This is a story about a hacker who no one particularly cares about getting pwned in an incident which no one could give a damn about, which is why I’m going to devote the next three hours of my life to recounting it in forensic detail.
Bear with me however, cos along the way we’re going to enjoy some mega-lulz and delicious caek as we revel in the über-pwnage and make A BIG FUCKING DEAL about an incident that really isn’t A BIG FUCKING DEAL whatsoever. This is the internet however, where everything seems like A BIG FUCKING DEAL, at least until you step away from the keyboard and get on with the rest of your day, blissfully unaffected by the events that moments earlier had seemed like such A BIG FUCKING DEAL.
In spite of what anyone might tell you to the contrary, the internet is still srs bsns, a place where people are doxed, hacked, trolled and pwned on a daily basis. Today it was Th3j35t3r’s turn, and in keeping with the conventions of the internet, it is only right that we should laugh heartily at his expense. Tomorrow it could be my mail spools that are being feasted upon; that being the case, I trust you will do the right thing and laugh just as hard.
Those of you who are already familiar with Th3j35t3r’s story may wish to skip the next 2,000 words (in spite of their awesomeness) and cut to the action-packed finale. That’s the part where our hero/villain is transformed from a l337 hacktivist for good/bad (<< delete according to personal preference) into an unhappily married sleaze merchant who dispatches bumbling love-letters from his floral-themed Hotmail account.
If it’s any consolation, J35t3r, my old Hotmail account probably contains even more embarrassing garbage. In mitigation however, that was circa 1999 when I was going through my awkward furry phase. What’s your excuse, bro?
Once upon a time in a faraway place called the internet…
Being a Jester ain’t no joke. Sure, you’ve got a lulzy name to bandy about and are the preferred entertainer of mediaeval monarchs, but for the most part, playing Jester is no cause for jest.
Take ‘The Jester’ for example, the internet’s self-styled Patriot Hacker. (I can’t be arsed typing out those stupid numb3r5 every time I write J35t3r.) What’s not to love about this self-styled ‘hacktivist for good’ who specialises in downing jihad websites, outing hacktivists for bad and saving the world before bedtime?
He’s an army veteran. He’s a cyber hero. He’s the internet’s avenging angel, unleashed into the digital domain to rid the world of extremist websites whose very existence threatens our own.
Unless you’re a filthy jihadist or – worse still – a Wikileaks supporter, how could you possibly object to this crepuscular cult figure?
If you’ve never heard of Jester before, and are unfamiliar with his methods, this article may seem about as entertaining as a DoS attack – which, for the record, is pretty fucking dull. Even if you’ve zero interest in hacker wars and computer geekery however, you may wish to persevere, because things get leg-drippingly juicy later on. That’s when we get to the audacious blackmail plot – allegedly hatched by Jester – to hoodwink his enemies into handing over $100,000 in untraceable currency before disappearing into the night with his ill-gotten gains. And then there’s today’s ROFL-icious trollolathon to savour, in which our protagonist has eight of his personal accounts hijacked and their contents scattered across the web purely to keep the proles entertained on a drab Monday morning. Jester made the supreme sacrifice today so that we could all forgo work in favour of laughing our asses off. Anonymous haven’t lolled this hard since the FBI’s conference call was intercepted – or possibly even since Aaron Barr got spectacularly trolled by LulzSec.
Minimise that spreadsheet, defer that urgent report and follow along as I recount a tale of deception and subterfuge that will challenge everything you thought you knew about The Jester – even if you previously knew nothing at all.
Confused? Don’t be – not yet, anyway. The mind-fuckery comes later. First though, let’s get to grips with our elusive quarry. Who is he? What does he want? And does he really warrant an Ed Uncovered blog so long as to make longcat look like a short-assed feline?
As they used to say in the Pantene ads (around the time I stopped watching TV), ‘Concentrate, cos here comes the science…’
Denial of What?
