As you can see from the two versions above,  they’re in somewhat of a tailspin. But at least the Russian propaganda machine finally spun up and kicked in, after it was too late, with “the hack may or may not have happened but if it did happen, or didn’t happen, it didn’t happen on anything important, it was an old defunct site where the hack that may or may not have happened, happened, or not.” – Or fucking something.

The key takeaway here is that Russia, possibly for the first time EVER out-propagandered THEMSELVES and admitted via their OWN national media, that they got ‘dinged’, or more accurately – punk’d in Cyber, by a man in a jingly hat.

In this current climate of all out propaganda wars on the internet between Russia and the US, I’ll be notching that up as a win. In fact, its a win win, as no animals were harmed during the making of this incident.

How do you poke a Russian Bear in the eye? – Gently wave a stick in front of his face until he has no choice but to run into it.

I guess you can equate this whole thing to the Doolittle Raid after Pearl Harbor, where the effect of attack greatly outweighed the damage caused. And beyond that… fuckem if they can’t take a joke.

Peace.

J.

Sidenote: Stunning how many Trump followers have been all up in my grill since this episode. It’s almost like they know something we don’t.

UPDATE 10/23/2016 – It appears they are still trying to get their spin straight. Here’s the latest from ITAR-TASS the Russian News Agency. They seem to be claiming that no hack occurred, BUT if it did occur it was a “a cyber-machine of destruction Biden and McFaul have spoken about”. I know it’s confusing, but trust me when I say nobody is more confused than Russia right now. But either way, I guess I don’t need to pack my fleece for the Siberian Gulag… any time soon. I think it could prove ‘problematic’ even for Mother Russia, to make a case against an individual after they not once, but twice via two national media outlets, stated that the ‘crime’ didn’t happen. But I’ll be keeping a lookout for dudes with Polonium-tipped umbrellas. So I guess I’ll just ‘keep calm and carry on’, because in Soviet Russia… calm keeps YOU.

But hey, who am I to chuckle at the enemy when they pee their pants on the battlefield. It’s some serious shit. Who wouldn’t?

So to recap: “They’re investigating a hack that didn’t happen, but if it did happen it happened on an ‘old’ Foreign Affairs Ministry site, and this hack that didn’t happen was carried out by a ‘US Cyber-Machine of Destruction’. But it didn’t happen and if it did it was on an old site they no longer care about….. so nyah nyah nyahhny nyah.” Here’s a screenshot, just in case they respin it (again).

It’s almost as if Kremlin controlled Russian State media outlets are suddenly engaged in a ‘Propaganda War’…. with themselves. Nyet?

.

itarCLICK TO ENLARGE

If she looks confused, she’s not. She always looks like that. Okay?

UPDATE 10/25/2016

I guess it’s time for me to ‘fess up’ regarding this entire ‘episode’. Before now, I didn’t want to interrupt the enemy while they were making a mistake. You know how it is. My intentions were not to embarrass the Russian Government as outlined above, although it was an unexpected bonus, no doubt about that. Let’s get one thing straight, the Russians are engaging in cyber operations against us, including hacking our infrastructure in order to affect OUR election to get the most pliable person in office whom they can manipulate easily. As I pointed out briefly a few weeks ago here. 17 US intel agencies have already confirmed this fact. You can google that for yourselves.

My end-game for this ‘episode’ was to draw fire from the RUSSIAN  ‘cyber-machine of destruction’ (as they refer to it) in order to collect intel on their latest TTP or for regular people ‘Tools, Techniques and Procedures’. In this regard, things are going pretty well. Here’s the my threat metrics (who’s attacking me and how) for this very blog you are reading over the last 24hr period – between yesterday and today (Monday 24th October and Tuesday 25th October), just 2 days after the Russian Government had their weapons-grade meltdown:

threatmetrics

CLICK TO ENLARGE

Yes that’s almost 14K different attacks on this very site in 24hrs. Look at the top culprit. That’s a lotta fucking chapped ass over something they say didn’t happen.

There’s no point ‘being good a ‘puters’ if you don’t got no strategy game.

Now I have a machine gun too. Ho – Ho – Ho” – Hans Gruber

THIS >>

.


Share This Post

Profile photo of JΞSTΞR ✪ ΔCTUAL³³º¹
Proud infidel. Cyber Minuteman ● Listed in TIME Magazine 30 Most Influential People on the Internet ● My laptop is exhibited in the International Spy Museum, DC

16 Comments

  1. Profile photo of Anthony

    I haven’t gotten a laugh from the belly like your “Knock it Off” comment! Way to go!!!! Keep it up Brother, we need to know you are on the case and we are here for you Bro.

  2. Profile photo of dimka

    I lived with them for 26 long years, and I know that this is one of the few languages they understand – the language of force. Though I don’t think it will stop them. Russian people themselves must stop it, but it’s too late now. Good shot, Jester!

  3. Profile photo of Elliot

    Hi Bro. Good work. One against the russian army of hackers. One note: your “last stand talking” was i little bit stupid in details but nothing wrong. I think you have to wait now brownies with love from russian “fancy bear” that situated in Olgino. Hold on.

  4. Yay Wolverines!

  5. Profile photo of 003percent

    Jolly good show J; been awhile since I had a great laugh! Hopefully they will take the message to heart — the way it was intended.

