The Ghost of Snapped Shot

Or, welcome to my low-maintenance heck.

Searching for Th3j35t3r

Businessman Using Binoculars


We here at Snapped Shot always enjoy a good mystery, and this one's definitely a doozy.

Flash back to yesterday, where I reported that the infamous gray-hat hacker th3j35t3r had some sort of run-in with the law. It didn't seem odd to me at the time, as someone in his particular line of work is pretty much constantly at risk of interaction with our "enforcemer" community - so I passed the information on to you pretty much exactly as I got it. Others, however, were somewhat more suspicious:

Was the The Jester (th3j35t3r) himself the instigator of reports that he had been the subject of a raid by law enforcement officials on Monday?

That seems likely to be the case.


It did not take long for word to get around that The Jester may have been the subject of a search and seizure, with several re-Tweets and blog posts appearing on the matter, including on Infosec Island.

It also did not take long for several people to surmise that the accounts were probably created by an impostor, and that the whole thing was either a hoax or an elaborate scheme to capitalize on The Jester's notoriety for the WikiLeaks DoS attacks by scamming sympathizers with a solicitation for funds.

So far, so good. Typical internet scumbag trying to cash in on a famous personality, right?

Well, it seems that all is not quite so simple. Anthony Freed continues:

I had to ask myself, why would an impostor in the midst of scamming The Jester's followers announce his actions to the "real" Jester by alerting him with an "@" mention in his Tweet?

Now all of the Tweets on The Jester's original Twitter account regarding the impostor have been deleted, and the last one showing is from Sunday's DoS attack on WikiLeaks.

I also began to wonder why The Jester, who I have had dozens of hours of instant message conversations with, did not seem to be very upset that someone was using his name to scam his fans.


The logical conclusion might be that The Jester himself is most likely the perpetrator of the whole "police raid" hoax.

Anthony raises a good point here - along with an even better one: The domain "" does certainly point to th3j35t3r's WordPress account at present. But what's interesting is that the domain doesn't appear to have changed hands since it was created:

created:                         01-Dec-2010
last-changed:                    01-Dec-2010
registration-expiration:         01-Dec-2011


It's not like I can walk up to anyone on the Internet and demand that they hand over their domain name, nor would my complaints to any given hosting provider have any effect on the registration of the underlying domain itself. So how exactly did th3j35t3r get control of this domain from a supposed impersonator?

It's definitely an intriguing question, but given th3j35t3r's long history of service in the fight against terrorists, I'm willing to give him a mile-long benefit of the doubt.

Here's to hoping that he'll be willing to tell his side of the story long before that mile runs out.

 Tags: Hacktivism #DailyFodder


#1 Rooster 07-Dec-2010
Awesome article, Brian. Brilliantly put per usual! Let's see more like THIS and less like THAT.
#2 Anonymous 12-Dec-2010
#3 Brian C. Ledbetter 13-Dec-2010


I have already posted about the latest escalation, but don't always annotate it in previous stories. Otherwise, I'm waiting to see the rest of Jester's side of the story before continuing on the topic.


#4 Anonymous 14-Dec-2010

mabad and my apologies.

carry on.

Powered by Snarf ยท Contact Us