Saturday, 16 November 2013

The Messiah Saga

Update 6 Dec 2013: Messiah complicated

THE name James Raj Arokiasamy may or may not trip off the tongue, but it has been everywhere in the city-state’s media in recent days. Mr James Raj, who may or may not be a.k.a. “The Messiah”, stands accused of hacking into at least two government websites as well as that of a scandal-plagued singer and churchman. In all, as many as 19 government websites were taken down simultaneously on the afternoon of November 2nd. (Three hours later a government agency used Twitter to announce that the sites were down due to “planned maintenance”.) And then the story gets complicated. Since Mr James Raj’s arrest in early November, a series of copycat attacks have compromised the websites of high government offices, a government-friendly newspaper and others, using cross-scripting and DDoS attacks. On November 22nd the websites of 13 schools were defaced in less than two hours’ time.

And on December 5th, Standard Chartered, an international bank, said that data belonging to some 647 if its “high net-worth” clients were stolen from a server at Fuji Xerox Singapore. Here the link to Mr James Raj seems clear: the data is said to have been retrieved from his laptop.

The past two months have been a busy time for Singaporean activists of a hackerish persuasion. Many of them have been declaring their resistance to the government’s new “internet-licensing” regime and to plans for a major revision of the Broadcasting Act, due in 2014. Their protests have taken place both on- and offline. The government had anticipated an outdoor demonstration they staged, at a venue designated for dissent. But then it wasn’t prepared for the wave of hacking incidents that followed.

read more

Scapegoat or Messiah

Is this for real? Is it possible to be caught for your crime you did  in Singapore?

FBI, CSI and other agencies around the world could not trace down anonymous traffic for the past few hacking activities. Are the FBI and CSI are not efficient enough? Is he a scapegoat or The Messiah?

Due to the recent hacking activities, Mr James Raj was caught in suspicious known to be Messiah. Today (12 Nov) 9am, he was been charged for the recent hacking activities with a unknown hacking device. Isn't hacking is to be done by using a laptop tapping internet. So what can it be a unknown hacking device?

read more

10 Political Myths/Urban Legends About Singapore

The Govt is actually behind the attack, in order to win support and bolster its position. This is another urban legend that been making the rounds. The timing of an announcement of a $130 million cyber protection program and the series of planned maintenance, has caused some to believe the Govt is actually behind the whole thing. Of course no one can prove this, and as such the Govt will enjoy the benefit of doubt.

However it's also clear that these incidents can easily cause 'copycat' hackers to emerge and lay the blame on Anonymous. All this is conjecture, but it's also very telling that if more drastic hacking is inflicted, it can turn a sizable number of swing voters over to the Govt's side. With a pliant media ever ready to leap to their side, any hacking close to elections, could very well be the deciding factor. Anonymous should back down from its threat and voters should be careful and more discerning, if they were to occur. They should not believe everything they read

So much for the myths surrounding the hacking. here are others that have been associated with Singapore

read more

Some men just want to watch the world burn

The Second of September 2013 will not hold as much significance to the everyday anarchist, but this is the day, we here in Singapore, experienced a pre-mature second coming of “The Messiah”. Announcing his arrival with a bang by defacing the website of a pilfering pastor’s wife, “The Messiah” dished out old testament-esque justice; squashing a heresy born of china wine and boob jobs.

Many of us, even the most peace loving hippies, cheered a little inside. Afterall, Sun Ho and Kong Hee weren’t exactly close contenders for people of the year awards. But as “The Messiah” wandered the wilderness, temptation started to set in. Lucifer’s original sin of pride proved too powerful a force. “The Messiah” went on a hacking rampage across cyberdom, hacking a Spanish website to publish an FAQ list that nobody asked for, defacing the website of a childcare centre that nobody cares to go, and inserting a little shout-out in a town council portal that honestly, nobody knew existed.

Of course “The Messiah” preached his gospel at each location. Thou shall not make themselves false idols; Thou shall not harm babies under your care; and Thou shall not blame external factors . As these warning went unheeded, a succession of terrible judgments descended upon us.

read more

PM Lee vowed to hunt down Anonymous on Nov. 6, S’pore had a suspect in custody on Nov. 4
No wonder he sounded so convincing and determined

The biggest news today is that the Singapore government has arrested up to six people for allegedly defacing several websites over the last few weeks and charging one of them in court.

A curious fact we observed: Prime Minister Lee Hsien Loong made a determined vow to hunt down hacktivist collective Anonymous on Nov. 6 — when the police already had a suspected arrested and in custody on Nov. 4. The big question: Is that the reason PM Lee sounded so determined and convincing because Singapore already knew that we’ve got the man?