  6. Profile photo of Sugarcane

    So much good stuff in here….

    – Your mom. Bless her. 😉
    – Ruskie Embassy drive by
    – MFA “freaking the fuck out.” Lol!
    – Backpeddling while unscrambling the jets
    – Outpropagandering themselves – great word!

    Priceless! Bravo!

  7. Cool hack, er, I mean cool in no way harmful to the Russian State, or worthy of any poison tea, exercise in coding. Nice blog too, in that it is funny to read and not over the top Geeky. No offense. Cheers!

  8. Profile photo of sirenshampoo

    Keep up the good work! I’ve certainly had some good laugh. I *might* be becoming a bit of a fangirl.

  9. Profile photo of Liberty Speaks

    not sure why this comment was not showing up, so here ya go..
    In sports there is something known as a “Hat Trick” . Basically it is coined for one individual scoring 3 points, plays, and/or achievements during one game. You get the idea. If you don’t get it, ask @sieve70 about it regarding hockey. I am sure he probably knows about Alex Kaleta and the Haberdash, but I digress. @th3j35t3r what you did yesterday is the cyber equivalent of a “Hat Trick”. I’ll explain in an orderly fashion:

    POINT 1-
    This is a country who has made its a mission to undermine our own cyber capabilities. Russia has been the axis of some of the most damaging hacks to our Nation, and by all accounts, including our own Intel agencies, their own cyber security is top of the line. The irony that it took just one person finding a weakness in one of it’s Government websites to begin with is interesting, however, it is the global shame of the event that is truly priceless.
    POINT 2-
    The message left on the site…. Out-Fricken-Standing! It rang true to a line in a song… “Never drew first, but I drew first blood”. Yes Russia has attacks us on a cyber level, but they would never admit it.. and though not all the facts are in regarding the massive DDOS Atttack, it is clear that Russia has a vested interest in weakening our systems. Whether it be electoral, economic or cultural, they would like nothing better then to kick the US down a notch to a level old Putin can deal with. That being said, the message you placed on that site was a clear shot across the bow saying “DO NOT CONTINUE FUCKING WITH US”. You owned it, and the method was flawless.
    POINT 3-
    The very fact that Russia came out and said anything about the message on the site, or even hinted that they may or may not have been hacked is just as big of a miracle as the 1980 Olympic US Hockey win against the USSR. Trust me, these guys don’t admit shit, but because of a great deal of chutzpah on your part, the media and your following, they really had no choice but to address the issue. Imagine the look on the Kremlin security officials faces trying to explain that someone named “Jester” just sent them a message telling them to “go to their room”. I am sure it was similar to a ten year old right before he gets grounded for getting busted with daddy’s playboys under his bed.

    Its definitely not like hockey, but it was 3 perfect plays in one game. Thus, a Hat Trick.

  10. I’d like to send this to Russia, with love…

    ┌∩┐(◣◢)┌∩┐

  11. Profile photo of JonMeyer

    if i may be so bold to make a comment. I know my opinions probably enflame some people, after my time in the Army I got used to it. here goes. The email leaks and other data leaks did not, repeat DID NOT occur by a foreign actor or FIS but this was internal. Two individuals, patriots really are involved here. One paid with his life, the other is running to keep it. Reports say that one Eric Braverman who has been outed as the mole within the Clinton foundation as asked for asylum at the Russian Consulate in New York. The foundations own CEO exposed this corruption as well as Seth Rich who got double tapped for his effort. Either way you cut the mustard here, the Clinton Foundation is nothing more than a criminal enterprise worthy of Capones jealousy, fleecing the American people and selling our Republic for the love of money and power.

  12. I think alot of ya’all need to take a deep breath, then do a simple goog-search of Sheryl Atkinson (sp?) about news “fakery” which used to be called the “SMEAR”. Maybe some of youse remember that term; the good R guy would get ahead and all of a sudden, the “SMEAR” would come out and the R guy was toast. Like clockwork. FFWD to todays age/time; somehow, Russia is the “SMEAR”, but ask yourselves, as Sheryl Atkinson did, when did that happen and why?
    Many years ago when jester-dude was TD’ng the terrorists, I was fk’ng cheering that shiite (yes, pun intended), as I really have no hack skillz, but can use a computer……….. I think a problem arose when said Jester also assumed some political sidings. Remember your original “mission statement”………….. you re-post it enough, so you should; you know, the thing about all things being equal and whatnot and a certain amount of evil in the world or whatever……….. I would ask you to re-read your mission statement and get back to work against the REAL enemies of the world, not just the US, you know, the enemies of FREEDOM and shit, the ISIS type di$kwads……….those guys??

    You know…………… like NOT the incoming President of the US. Your welcome.

  13. I wanted to edit my last post to add in this little tidbit…………….. there are way more of these tidbits, but you know that:
    http://www.zerohedge.com/news/2017-01-01/if-there-really-was-evidence-russian-hacking-nsa-would-have-it

  14. I’m hearing #crickets here……………………

  15. And now with the Vault-7 thingy, I think those with functioning brains can (Or at least, should) say the entire “Russian hacking” narrative was BS

Leave a Reply

Lost Password

Register

SANS REPORT: Jester Dynamic