Did Someone Make a Fake ISIS Site to Install Adware?

As a strategy to continue publishing exclusive breaking news on this blog, I have been surfing the “Darknet,” a corner of the Internet browsable by The Onion Router, a transnational network of intertwined proxy servers that makes the user virtually untraceable. The result, not surprisingly, is that Tor – which deliberately uses a grammatically incorrect acronym to expose people who might profess expertise but write “TOR” – is quite popular with drug dealers, terrorists, arms traffickers, pedophiles, fake ID sellers, money launderers…and law-abiding folks who simply do not wish to be tracked.

This reporter, with perhaps some naïveté, had hopes that within a few clicks I would have a wealth of unreported Daesh material. Indeed, they had a prominent Darknet website until last November, when Anonymous took it down and replaced it with an advertisement for Prozac. Daesh also had a website to collect donations, which is also down, presumably by the handiwork of Anonymous.

However, I was not finding much luck in discovering any font of information. In fact, I saw postings of others asking about Daesh, with a user noting that ever since the Paris attacks people are constantly asking.

Ironically, so far I have had more success finding terrorist websites on the regular Internet, like this Daesh tumblr account and pro-Daesh message board, both covered yesterday, or this official Taliban website. Daesh also had its own official Google+ page until recently, when an inquiry by Thought Front led to Google removing it.

Imagine, then, my momentary excitement when I finally discovered an Islamic State Tor page at agjz2pjpagqsm2cg.onion/index.htm (.onion urls generally are random strings of characters):


I figured I hit the jackpot. That is, until I started clicking the links in the menu. Of particular concern was that I quickly came upon a page encouraging me to download something:


Thanks to Google Translate, I learned that these links were purporting to give information on Kalashnikov rifles. However, clicking the “Video” link led me to a Darknet page for a website that was caught impersonating another page, and somehow had been infiltrated by the original:


The other download link did not work at all.

I tried another page on the navigation menu, this time for links claiming to share information on bombs. Yet again, it required downloads:


Clicking “Download 1” directed me to a file hosting website called 00-up.com:


When I clicked on the page, another browser tab popped up advertising a service called Reimage Repair, a program allegedly designed to scan and protect your PC, but which based on reviews is more like a program that inserts ads into your Internet browsing and might be doing other sinister things:


Another time I clicked and a tab opened informing me that I was the lucky visitor of the day. I doubted such luck and suspect it had its own sinister intentions.

I was still exceptionally tempted to do the download, although Google warned me against doing so.

Clicking “Download 2” actually took me to this pdf guide from Daesh advising how to smuggle bombs, readily available on the regular Internet.

I clicked on another link, and received a block of text:


Thanks to Google Translate I discovered it was rather generic advice on how to wage war in the Sahara Desert. Juicy, right? Well, the thing was I found the same block of text on multiple Internet message boards.

My conclusion? I think someone set up a fake Daesh website, peppered with a few things the person found on the Internet to make it seem legit, only to trick people into downloading malware.

Truly, this is shameful that someone would try to prey upon unwitting would-be ISIS supporters, betraying their trust by taking advantage of their curiosity in terrorism. (Or maybe not so shameful.)

And now it is back to the proverbial drawing board for me to find exclusive news.

Meanwhile, ISIS might want to get ahold of their lawyers.