‘The quieter you are the more you can hear.’ – Backtrack Strapline.
Interesting 36 hours. Firstly, for my supporters, sorry for the delay, sometimes, as we have seen before with me, I choose to wait and watch the field before I react to the more bizzaro events. For those who don’t already know, apparently *I* have been ‘hacked’ including *my* social networking and bank accounts. These claims are incorrect. I will, however admit that a rather nice ‘sideways hack’ was deployed against my twitter. Aside from that no breaches or relevant information, ‘personal’ or otherwise has come out of this episode and my position remains uncompromised.
All is well in JesterLand and here’s why……
The email account hacked was abandoned and sanitized 2 years ago and is one of many that are out there. They exist for a reason. Historical is credible. None contain anything of value. The accounts subsequently ‘hacked’ through information found within are not *my* accounts – they are accounts, information and disinformation of the persona, not the person. They are rigged to have service messages from decoy accounts and services delivered to them long after abandonment. Does anyone actually think I would be stupid enough to leave or allow a single shred of relevant real-world information, even in ‘conversation’ that pertained to the actual me?
When a person decides to go down the road I travel, I can tell you a lot of time is spent before and during ops (sometimes more than anything else) in the laying down of info and disinfo over a long period of time as we have seen, that email account like many still out there has been sitting there, just waiting to be violated. It took 2 years for it to happen with this one and any information in the 2700 emails that it has received in that period is of no consequence. But I hope much time is spent laboring on over-analyzing every detail, chasing down every rabbit-hole.
Teaser: there are at least 14 more of this type of account sitting around. Some spell ‘jester’ differently than others. So there’s plenty more rabbit holes to explore.
Something I spent yesterday doing was to access each and every abandoned account still out there and look at the persistent cookies these services send to the users browser. Project Looking Glass is now updated to enumerate these cookies, telling me if a target has been involved in this latest attempt.
Sometimes folks make things really much easier, here’s just a few of the failed doxing attempts we have seen, some more than others. (thanks to ‘_St0rm‘ who posted this pastebin a while back http://pastebin.com/vykQ70Ba)
To date I have been incorrectly identified as: John Willander, Ryan Berg, Robin Jackson, Robin Sage, Anthony Freed, Beau Colvin, Tom Ryan, Jake ??????, Tom Ledoux, Ed Williams, Joseph Black, Mark Walker, Zack Knight, Andrew Bay, Don Eijndhoven, Stephen Stone, Hugh De Luc, Paul Smecker, Matthew Mullenweg, Casey Gardiner, Christopher Barnes, Eric Kabisch …..
That’s no less than 22 fails. I have many times, stepped in to defend the real non-decoy people within this list that my enemies have decided are me, and I really hope these poor folks either never hear of who they have been accused of being or shake it off in their stride.
Now about the twitter ‘takeover’.
I have to say that was clever. Even though my account wasn’t actually breached per se. The folks behind this latest attempt found an auto-RSS/Email to tweet script that uses the Twitter API and worked out a way to post to my account without actually having any physical access. Kudos.
Okay folks, I have to go floss. Its been almost as interesting as last time we had a bizzaro event. To those that support me and even to those that don’t my closing message is the same:
There’s an equal amount of good and bad in most things. The trick is to figure out the ratio and act accordingly.
Lots of love from….
John Willander (and)……..
Ryan Berg (and)……..
Robin Jackson (and)……..
Robin Sage (and)……..
Anthony Freed (and)……..
Beau Colvin (and)……..
Tom Ryan (and)……..
Jake ?????? (and)……..
Tom Ledoux (and)……..
Ed Williams (and)……..
Joseph Black (and)……..
Mark Walker (and)……..
Zack Knight (and)……..
Andrew Bay (and)……..
Don Eijndhoven (and)……..
Stephen Stone (and)……..
Hugh De Luc (and)……..
Paul Smecker (and)……..
Matthew Mullenweg (and)……..
Casey Gardiner (and)……..
Christopher Barnes (and)……..
Did I miss anyone? Oh yes… Elvis (Presley).
……..Is this getting boring yet?
Here’s a 3rd party view on your ‘hack’ of the 2 years ago abandoned email account.
As we all know, this whole thing has been the work of the usual suspects, namely @asherahresearch (aka J.Emick), ReaperSec led by @cryptkper a newcomer and a few others. Those are the same core of folks who have spent the majority of their time over the last few months/years accusing all manner of people of being me, if you look you can see this for yourselves, while basing it on the most sporadic of circumstantial evidence (see above, more than one of those names has ‘absolutely’ been me from their very mouths). After realizing the futility of that, they decided the next best option (Cyberwar 101) would be to attempt to discredit everything I say and everything I do by insisting it is all fraud. Awesome. You should read some of it, it’s amusing even for me.