The Singapore police has issued a statement detailing the operation that led to the Singaporean suspect’s arrest.

read more

Arrest of ‘The Messiah’ Raises more Questions than Answers

According to the MSM, a prime suspect behind "The Messiah" had been arrested. The man was James Raj Arokiasamy, a 35 year old man, who was accused of hacking The Straits Times blogs, the PCF website and Sun Ho's website from the comfort of a unit in Dorchester Apartment at Jalan Sri Hartamas in Kuala Lumpur, Malaysia on October 28 at about 1.35pm.

So many fine details, so it must be legit. Not if you think a little deeper, for questions will surface one by one and little loose ends don't tie

Q1: If "The Messiah" was arrested on the 28th of Oct, why did PM Lee Hsien Loong vowed to "spare no effort" to hunt down Anonymous Hackers on the 6th of Nov. Will the men under his charge not tell their boss that the culprit had already been arrested a week before he actually told everyone that Singapore would be sparing no effort hunting down a hacker who was supposed to be already arrested, screaming for help in the IMH. So does the PM know a thing or does he not?

read more

PM Lee Milking Political Mileage Out of "The Messiah"

On 11 November 2013, prominent alternative news website The Online Citizen broke the news that one James Raj Arokiasamy has been charged under the Computer Misuse and Cybersecurity Act for carrying out suspected hack attacks from a unit in Dorchester Apartment at Jalan Sri Hartamas in Kuala Lumpur, Malaysia.

After the arrest was let out of the bag by lawyer M Ravi, sceptical online netizens went into overdrive with many claiming that James Raj was simply a scapegoat for the PAP government. Furthermore, with the inaccessibility of the Straits Times website on the morning of 12 November 2013, it further fed the conspiracy theory that the real "Messiah" was still out there. On the other side of the spectrum, government supporters were quick to wax lyrical on the decisive action taken by the government against such cyber threats.

However sexy this conspiracy theory sounds, there is unfortunately no credible proof to prove its validity. If this conspiracy was true, it would require the buy in of the Malaysian authorities and that in itself is a bit of a stretch given the at times acrimonious bilateral relationship. Instead, The Unseen Singapore would like to draw your attention to something more interesting. An insight into the psyche of the current political leadership and how they manipulate such events to their advantage.


read more

Singapore Need More Answers On "The Messiah"

After the cyber attack by the hacking group “Anonymous”, the Singapore government has been a flutter and Prime Minister Lee Hsien Loong even made a public vow to capture the hackers involved.

I personally don’t see what’s all the fuss is about because to me “Anonymous” has more bark than bite, but I guess it’s a matter of face for them. Recently, the Singapore government announced they had captured a man in Malaysia they believe to be "The Messiah", the main hacker of the Anonymous” group attacking websites belonging to the Singapore government. However the more I read about the arrest, the more questions I have.

Like why did the PM made the vow on Nov. 6 when according to all reports, the police already had a suspected arrested and in custody on Nov. 4? Like how could 35-year-old James Raj be the Messiah if he was in hiding in Kuala Lumpur for outstanding drug-related offences in Singapore? You would think a man who ran to another country do his best to stay under the radar.


read more

Intrusion Is The Word

First it was "routine maintenance", then "compromise", and now the latest turn of phrase is "intrusion". Love, it would appear, means never having to say "hack". The adulation that sycophants have for their glorious leader knows no bounds.

Mr Moo has now disclosed how the picture of the old hag with the pomade hairdo and raised middle finger came about. For the record, "Jiak Liao Bee" by no means can be construed as a string of offensive words as claimed by the mainstream media. It's just an apt description for shameless free-loaders in the Hokkien dialect.

Moo came across the code-string which could be inserted into the ubiquitous search bar of most websites. An IT professional in his own right, he tested it on his personal websites to check for vulnerability issues. They passed with flying colours. Then he tried it on the Prime Minister's Office (PMO) and Istana websites. Major fail. You don't want to know how much they spent on computer hardware and software at those places. Suffice to say, they give cause to invoke the Hokkien phrase again.

read more

Google denies its search bar caused Singapore websites breach

Google has broken its silence to refute reports stating a vulnerability in its search bar had compromised the websites of two government offices.

Hackers redirected online visitors searching within the websites of the Prime Minister's Office (PMO) and Istana to view content and messages on another webpage resembling the two sites, but were actually created by the hackers. As a result, visitors were made to believe the websites had been defaced when, in fact, they continued to function normally.

