Al Qaeda-Linked Site Posts 'Hit List' of U.S. Targets, Prompting Feds to Send Alert

The Department of Homeland Security has sent out an internal alert warning that jihadist websites last week posted a "hit list" of American executives, officials and companies -- an alarming development that could mark the start of a new phase in terror plots.

The list, which covers dozens of names connected to the Iraq war, including executives at Halliburton and KBR, was compiled by users who vowed to "send explosive mail" to the "best target." The lists were published online around the same time American-born Al Qaeda spokesman Adam Gadahn released a video in which he called on Muslims in the U.S. to kill Americans.

Security analysts believe the two messages are related and underscore a shift in terror strategy -- from top-down, mass-casualty events to smaller-scale attacks taken up, in some cases, by freelancing, lone-wolf jihadists.

The DHS bulletin, obtained by, described how posts on the Arabic-language Ansar al-Mujahideen forum discussed "specific targets" for potential attack. The discussion originated on a more secure Al Qaeda-linked site known as the Shumukh forum.

Reached for comment, DHS spokesman Chris Ortman said in an email that there is no evidence of an imminent attack, but he confirmed DHS is monitoring.

"While we have no information of any imminent terrorist threat to the United States or any U.S. persons, as always, we urge federal, state and local law enforcement, as well as the general public, to maintain increased vigilance for indications of preoperational or suspicious activity," Ortman said.

He confirmed that the list of names and companies "that the user believed were legitimate targets" prompted the initial "Open Source Information Report" from DHS' intelligence office last week. Ortman said the threats were also cited in a June 9 DHS-FBI "intelligence note" that went out to "federal, state, local, tribal and private sector partners."

The full breadth of the online discussion is actually worse than it is portrayed in the original DHS report. Though the report mostly referred to potential private-sector targets named on the thread early last week, Shumukh posts obtained by show the jihadist discussion has stretched into this week. Subsequent posts after the report went out included discussion of numerous government officials, as well as media figures.

The extensive file started with a post from someone identified as Al-Assad Al-Thaer urging supporters to compile the list of executives and officials who supported the "war on our nation," calling them part of the "Zionist Crusaders Alliance." The post said the list would then be screened by "the leaders of Jihad" to determine where to attack.

"After that, we will generate detailed reports such as home addresses, phone numbers, and regular address where we will send explosive mail to," the post said, according to the bulletin.

From there, contributors posted dozens of photos and names, ranging from U.S. military leaders to foreign officials to more contractors. It's unclear from the meandering discussion whether the contributors have since sought to prioritize their sprawling list.

Counterterrorism consultant Patrick Poole told the list appears to be an unprecedented attempt to go "into the heartland" and target individuals in America.

"I can't recall anything this specific," he said. "I think these guys are serious."

Though the posts reference "leaders of Jihad," Poole said the authors appear to be calling on anyone willing to take up the cause to carry out assassinations -- preferably, in their eyes, somebody already in the United States. He said it appears to be linked to Gadahn's recent video, in which he called for Muslims in America to individually arm themselves and wage jihad.

"The threat could come from anywhere," Poole said.

Asked about the DHS bulletin and the apparent threats, KBR spokeswoman Sheryl Gibbs said: "We are aware."

The company sent a written statement to saying it has an "exceptional team" to provide security for its workers when needed and works "closely" with law enforcement officials.

"As a global company and government contractor, from time-to-time, KBR employees receive terrorist threats," the statement said. "KBR takes the safety and security of our employees, key stakeholders and board members very seriously in all of the work we do."

A spokesman at one government agency targeted on the list also said in a brief email to that "we are aware of the threat and have taken appropriate measures."

Aaron Weisburd, director of the Society for Internet Research, confirmed that the threatening posts first appeared on Shumukh -- a password-protected, members-only site. He said the messages then drifted over to the more accessible Ansar site, possibly so a broader audience could see it.

Weisburd, who has access to the Shumukh site and saw the original posts, described the site as "the number-one Al Qaeda-supporting website on the Internet today."

Weisburd said the users are "brainstorming" and still face the challenge of convincing somebody to carry out an attack. But he said they're serious about inspiring followers to take up the cause.

"They want you just to pick up a weapon and wage jihad right where you are against the best target you can find," Weisburd said.

Though the target audience might be budding jihadists in the U.S., Weisburd noted that the Shumukh site hardly has any American readers. According to his research, it is most frequented by Palestinians, as well as Moroccans, Algerians and Egyptians.

But the posts on both sites have gotten plenty of readers. Weisburd said a couple thousand read the discussion on Shumukh. According to the DHS bulletin, the Ansar discussion was viewed 670 times as of June 6 and was a top hitter on the site.

"Ansar's one of the largest jihadist Internet hangouts," Poole said, calling the messages targeting individuals an "expression of a radical shift that's occurred over the past two years."