Since materialising on Twitter three years ago, our enigmatic exponent has been a man on a mission. His goal? To cripple jihad recruiting websites with the aid of his proprietary Xerxes Denial of Service tool. His modus operandi goes something like this:
Step 1: Target Offending Website
Step 2: Fire Lazors!
Step 3: Tweet ‘TANGO DOWN’
Step 4: ???
Step 5: Profit
For the uninitiated, DoSing a website overwhelms it with traffic requests, causing it to be temporarily knocked offline – with an emphasis on the ‘temporarily’. The moment you call off the hounds, the site recovers and normal service is resumed. To put it more memorably, Denial of Service is like trying to keep fucking a woman after you’ve shot your load deep inside her: you might sate her lust for a few more strokes, but pretty soon you’re gonna have to stop for a cigarette and a babywipe.
Depending on your outlook, DoSing the bad guys is either brave and laudable or stupid and pointless. Either way, it’s hardly the stuff that major lulz and epic wins are made of. DoS may be pretty fucking dull, though it’s not so dull as to prevent our Patriot Hacker from making it his stock in trade. The truth is, Jester’s name is something of a misnomer; he’s not here to make you laugh – he’s here to DoS your shitty extremist website into oblivion, because that’s just how he rolls.
So what’s the deal with this Jester fag?
As you may have gathered by now, The Jester is a polarising figure. If you were to meet the man in real life (and we’re going to assume he’s a man, for there are no girls on the internet), you would feel compelled to either buy him a pint or blow him to kingdom come using the pound of Semtex strapped to your waist. As it is, you’re unlikely to bump into our mysterious quarry, and even if you did, you wouldn’t know it. On the web, he is The Jester – sorry, Th3J35t3r – patriot hacker extraordinaire. In real life? No one knows. The Jester could be sitting next to you right now and you wouldn’t even be aware of it. He could be me; he could be your mum; he could be Ron Jeremy. The Jester is no one and everyone.
But hang on…if this guy does nothing more than fire his ‘pew pew’ lazor at websites he takes offence to – a task that you or I could effortlessly perform using freely-available software – then why am I writing about him as if he were The World’s Most Notorious Hacker?
Because, on the internet, it’s not what you do that counts – it’s what you’re seen to be doing. For example, in real life, I’m an average guy with an average-sized penis and an average amount of dead hookers under my bed. On the internet, I’m a 6-foot trannie with a monster dong and a high score that would make Breivik recoil in terror. Don’t believe me? Fine – prove that I’m lying.
And therein lies the beauty of the internet: you can be anything you want to be – until you get found out. That’s when shit starts to get real. Like, IRL real. Like, hurl that laptop off the Golden Gate Bridge and head for the hills real.
The Jester’s hacking skills may be more skiddie-esque than über-leet, but he’s a shrewd operator, as even his most vociferous opponents would concede. Or at least he was, up until today. We’ll get to that little slip-up in a moment, but first, let’s give the man some credit: to maintain your anonymity for over three years amidst a sea of trolls, rival hackers and ‘professional’ doxers takes some doing. Or a decent VPN, at the very least.
Ultimately, even the smart ones slip up eventually of course; just ask Sabu aka Hector Monsegur, the previous owner of the cursed epithet that is The Internet’s Most Notorious Hacker. Sabu wasn’t a particularly gifted hacker, if truth be told, but he cultivated a strong personality cult – just like Jester – which enabled him to achieve a level of notoriety far beyond his modest talents. The two frequently went to war on the internet, with Jester (wrongly) taking the credit for the doxing that led to Sabu’s arrest. Stealing the research of others without assigning them due credit was to become a pattern that would dog Jester’s career, alienating many of his supporters along the way.