Singapore ICT regulator Infocomm Development Authority (IDA) was cited by local media reports to blame a vulnerability in Google's search bar, embedded in the two websites, as the cause of the breach. In a media briefing to which only local media were invited, IDA was quoted to say the vulnerability was exploited but detected within 15 to 20 minutes on both sites

related:
Suspected 'Messiah' hacker charged in Singapore; 5 others rounded for hitting govt sites
Anonymous hacks Singapore PM website
Singapore govt will 'track down' hackers
Singapore amends law to counter cyberattacks

read more

Singapore hacking cases show importance of deep infocomm expertise
Handcuffs 10
One of them has been charged in court. Another five are being questioned

The spotlight is now on the suspects for the recent spade of hacking, after a fortnight spent wondering what’s the next website to be hit or whether “planned maintenance” was a cover-up for an embarrassing failure in cyber defence.

Were they highly-skilled hackers? Or just script kiddies, using readily-available online tools?

Perhaps the better question to ask, if we go beyond the sure-to-be-colourful headlines, would be whether Singapore is well prepared for a full-on cyber assault. Who could launch that? Perhaps a large group of hackers, or perhaps even a foreign government.

read more

Dear journalists, stop spreading fear, uncertainty, and doubt in Anonymous coverage
Anonymous

So a few days ago, right after an image of an Anonymous YouTube video embedded on the Singapore Prime Minister Office’s (PMO) site started appearing on the interwebs, news sources have been reporting that the PMO website got hacked.

Here’s a list of the reports:
Singapore PM’s website hacked by Anonymous
‘Subpage’ of the Prime Minister’s Office website hacked; Investigations ongoing ANONYMOUS ATTACKS PMO WEBSITE DESPITE PM'S THREATS TO HUNT THEM ‘Anonymous’ hacks Singapore Prime Minister’s website
PMO and Istana websites hacked; Investigations ongoing
Anonymous hacks Singapore PM website

On behalf of every single decent software developer in Singapore, let me say this once: this is not a hack. If any journalist had investigated more deeply, they would have found out that the URL to access the supposed hacked site is.

read more

Support James Raj, victim of the Singapore government
James Raj

Alleged computer hacker James Raj is apparently still being held at Singapore’s Institute of Mental Heath, without access to third parties, including his lawyer. While the crime of which he is accused amounts to not much more than petty digital vandalism, the treatment he suffers at the hands of the state is excessive, disproportionate and draconian. I call on the government to ensure his rights – including to legal representation – are respected so as to ensure a fair trial.

A conviction resulting from a trail tainted by procedural misconduct is liable to be ruled unsafe and overturned. The interests of justice are not served by such an outcome, and Singapore’s status as a rule of law country risks being undermined.

James Raj was apparently detained without charge for eight days before being presented in court on 12 November, but was for all of this time, and for a further three days, denied access to legal advice. During this time he alleges mistreatment while detained and was subsequently remanded to the Institute of Mental Health on the advice of a deputy public prosecutor, despite apparently having received no formal medical examination

read more

Why did the hacker not get a lawyer?

Human rights lawyer M Ravi has now put forth his application before a Supreme Court judge to adjudicate on whether he should have been, or be given immediate access to his client, hacker James Raj.

About not given access to a lawyer - Looking at the law plainly, while access to counsel is a right of the accused, nowhere does it state that this access must be immediate. This basis for the law is logical to this writer because a defence counsel could inadvertently affect the evidence-gathering process. This must be as unaffected as possible to ensure a fair trial for all accused persons. Therefore, it would appear that the law has been deliberately scoped broadly to account for this point.

For example, if someone is caught trafficking in drugs – if the defence counsel went to speak to his cousin (who happened to be the mastermind behind the trafficking), don’t you think the cousin would try and flee the country then, therefore jeopardizing the whole criminal justice process and the possibility of apprehending the mastermind?

read more

STATEMENT FROM DELSON MOO ON POLICE INVESTIGATING HIM FOR "HACKING"


Just to clarify. I did not deface the Istana website at all. I simply take the codes and put in the search box of the Istana website and it returns me the image and text, which I've amended from the original code, and that's all.
The website was in no way compromised.

The page return is just the image and text which I've amended from the original code.

The reason I tested it is because my websites were hacked with code injection and every now and then I have to get my service provider or developer to remove it. The cost gets higher and I just want to know how these things work.

related:

PAP should reflect on why unrelated people from all walks of life have attacked their websites]

read more

Chronology of the Hacking Incident

The Messiah started his hacking adventure much earlier with attacks in City Harvest and Sun Ho’s websites. The hacking activities intensified after The Messiah and his group, Anonymous Collective declared war on the Singapore Govt. Below are some of the dates and events that took place.

