In July 2007, jihadi forums announced the creation of a new computer program called the Secrets of the Mujahideen, version 1.0. The objective of the program—which was published and distributed by the Global Islamic Media Front (GIMF) through many jihadi websites—is to replace the old and unreliable PGP corporation encryption tools that jihadis had used in the past. Since the release of the program, jihadi websites, especially the GIMF, are instructing their subscribers to communicate using the program’s encryption keys (https://ebnseren.modawanati.com, March 22). Furthermore, al-Qaeda operatives are using Secrets of the Mujahideen in an attempt to avoid U.S. eavesdropping operations against them (https://el-bilad.com, July 6).
Separately, and on the offensive front, jihadi hackers have also invented their own programs to steal data off other computers, part of a larger “Electronic Jihad.” Some of the Islamic hackers’ targets are computers attached to cameras transmitting live videos from intersections and other busy areas. They claim that these videos can be used to case potential targets.
This article will elucidate the documentation of the Secrets of the Mujahideen, in addition to providing information on the ongoing Electronic Jihad.
The Secrets of the Mujahideen
The GIMF claims that the development of the Secrets of the Mujahideen started years ago to replace PGP encryption programs that apparently have multiple security breaches. According to the GIMF, the new program relies on the “highest standards” attained by encryption science, digital communication engineering and source codes developed after studying research published by the best encryption scientists.
According to the program’s documentation, it is the first Islamic software that offers the highest level of 2048-bit asymmetric and 256-bit symmetric encryption. The program combines the highest level of data compression and uses a new technique call the “stealth cipher” that permits the program to change the random encryption algorithm every time a file is encrypted. The program uses five different algorithms. Furthermore, the program explains how encryption keys are managed and how the software creates files.
The Secrets of the Mujahideen’s characteristics include: encryption using the best five algorithms in cryptography, also known as the Advanced Encryption Standard (AES); strong symmetric 256-bit encryption keys; asymmetric 2048-bit encryption keys; Zlib software library used for data compression; stealth cipher technique that uses variant keys and algorithms; cipher auto-detection; file shredder without possible retrieval of deleted files; single file program that does not require setup and can run from a flash card.
Keys Management and Program Options
In cryptography, keys management is the art of inventing secret keys and distributing them to the relevant parties. Keys management must contain security protocols that generate, exchange, store, safeguard and replace old or compromised secret keys to ensure protection of data.
Therefore, keys are the first important element in cryptography. The jihadi program illustratively explains, in-depth, the different stages of public and private key generation. The program generates two types of keys after the user chooses a username and a pass phrase for the two keys. One key is called the public key, which is the one the users exchange in the jihadi forums and use for ciphering, and the second is called the private key, which is used for deciphering. Both keys have the extension “.AkF” (Acrobat Key File). Depending on the strength of the computer’s microprocessor, the program takes 2-5 minutes to generate the two encryption keys. The keys are automatically saved in the main folder and imported to the active database.
Separately, there are a number of other features included with the program, such as:
File Compression: The user can choose the degree of selected file compression prior to data encryption. Users are advised to use high compression in text files and low compression in large audio files because the latter is already compressed. The program has 1,000-fold compression capability for text files.
File Shredder: According to the program, the user can shred files up to 10 times making it impossible to retrieve them with any currently available software.
Ciphering Files Using a Public Key: Once the needed file and recipient user ID are selected, clicking on the “encrypt” button will automatically determine the decryption key for the recipient. Additionally, if the “stealth cipher” is selected, the encryption algorithm is randomly chosen; otherwise, the user can choose from five types of encryption algorithms.
Deciphering Using a Private Key: Once the ciphered file, using a public key with the extension “.enc,” is received, the recipient simply presses decrypt and enters his or her password phrase. Thereafter, the program produces a decrypted file with the extension “.dec.” The software recommends that the pass phrase be between 20-36 characters long.