On the Eighth Day, God Created Jester
For the first year of Jester’s Twitter life (not to be confused with his IRL life, which presumably predates that of his Twitter account), he was happy to potter about on the web, firing up Xerxes whenever his Koran-touting foes got too big for their sandals. On evenings and at weekends, Jester would pound away at his bêtes noires, reaming their servers until they were red raw, before catching a breather and doing it all over again. The admins of the alleged jihad websites weren’t terribly amused at being lazored, but they couldn’t do much about it. Issuing a fatwa is simple – enforcing one on an anonymous infidel who’s behind seven proxies is more problematic. You see, Jester – like any self-respecting internet troll – operates anonymously, lurking in the shadows as nothing more than the scattering of ones and zeroes that comprise his digital essence. Hacktivism – noble as its commission may be – is still illegal after all. Just ask The PayPal 14, the Anonymous members who were arrested last year for DDoSing PayPal’s website. If convicted, they face jail-time for having unsuccessfully conspired to temporarily down a non-essential page of a website.
We live in a fucked up world, as anyone who’s ever jerked off to hentai tentacle rape porn while high on crystal meth will attest.
Jester may be anonymous, but he is certainly not Anonymous – the web’s other hacktivists for good. If you’re confused by all these competing hacktivists milling around in cyberspace, incidentally, and aren’t sure which side you should be rooting for, here’s how you can tell them apart:
- Communicates with his followers via Twitter, IRC and personal blog
- Likes to dox his perceived enemies
- Uses DoS as his prime hacktivist tool
- Proponent of free speech and online anonymity
- Communicate with their followers via Twitter, IRC and personal blogs
- Like to dox their perceived enemies
- Use DDoS as their prime hacktivist tool
- Proponents of free speech and online anonymity
Glad we’ve cleared that one up. On paper – and indeed on screen – Jester and Anonymous have much in common. Other than an impasse over Wikileaks (Anonymous <3 Manning and Assange; Jester hates those ‘traitors’), there’s little separating the two camps. Try tweeting that sentiment at either faction however and they’ll dox you so hard you’ll be getting unsolicited pizza for the next five years.
In Python-esque terms, Anonymous are the People’s Front of Judea, Jester is the Popular Front of Judea and never the twain shall meet. At first, that’s exactly how it played out; Jester minded his own business and left Anonymous to mind theirs, each plying their trade in the vast echelons of the internet. One day, however, Jester had something of an epiphany. DoSing websites had begun to lose its appeal; those pesky muzzers weren’t much fun to goad, and genuine lulz were few and far between. In an effort to reinvent himself as a bonafide jester, Jester decided to pit his wit against a worthier adversary – Anonymous. Ostensibly, he would be targeting them because of their support for Wikileaks, although in reality, it was all about dick-waving. Jester had gotten bored of spurting Xerxes into the same vaginal cavity; he wanted a new pussy to play with, one that would respond to his every thrust and even issue the occasional spurt of its own. Anonymous, no strangers to confrontation, duly accepted the challenge, and it was game on.
For the better part of 2011, Jester could be found chasing down Anonymous and their various offshoots – including the notorious LulzSec, who reigned supreme for 50 memorable days last summer. LulzSec – headed by ‘simple prankster turned swank garden hedge’ Topiary (later revealed as Shetland teenager Jake Davis) – were infinitely funnier and more precocious than Jester. Their nemesis, however, was older and wilier.
Initially, Anonymous had most of the lulz, with Topiary acerbically observing “We could just DDoS every Jihad website Jester takes down for 30 minutes at a time, but then the poor schizo bastard would have nothing left.”
By July 2011, however, LulzSec were gone, while Jester was still gloating from the safety of his secret internet lair. Over the next 12 months, a similar pattern played out, with various Anonymous-affiliated groups, including Team Poison and UG Nazi, going toe-to-toe with Jester, only to wind up v&, leaving their smug opponent to claim responsibility for their arrest.
I need a montage
Given the coma-inducing length of this blog, I’m gonna leave it to the excellent Encylopedia Dramatica to narrate the next chapter in Jester’s illustrious career, including the Smedley Manning drama, in which Jester ‘went dark’ for a few days after a supposedly random Twitter user tried to blackmail Jester by threatening to release his real dox. The scheme – which raised the grand total of 0.001BTC – is regarded by some as having being a covert op led by Jester in a failed attempt to boost his ego and his coffers in one fell swoop.
That’ll do nicely
Wow, that outsourcing exercise neatly skipped an entire whack of Jester’s life story. Thanks ED: I should leave it to you to pick up the pieces more often – I could have halved the length of this blog if I’d thought to adopt this policy sooner. And now we can jump straight to this morning’s epic lolathon:
Jester’s Last Rites
The internet awoke this morning to an unusual flurry of tweets from The Jester. It wasn’t just the volume of tweets that was unusual however – it was their sentiments. Gone were the aggressive, smug tweets of the usual Jester, and in their place were, well, these gems of utter contrition:
- “It’s been fun. I am in for a LOAD of drama. Next my personal details are unleashed.”
- “Anonymous: I am sorry for running my mouth all this time. Please spare me.”
- “To all my followers, I am sorry. I really am a fraud. Please forgive me, I did it for the lulz.”
- “I do always secure my accounts, but when I don’t, I link them together so you only need to pwn one.”
This wasn’t the dogmatic, vengeful Jester that the internet loves to hate. Either Jester had been taking bath salts, or the hacker had himself been hacked. The suspect tweets – which fed through from a Wordpress blog that had been recently created – provided the answer:
After years of warding off relentless attempts from Anonymous and other hacker groups to compromise his accounts, the unthinkable had happened – Jester had been pwned. But how? After all, it would be fair to assume that his password wasn’t something as idiotic as ‘kibafo33’, so what went wrong?
— Anonymous (@YourAnonNews) July 9, 2012
The answer lies in the IRC chat logs that discussed the breach as it unfolded. Wise – the wiseguy in question – had accessed Jester’s old Hotmail account and used the OAuth Wordpress permission assigned to it as a means of tweeting from Jester’s Twitterfeed.
Soon, a barrage of distinctly un-Jester-like tweets were flying out to his 32,000 followers, including such nuggets as “@AnonymouSabu: I just wanted to have butt secks with you, nothing else.”
While credit has to go to Wise for this lulzy deed, you have to wonder what Jester the god-tier hacker is even doing in 2012 with the ticking time bomb that is a Hotmail account. There may be advantages to owning a Russian Hotmail account, but there are also drawbacks, such as the fact that an impudent skid could guess your secret question, take over your account and then unleash the full Aaron Barr treatment by using your personal Twitter account to broadcast your demise to the masses. (And that’s just one way of getting into Hotmail, which has more vulnerabilities than a special needs kid.)
Barr was a retard of course; Jester is just a dickhead. Least, that’s what we all assumed anyway – smart, but a total dickhead. As it turns out, Jester’s actually the full Aaron Barr: a retarded dickhead. There’s no other way to explain how he contrived for the following email to his e-girlfriend – as well as 2,700 other messages – to be leaked:
The sentiments are made all the more romantic when you picture Jester typing these words from his cherry blossom-themed Hotmail account:
Oh, and the pwnage doesn’t end there by the way. Wise also got into another six of Jester’s accounts, including his LinkedIn, YouTube (one of Jester’s most-viewed videos is called ‘Hot Great Big Boobs Girls’) and Payson. From the latter, Jester’s VPN subscription was discovered – paid by Visa in the name of Mark Walker. Actually, forget the Aaron Barr analogy – Barr would never do something this stupid. It would be logical to assume that Jester used a disposable Visa and that Mark Walker was purely his trolling name. Then again, this is the guy who maintained a Hotmail account, lest we forget, which housed critical emails granting access to no less than eight of his accounts. Derp much?
Lol! @th3j35t3r plays Second Life. He already spends all his free time playing internet make believe, I don't see the point…
— efg (@AnonyEfg) July 9, 2012
I don’t want no pink shit
While the VPN details may have been incriminating, the jackpot has to be the emails to his e-crush, Crystal M. Craven, who sounds like a femme fatale out of a fifties detective novel.