28 Oct – AMK Town Council/PCF hacked
31 Oct – Video declaring war on the Singapore Govt
1 Nov – ST Online hacked with The Messiah accusing a reporter for misleading the people in her article, changing attack on Singapore Govt to attack on Singapore.
2 Nov – Many govt sites were down on ‘maintenance’.
4 Nov – The Messiah, James Raj, was arrested in KL, Malaysia.
6 Nov – Hsien Loong spoke that all efforts would be taken to track down The Messiah.
8 Nov – The PMO office and Istana sites were hacked and police reports made.
12 Nov – The Messiah and several others claimed to be members of Anonymous were charged in court.
26 Nov – Second hearing in court.


From the above chronology of events it is clear that after 4 Nov, The Messiah and the few arrested could not be involved in further hacking activities. The 8 Nov hacking into the PMO and Istana sites must be down by another group still out there. That is the only logical deduction, which also means that the hacking can start again

read more

A pretty messed-up Messiah

So he isn’t a Messiah at all – or he wouldn’t have been caught. Okay, no one’s guilty until proven to be so in a court of law, but James Raj seems such an unlikely saviour.

So far, the charges against him are for defacing the Ang Mo Kio Town Council website as well as that of City Harvest Church and the People’s Action Party Community Foundation. By the way, he did his computer mischief, apparently pretty low-tech stuff, in a Kuala Lumpur apartment. He was on the run from the narcotics authorities who had him up on three drug charges. Malaysian police acting on information provided by their Singapore counterparts arrested him on Nov 4 and handed him over.

So The Messiah (aka James Raj?) is not the same person behind the YouTube video threatening technological mayhem on Nov 5? And the hacks (or “exploitation of vulnerabilities” as is the official-speak) into the Istana and Prime Minister’s Office sites? Are they the work of Anonymous, the hacker collective?

read more

How are we to make sense of The Messiah?

On the one hand this figure of Anonymous seems bent on threatening the government, providing for the first time since the crackdown on ‘communists’ in the 1980s, a true radical force against what it views as injustice and unreasonable control of the polity (the internet of which is an extension).

On the other hand its motives and intentions are unknown. For it may claim to want to do good for the larger public, fighting what it perceives to be a hegemonic force, when in fact it has no such desire to do so. There is simply no way in which any reasonable person can objectively evaluate The Messiah, who claims to be a force for good but could equally be bad.

Anyone who makes a stand must simply be bent by the force of his or her emotions, and any stand made decided on the basis of perception. Most of the time, it will be affected by the opinion one has towards the current government. Some will find what this hactivist has done admirable, others will find it extreme. Whatever the reason, the reason cannot be a good reason, simply because there is not enough information about this person.

related: Not My Messiah

read more

Istana hackers calling Tony Tan ‘Jiak Liao Bee'

Unless Melvin Teo suffers from a severe bout of narcissistic disorder it’s highly unlikely that he would expose himself in this manner if he were indeed responsible for the Istana hack job. ‘For the Win’ or FTW is hip internet parlance to describe something awesome or sweet victory, and sounds like a phrase that people who say ‘BIATCH‘ would use.

Nobody would ever think, however, of typing ‘Tony Tan Keng Yam FTW’, especially when he won the presidency in 2011.

What the ST article omitted was that another Istana webpage was hacked into the image of an old woman flashing the middle finger with the words ‘Jiak Liao Bee’, which means someone who’s highly paid (consumes rice) for doing nothing.

read more

We are Anonymous
– ZD Net: Google denies its search bar caused Singapore websites breach
– Tech Goondu: S'pore hacking cases show importance of deep infocomm expertise
– Real Singapore: Statement from Delson Moo on Police Investigating him for ‘Hacking’
– Unbranded Bread n Butter: Some men just want to watch the world burn
– Everything Also Complain: Istana hackers calling Tony Tan ‘Jiak Liao Bee’
– Musings From the Lion City: Singapore Need More Answers On “The Messiah”
– Singapore Notes: Intrusion Is The Word

– TOC: Right to counsel – lawyer Ravi seeks court’s declaration on constitutional rights
– The Unseen Singapore: PM Lee Milking Political Mileage Out of “The Messiah”
– Senang Diri: Balancing operational security and public expectations
– My Singapore News: Ragtag cyber army behind bars
– Anyhow Hantam: So ‘The Messiah’ wasn’t a Big-Time Hacker
– Singapore Hall of Shame: Possible identity of James Raj aka the Messiah Hacker?
– Lu Keehong Singapore: Enter ‘The Messiah’, claiming he is fine
– New Nation: Real Anonymous embarrassed by S’pore branch’s antics


read more

related:
"Anonymous" Hackers arrested & charged in Court