We Talked to a Hacker Who’s Taking on the ISIS Fanboy Army

Hackers just released thousands of ISIS supporters’ Twitter handles.

ISIS hacker army

If you’re one of the thousands of keyboard cowboys around the world who’s been gleefully tweeting out your fanboy love for the Islamic State — likely while remaining as far as possible from the killing fields of Raqqa and Mosul — you just got pwned, bro.

Earlier this week, a Twitter user going by the handle We Are All Gods published a list of “tens of thousands of POTENTIAL #ISIS accounts” in a massive data dump.

” tml-render-layout=”inline

Maybe too massive. According to Aymenn Jawad al-Tamimi, a research fellow at the Middle East Forum and an expert in the Islamic State’s use of social media, many of the websites included on the list are “Islamist or jihadist in some way” although not necessarily ISIS—and some condemn ISIS outright. Meanwhile, certain other prominent ISIS sites aren’t included at all, including the Amaq News Agency, which he says is literally run by the Islamic State.

As for the Twitter handles, al-Tamimi examined a random sample and confirmed that many were bona fide IS supporters—or #daeshbags, as their opponents like to call them—while a few appeared to be misidentified.

The poster of the data acknowledged as much in a disclaimer, noting that the list is “unfiltered” and includes many “innocent accounts who do not support those filth,” alongside many more belonging to Islamic State supporters. In other words, the list is kind of a mess, a pile of accounts collected by an army of anonymous #OpISIS volunteers, and anyone eager to start trolling, harassing or hacking the named accounts—by no means do we advocate doing so—is advised to take a minute to make sure the accused are true supporters of the Islamic State and not innocent web users who mistakenly got ensnared by a rogue algorithm.

That said, given Da’esh’s impressive propaganda efforts, and the apparent reluctance of government intelligence agencies and platforms like Twitter to go after them more aggressively, it’s no surprise that various freelancers might decide to take matters into their own hands.

We reached out to We Are All Gods on Twitter to find out more.

How did you get involved in hacking ISIS?
I used to follow the Anonymous movement for many years. I watched from the sidelines and got encouraged by their chilling videos and strong will to fight those who oppress. I began to follow Anonymous members and watched as they published bits of information about their progress and actions for #OpISIS. I noticed a lot of stuff could be done a bit more efficiently and more automated.

For example, I saw a lot of people posting links to ISIS account lists in username format. The main problem with this is that if they change their username, these links no longer work. So I wrote a tool that bulk converts a list of usernames to ID format. I also realized that a lot of the lists were outdated—suspended, deactivated, or renamed. So I wrote another tool that connects to their pages using the URLs and checks if they exist. If they do then it keeps them. If they don’t then it tosses the links away. In addition it grabs their number of followers, which lets us target accounts that have greater influence and are of more importance.

That gives us more time to actually focus on analyzing intelligence as opposed to using up time organizing everything by hand. Recently I created a bot that posts ISIS targets for people to report, as well as random memes for some lulz and the sort.

Where did the list come from?
This was just a quick teaser I put together from information people have sent me, usually asking me to clean up their lists for them or just because they know I have tools and a bot available suited for this type of information.

We have other, more accurate and reliable, ways of acquiring ISIS accounts. Which we are currently working on building. When we find sensitive information, we dig deeper and report to the proper authorities once we find credible information, such as guides on kidnapping, building bombs, creating ricin, and all these horrible tutorials.

We have a bigger database of confirmed websites, accounts, pastes, hashtags, and other information we are currently working hard on. That is not planned to be publicized yet, as it’s more sensitive.

Are you part of Anonymous or another hacker collective?
Generally, I like to do my own thing. Usually I have a few people I exchange information with and collaborate with, but I am not officially a part of any group. However, I do consider myself a part of the Anon family because I believe in the movement and the ideas behind it.

What is your goal in disseminating this information?
I want everyone to realize how much ISIS filth is on our internet. Tens of thousands of ISIS on Twitter alone—spreading their propaganda, recruiting, planning and threatening lives—is no joke. Big companies like Twitter, Facebook, Cloudflare, etc., have done little to nothing to combat this. It’s sickening and outrageous. There needs to be more pressure placed on these companies… it’s not okay.

Do you worry the list could be misused?
Anything can be misused. However I do not see anyone doing so. The hunters who are dedicated to this op are better than that. Those who are willing to use this list to target ISIS will not go around targeting those who have no affiliation purposely. I don’t see that happening but anything is possible.

Seems like you’ve got some accounts on this list that don’t necessarily belong.
It’s not an easy task to identify who is “good” and who is “bad,” especially when there is a language barrier. So I do not put blame on anyone for involving non-ISIS targets in these lists. This is why there is a disclaimer. Multiple people going through these lists and filtering them out is more manageable than one person trying to tackle tens of thousands alone. It’s realistically not possible. How we find accounts is that we find large media hubs for ISIS and scrape their followers list and branch off from there. We don’t randomly go finding small fish. It’s not efficient that way. 

But like I said, they’re not meant to be confirmed accounts. It’s raw data dumps that need filtering and I merely did some house cleaning on it, compiled it all in one location, sorted it, etc., and provided it to the public. 

Do you fear that you are exposing yourself some risk in taking these guys on?
I’m not exposed to ISIS. They’ve sent me death threats and gruesome images such as beheadings, saying I’m next and blah blah. I take proper precautions to ensure that my account and identity is secure. All they can do is talk nonsense and block.

What can you tell me about yourself?
I’m not comfortable sharing any personal information. I’ll just say that I’m a young soul who wants to help change the world…in any way, shape, or form in which I’m capable of. I have an extremely busy schedule outside of the Internet, but I’m constantly on here every chance I get. I wake up and fall asleep checking my Twitter. And in between that I’m dealing with real life and whatever I can do to help out with #OpISIS

Thanks for speaking with us. 
No worries, cheers mate. 

Mentioned in this article: