Insider Leaks French ID Card of Alleged ISIS CyberCaliphate Leader

December 7, 2015 Updated: February 2, 2016

According to a hacking group opposed to ISIS, there was a disagreement within the CyberCaliphate, the online branch of ISIS that conducts cyberattacks, recruits terrorists, and spreads its propaganda. One of the CyberCaliphate’s hackers disagreed with its choice to side with ISIS and quit the group. Later, when the group sought his assistance, this hacker copied information off their servers and leaked the ID card of the CyberCaliphate’s alleged leader.

After stealing the information, the insider provided the ID card and other information to an anti-terrorist hacker group known as GhostSec.

TorReaper, the GhostSec Web admin who codes most of its cyberweapons,said in an interview on Twitter, “He assured my contact the ID card is accurate, and said of the three founding members of the ISIS CyberCaliphate, this guy was the leader.”

The ID card is French, and it states the alleged leader of the CyberCaliphate is from the La Bauche commune in Savoie, in southeast France.

According to TorReaper the insider had since traveled to Raqqa, Syria, and was still there when he compromised the CyberCaliphate’s server three months ago.

GhostSec has been one of the most prominent groups challenging the online efforts of ISIS. It claims to have taken offline 149 terrorist websites and 6,000 YouTube videos, and flagged 101,000 Twitter accounts.

GhostSec is part of the #OpISIS campaign of the hacker collective Anonymous, which aims to disrupt the online propaganda of ISIS and its efforts to recruit new members using the Internet.

Epoch Times was unable to verify whether the individual on the ID is the head of the ISIS CyberCaliphate. The Secret Service was unable to provide information, and the FBI did not immediately respond.

TorReaper said that while he was also unable to find additional information on what the insider claims is the CyberCaliphate leader, “I checked on some of the other intel he provided and it was all right.” Technical information about the CyberCaliphate’s operation proved accurate, TorReaper said.

The insider was part of the hacking crew that predated ISIS, before the CyberCaliphate was formed. He apparently didn’t agree with the hacking crew’s decision to align with ISIS.

“He said he was part of a hacking crew years ago before ISIS with Britani and others. He said he spoke with them daily and they were not radical for Islam. When IS came along it was just an excuse for them,” TorReaper said.

Britani refers to Omar Hussain, who uses the Twitter name Abu Saeed al Britani. The British Jihadist who is fighting in Syria with ISIS had previously made bomb threats against the United Kingdom, but recently published an online rant about the poor etiquette of other jihadi fighters—which included claims that Syrians stole his shoes and unplugged his phone charger.

According to TorReaper, the leader’s ID had been uploaded to the CyberCaliphate’s server before they had aligned with ISIS. He said, “They were doing some social engineering and for some reason their leader d0xed himself for the group. They used his ID to rent servers and stuff, so he [the insider] still had it from then.”

Social engineering is a form of person-to-person “hacking” that involves tricking a target into granting access to a computer or network. “D0xed” refers to leaking private information—such as the real name, phone number, or home address—of an individual.

The information was taken when the CyberCaliphate asked the former member to help with something. TorReaper said that instead of carrying out the job, “he took all the docs from the server, then never helped them.”

Follow Joshua on Twitter: @JoshJPhilipp