The Jester (hacktivist)

The Jester (also known by the leetspeak handle th3j3st3r ) is a self-identified grey hat hacktivist. He claims to be responsible for attacks on WikiLeaks and Islamist websites. He claims to be acting out of American patriotism.

Identity
The Jester has stated that he was a former soldier and had served in Afghanistan and elsewhere. A former defense operative claimed that The Jester was a former military contractor involved in US Special Operations Command projects.

Activities
On January 1, 2010, The Jester began a campaign against Jihadist websites. His first target was alemarah.info, which was the Taliban's website at the time. The Jester posted several tweets claiming to be responsible for the downtime WikiLeaks was experiencing.

On November 29, 2010, someone claiming to be The Jester stated that he had been raided by the U.S. and attempted to solicit money for legal fees. The Jester purported that the person was an impostor, though writers at InfoSecIsland believe the hoax was created by The Jester himself.

In February 2011, The Jester claimed credit for a DoS attack on several sites belonging to the Westboro Baptist Church for celebrating the death of homosexual U.S. servicemen.

In June 2011 The Jester vowed to find and expose members of LulzSec. He attempted to obtain and publish personally identifiable information of key members within group, whom he described as "childish". In March 2011, Barrett Brown said The Jester was trying to identify members of Anonymous with Backtrace Security, a group of former members of Anonymous who disagreed with the current Anonymous. On June 24, 2011, he incorrectly claimed to have revealed the identity of LulzSec leader Sabu as an information technology consultant possibly from New York City. In July of the same year, he falsely accused a Portuguese IT professional of also being Sabu, leaving The Jester's outing claims to be considered suspect. However, in a post on his blog in November 2011, The Jester retracted his prior identifications for "Sabu", issued an apology and correctly identified "Sabu" as Hector Xavier Monsegur, 28, of New York. Sabu's identity was confirmed on March 6, 2012, when Monsegur was arrested by the FBI and it was revealed that he had been acting as an FBI informant in the interim.

On March 5, 2012, The Jester changed his Twitter account avatar from his signature Jester icon to a QR code without comment or explanation. Scanning a QR code redirects a browser to a website. Scanning The Jester's icon led to a URL where he had an image of his signature Jester icon and an embedded, hidden code that allegedly exploited a vulnerability that affects Safari, Chrome and Android browsers. "When anyone scanned the original QR code using an iPhone or Android device, their device would silently make a TCP shell connection back to my remote server," The Jester wrote. This was however exposed to be fake and the exploit was stolen from a 2-year-old CVE advisory.

On May 14, 2012, The Jester's Twitter account appeared to have been deleted, along with all posts on his WordPress blog. However, the Twitter account and WordPress blog were merely temporarily deactivated and were subsequently restored May 16, 2012.

On July 2, 2013, the Jester took responsibility for a series of DoS cyberattacks against the Ecuadorean stock exchange and the country's tourism website, and promised to attack any other governments considering granting asylum to NSA leaker Edward Snowden. In tweets, the Jester also alluded to a plan to seize control of the fire alarms at the Ecuadorean embassy in London, which would force WikiLeaks founder Julian Assange to set foot on UK soil and face potential extradition to Sweden to face sexual assault charges.

On October 21, 2016, the Jester took responsibility for "defacing" the official website of the Russian Ministry of Foreign Affairs. The "hack" was later shown to be fake.