Well @asherahresearchÂ ‘and company’ are yet again convinced she has me, I know it is Wile E. Coyote all over again huh? So I have a few quick questions to ask:
- How do you suppose that I might know that the chatlog of the whole abandoned and sanitized email account ‘hack’ was staged? The fact that I was aware of the incident days before, and so were you guys. You wanted it to appear like ‘wise’ guy just strolled in and gave you all this stuff. – really?? Laughable. Read the logs that you posted for yourself then read them again here.
- See fig 1.0 below
- Now considering you have spent a large portion of your time trying to tell the world all my ops are fake or fabricated, don’t exist or otherwise fucking bullshit, I would draw the conclusion that I have committed, therefore …. no crimes. So why would Law Enforcement give a shit, especially given the amount of fail doxes you and your merry men have been responsible for historically. (see above)
Finally, and really it’s what it all boils down to, you guys are running round saying you have me, now my cards are on the table. Let’s see what you got. This is the outcome, the way I see it. (in order of NON-preference).
- You got me, and all the terrorist sites I (didn’t hit according to you) rain down a Fatwah on me and I get assassinated pretty quickly. Preferably recorded and posted on Youtube, just so we can be sure it happened.
- You got me, and the Law Enforcement Agencies that have been hunting me for my crimes (I didn’t commit according to you) give you the Congressional Medal of Honor and I go to prison for a long time, with those same terrorists who’s sites (I didn’t hit) according to you.
- Some poor guy gets some Pizza he didn’t order, because you failed (again).
What are you trying to achieve here? Fame? Notoriety?Â What are your reasons here? Jealousy? Butthurt? And more importantly, Why are you so consumed over a person you claim is a skid, a clown, and an attention seeker, seems dumb, doncha think. I don’t think you even know yourself.
Stay frosty. Peace.
PS: for those worried about @crystalmcraven, saying I left her to burn etc. Firstly yes the whole conversation was disinfo, secondly I didn’t hack my own abandoned email account and I didn’t dox her or persecute her. Thirdly you really think any of the shit in that email box is real?? Clue is in the name – ‘Crystal Meth Cravin’??? – (she’s gonna be just fine) – keep up trolls. Everything for a reason eh? And thats been sitting there over 2 years.
I always try to be fairly clear on this blog, well as clear as I can be. But with all the anti-research going on it’s kinda hard to understand why not one person noticed her account was created during Shawn Moyer’s DEFCON talk on Sock Puppets??Â Except – Tom
I have been keeping one eye on some of the theories being put out there regarding one CrystalMCraven. Because of some of the BS conspiracies that are circulating, I am going to put down exactly what happened before this gets out of hand. I am afraid the actual sequence of events is far less exciting and laden with drama than the conjecture and assumptions being put forth by some.
Something to realize is I get attempts to Social Engineer me all the time, especially ‘female’ ones. I don’t always react but every now and then I do when it serves purpose.Â It would have been absurd for me to believe a model formerly in 82nd Airborne was gonna find my Jester profile picture cute?? Instant alarm bells.
I have opted for using a graphical timeline representation for simplicity’s sake – so even @asherahresearch and Co can hopefully understand. Click here for larger version.
Sometime well after I sanitized and left off that old account, it appears the SE attempt was picked up again, looks to be right about after Wikileaks.Â Truth is, I hadn’t checked that account in so long, I didn’t know that email was there.Â Even so, that wasn’t me in the chat logs rushing to grab real world Crystals and harass them.Â That nasty bit of business began with Jennifer Emick, see line 392 of this log between ReaperSec and @asherahresearch as they talked amongst themselves as the abandoned account was being hit.
My ‘Meth joke’ was a dig at whomever originated the SE attempt, not at any actual person named Crystal M Craven, and certainly not aimed at the woman on twitter the SE attempt portrayed, who is now being harassed by Anonymous. I’ve never had contact with the actual Crystal M Craven, and until she began responding to the people who spread her personal information all over, I assumed her twitter was a sock account.
So that’s it. No collusions, no feeding her to the wolves. No identity theft. Just another bad femme-fatale Social Engineer attempt against me over 2 years ago using a random real-world person that they thought would appeal to me. And a real world person who was unfairly attacked by others.
So @asherahresearch and ReaperSec hacked a long abandoned decoy email account and a lot of folks put 2+2 together and got 9, causing everyone who wants a piece of me to target the one of the 120 people named CrystalMCraven in the United States who follows me on twitter.
I hope you can all leave the real woman alone now. But I see she is handling herself nicely.
To the real CrystalMCraven on Twitter: I apologize for not contacting you. I hope you understand, I did not think your twitter account was tied to a real person. Unfortunately, at this time, I do not know who originated impersonating you. I regret you were dragged into these attacks on me.