Presumably impressed by the size of Jester’s Xerxes payload, she was ultimately won over by his charming banter, which included such rejoinders as:
★ “Damn gir…. don’t drive n type, you will flip a typo!! I am on AIM instant messager, username th3j35t3r5”
★ “I don’t want no pink shit lying round the house, lol”
★ “Remeber the bad guys wanna kill me and the good guys wanna lock my ass away… with those same bad guys who errr wanna kill me. But what I will give you is my collar size lol, its 16.5 inches. I know it’s not much is it?”
(On the contrary, I’d say 16.5 inches is a perfectly reasonable collar size.)
★ “Apparently I have a resemblance to a famous ‘George’ – I can’t see it myself.”
(I’m assuming he means George Clooney, and not George from Peppa Pig.)
★ ‘The last book I read was Dan Brown’s DaVinci Code, and that was years ago, I have started loads of books, but never get round to finishing them.”
Well, if you’re still reading this, Jester, congrats: you’ve just made it to the end of a blog that was longer than a Dan Brown novel – and far better written I should add. Now stop reading, go run a magnet across your laptop and lob your Blackberry into the lake – there’s no time to waste. Besides, all you’re gonna miss in the final paragraph is me summing up your lulzy day on the internet. Now hurry before LEA show up to personally thank you for taking down UG Nazi.
To the rest of the internet…
Well guys, I told you this was more fun than doing any work today, didn’t I? Thanks to Jester’s epic day of fail, I’ve now got an inbox full of angry clients demanding to know why I’ve neglected all the copywriting jobs I promised them today.
I would try to explain to them, but I fear they’ll never understand: when there’s srs bsns happening on the internet, IRL shit takes second place.
Unless you’re Jester, in which case the srs bsns that’s just taken place on the internet has caused you a world of shit IRL. Wow, that was profound.
inb4 @th3j35t3r hack is a secret hook with a pastebin he's not gonna talk about…
— Dead Agent (@asherahresearch) July 9, 2012
Now if you’ll excuse me, I really must go and attend to these urgent emails that are screaming at me in CAPS LOCK. Actually…I don’t suppose any one of you fancies hacking my Hotmail account and finishing off my overdue writing assignments while I compose a few more paragraphs on Jester? No?
Oh well, it was worth a shot. See you back here on Ed Uncovered the next time there’s a day of epic win on the internet.
Update 1: Jester may have pulled the ‘Mark Walker’ name from this obscure TV comedy, which ties in nicely with his moniker. Then there’s the theory that he could be based in England, going by his claim to be six hours head of his e-girlfriend, as pointed out by the ever-inquisitive AsherahResearch. That being the case, this Mark Walker has a LinkedIn profile that would appear to fit Jester’s profile – including time spent in England and a passing resemblance to ‘a famous George’. His Clarion Events company specialises in ‘Combating Cybercrime in Betting and Gaming’ which is lulzy. Alternatively, this could be part of a clever disinfo campaign on Jester’s part, to lure his enemies into dropping another wrong dox on him, should they ever hack into his email account.
Update 2: Jester has now blogged his explanation for the ‘sideways hack’ he suffered. His version of events would appear to raise more questions than it resolves however, not least whether the glamorous Ms Craven – who has been mercilessly doxed, trolled and defaced in the past 24 hours – was an accomplice or a victim in Jester’s claimed disinfo exercise.
Update 3: Wise, who hacked into Jester’s old Hotmail account, is threatening to release more of the 2,700 emails. Jester’s claim that ‘The email account hacked was abandoned and sanitized 2 years ago’ would appear to fly in the face of the evidence. Either way, looks like this story’s got a bit to run yet.
— wyze (@ihazwyze) July 11, 2012
— Dead Agent (@asherahresearch) July 11, 2012
@Lego_KurtCobain Except that the owner of that hacked account said he left the info in there ON PURPOSE. See his self-congratulatory blog.