The GIMF, which designed the Secrets of the Mujahideen, assures forum users that the program is a secure way of communicating over the internet because it uses all globally used symmetric encryption techniques with the distinct feature of stealth encryption using five algorithms. The capability of the file shredder in the program is also essential because the first step security forces take when they confiscate jihadis’ computers is to retrieve and undelete every possible piece of data that might have been on the computers.
After activating the program, the following additional files are created by the program:
AsrarKeys.db: an encrypted database that contains the active keys inserted in the program. This file is created automatically after program activation where the keys are inserted using the “import key” feature from the file manager.
Asrar.ini: this file holds user settings and is created only if the users choose to change the default settings.
Publicxxxxxxxx.akf: holds the public key and privateyyyyyyyy.akf for the private key. Both files are created after generating the “key pair.”
According to the GIMF, the Secrets of the Mujahideen is a high-level encryption tool that outperforms other internationally used symmetric encryption software. Finally, GIMF dedicates the software to global al-Qaeda operations and mentions 11 more Salafi-Jihadi groups operating inside and outside Iraq. The dedication states: “This program is dedicated to all those who stood up and raised the ummah’s head against the demon soldiers, the Jews and crusaders, and their Islam-grudging Shiite allies.”
The Electronic Jihad
On the offensive front, jihadi users are exchanging computer programs that they claim are designed to hack into enemy computer systems to obtain intelligence or inflict economic damage. One such program used for these purposes is al-Mojahid al-Electroni. The program was created by an Islamist nicknamed al-Aqrab al-Aswasd (Black Scorpion), and it appears as “actskn43.ocx” and works on Windows XP and 98 systems. The program, Islamists claim, can take screen shots of hacked computers; steal passwords; record all typed material; and fully control the victim’s files. Furthermore, they claim that the program is undetectable and destroys anti-virus programs.
Another jihadi forum user, nicknamed Qaheer al-Fors, posted a search phrase (intitle:liveapplet inurl:LvAppl) that helps locate many cameras connected to the internet in different countries. Even though these cameras can be easily accessed by ordinary internet users, taking interest in the video feeds and the details of the places they are mounted at is an indication of the mujahideen’s future intentions. Al-Fors says, “by virtue of God, I was able to bring you the codes that you can use to watch some countries in the world through the cameras, those countries mounted to servile people,” but he does not include these codes in his post. It is possible, however, that al-Fors passed these codes through encrypted e-mails using Secrets of the Mujahideen (https://hanein.info, July 20, 2006).
Although al-Fors did not specify the countries where he claims to have hacked into their public cameras, a forum moderator nicknamed al-fedayee (The Commando) posted active links to cameras in Israel. The cameras are for traffic purposes and can be accessed via the links al-Fedayee posted, some of which are cameras mounted in Israel’s Herzliya intersection, Shalom intersection, Holon intersection and eight others (https://hanein.info, July 20). Al-Fedayee says, “Mujahideen, as you do in your jihad against the occupying Zionists, here we are presenting you with this simple gift that was a personal effort to transmit to you live feeds from the Occupied Territories. After hard work, almighty God helped us in penetrating the internal system of the Zionist traffic ministry. We call upon you to take the needed measures and benefit from it because the enemy will soon change the codes of these cameras.” The posting is signed, “Your brother, the son of Aladamia. A gift from the great Iraqi sons to those stationed in the battle fields of Palestine.”
Almost all jihadi websites and forums devote whole sections to computer and internet information. These sections include many different computer programs downloaded from legal websites, cracked and made available for jihadi brothers for free. Certainly, the jihadis concentrate on internet secure communication and hacking programs.
Regardless of the accuracy of the mujahideen’s cyber competence claims, the labeling of internet violations as “jihad” is attracting some Muslim internet users to join the so-called Electronic Jihad. Although few forum users question the ability of this particular Electronic Jihad software, Islamic forum users almost unanimously approve intrusion attempts against Western websites. The perseverance and continuous efforts of Islamic forum members to harm Western internet-based interests could, inevitably, mount to a serious threat in the future.