Someone is spreading fake copies of the Islamic State's magazine

Someone is targeting Islamic State assets online. Lots of the self-proclaimed caliphate's fanboys have been warning each other that it could be a trap.
June 15, 2016, 3:25pm
Screenshot of an IS propaganda video, released on Wednesday.

The Islamic State is warning its followers online that issues of its official online magazine, Dabiq, and an app for one of its news agencies, Amaq, that have been circulated online are fake.

And while it's not clear where the spoofed content is coming from, analysts are speculating that either government agencies or vigilante hackers are planting them in order to lure and track IS supporters online.

Advertisement

"Brothers and sisters, We noticed that dubious attempts were made to spread a fake Dabiq magazine issue (claimed to be 'Issue 15', with two varying covers)," reads a warning tweeted by IS-affiliated Twitter accounts last week. "We would like to clarify that Al-Hayat Media Center has not yet released any new Dabiq issues. We advise you not to download this fake magazine for your own safety."

It's not clear whether there ever was an actual fake magazine — purporting to be issue 15 — or what was behind the purported hyperlinks to those magazines, as they weren't functional. The fake editions were shared by some central IS supporter accounts on Twitter, leading them to spread widely.

This is the second time this month that someone has passed off fake IS material online. On June 1, an alert was released by an official IS channel on Telegram, claiming the group's news app, Amaq Agency on Android, had been replicated. The notice on Telegram read: "Warning: Dubious sources published a fake version of the Amaq Agency Android app, aimed at breaching security and spying. We advise to avoid downloading any app, except via the official Amaq channels and recommend to verify with the officially published checksums before installation."

"Some people think it's a honeypot strategy by governments, maybe to learn about who clicks, who shares, who authenticates it as fake or real," said Amarnath Amarasingam, a fellow at the George Washington University Program on Extremism.

"You start to get extremely paranoid about everything you do, and you can't trust anything."

Rita Katz, the Director and co-founder of the SITE Intelligence Group, wrote about the spoofed app for Motherboard earlier this month.

"As governments and vigilantes around the world continue targeting IS online, apps circulated outside of Google Play or iOS stores provide new opportunities to plant disguised malware into the mix, and thus infiltrate the community. And indeed, as seen in [the June 1] warning by IS of fake apps, such entities appear to be doing just that," Katz wrote.

Advertisement

While it's not clear who may be responsible for trying to hack IS, Washington is a likely suspect.

The American government has increasingly targeted Islamic State infrastructure online in recent months, with the goal of flagging possible security threats in the West and to take out IS propaganda world-wide. The full extent of America's effort to launch offensive operations against IS online remains unclear, but the US Cyber Command's move from being a defensive military agency towards becoming an offensive unit is uncharted territory.

Strange things going on with new #Dabiq 'release' - two covers, error message, dead links. Somebody gonna get fired. pic.twitter.com/ASWDqftXKB

— Amarnath Amarasingam (@AmarAmarasingam)June 8, 2016

"We are dropping cyberbombs," Deputy Secretary of Defense Robert O. Work told the New York Times in April. "We have never done that before."

Another possible culprit is the Anonymous hacker collective, which has launched several operations against the terrorist organization, with the aim of taking IS propaganda offline and banning IS supporters from social media.

Amarasingam says these incidents aren't the first times IS has been targeted with fake products, noting that fake press releases and issues of Dabiq have been released in the past. On Monday a fake press release was circulated, claiming the self-styled caliph of IS, Abu Bakr al-Baghdadi, was killed.

David Kennedy, formerly involved in the Marine Corps Intelligence Activity and now CEO of the security firm TrustedSec, told Business Insider in April that this tactic "really strikes fear into the communication modes that they're leveraging," adding that IS supporters may be wary of continuing to use these methods.

"You start to get extremely paranoid about everything you do, and you can't trust anything."

IS' suite of online products range from the Amaq Agency to an educational military-themed app for children to learn the alphabet.

Follow Davide Mastracci on Twitter: @DavideMastracci