— Dead Agent (@asherahresearch) July 12, 2012
@AsherahResearch If this "wise" hack was real, why hasn't he be been doxed correctlty yet? Not enough information?
— mrinvisible (@crypticmyth) July 12, 2012
— Dead Agent (@asherahresearch) July 13, 2012
@AsherahResearch Look, this is the FINAL update & it doesn't have to make sense or not contradict the previous updates because SHUT UP!
— Rev. Magdalen (@revmagdalen) July 14, 2012
Update 4: Jester’s account of the hack has now been updated four times, with his latest revision claiming ‘I’ve never had contact with the actual Crystal M Craven, and until she began responding to the people who spread her personal information all over, I assumed her twitter was a sock account…To the real CrystalMCraven on Twitter: I apologize for not contacting you. I hope you understand, I did not think your twitter account was tied to a real person.’ Well, any blog that Jester can update four times I can match, so in my fourth update, here’s a few choice tweets from the mysterious Ms Craven, starting with the most recent. (Pay close attention to the dates, if you’re into playing internet detective. My blog’s more about the lulz than the srs bsns, though if you’re into the latter, go speak to Jen. She studies this shit religiously.) Not all of the following tweets were written about Jester of course. They all seem quite relevant to this convoluted tale however, and were all tweeted or RT’d by Crystal:
— JC (@KittyMMA) March 16, 2012
@th3j35t3r So Anonymous doxed Anonymous? INCEPTION.
— Michael (@Complex360) July 30, 2011
— JΞSTΞR ✪ ΔCTUAL³³º¹ (@th3j35t3r) July 29, 2011
— mabel simmons (@wireheadlance) June 20, 2011
www.talabeyes.com – TANGO DOWN. Temporarily. For enabling recruitment, & co-ordination of jihadist terror cells via web.
— JΞSTΞR ✪ ΔCTUAL³³º¹ (@th3j35t3r) March 27, 2011
— mabel simmons (@wireheadlance) March 25, 2011
Hacker 'Mudge' gets DARPA job: http://news.cnet.com/8301-27080_3-10450552-245.html
— JΞSTΞR ✪ ΔCTUAL³³º¹ (@th3j35t3r) February 10, 2010
Happy Days – www.alqimmah.net – tried a counter, About time somebody did, but hey – EPIC FAIL. Ya down for 30 min.
— JΞSTΞR ✪ ΔCTUAL³³º¹ (@th3j35t3r) February 9, 2010
Fun fact: the notorious Jester/Crystal leaked email dates from 10th Feb 2010, at the same time as the REAL Crystal was merrily RT’ing Jester, apparently unaware that her SE impersonator was emailing Jester using her good name. Coincidence much?
'Jester' ex-military hacker takes the distributed out of DDOS attacks http://bit.ly/8WQnVO
— Infosecurity (@InfosecurityMag) January 11, 2010
There are many curious issues raised by these tweets, not least in Crystal’s claim that ‘I would never EVER deal with some numbnuts like J in the first place’, which is interesting coming from a woman who appears to have had quite extensive dealings with numbnuts Jester – to the extent where she was even mooting a steamy blog about ‘A Night with Th3J35t3r’, and yet she later accuses him of having ‘a sick fetish’ for her. Roflcopter. But hey, what would I know about psy-ops, subterfuge and sock puppets? I’m just a stoned idiot trying to rustle some jimmies because I’m bored. Thanks for reading; my work here is done (until the next update, at least.)
Update, 20th October 2012: For more Jester lulz, this Pastebin nicely sums up the career of this glorious winged faggot.
“Enjoy your 6,000 LinkedIn connections while your credit card’s getting raped by Russian mobsters.”
“It was supposed to have been a top secret telephone conference between FBI and Scotland Yard police chiefs. But there was just one flaw – someone else was listening in to their cosy chat..”