The CIA Once Used a Star Wars Fan Site to Talk to Spies—Here’s How It Got Exposed

The CIA Once Used a Star Wars Fan Site to Talk to Spies—Here’s How It Got Exposed

On the website starwarsweb.net, a cartoon image of Yoda is shown next to the words: “Like these games you will.” The site lists several Star Wars video games, including Star Wars Battlefront 2 for Xbox, Star Wars: The Force Unleashed II for Xbox 360, and Star Wars: The Clone Wars: Republic Heroes for the Nintendo Wii. Right next to that, there are links to a Star Wars online store with the phrase “So you Wanna be a Jedi?” and an ad for a Lego Star Wars set.

At first glance, the site looks like a regular Star Wars fan page from around 2010. But according to an amateur security researcher, it was actually a tool created by the CIA to secretly talk to informants in other countries. Iranian officials first discovered a group of these secret CIA websites more than 10 years ago. That discovery eventually led to many CIA sources in China being killed in the early 2010s.

The researcher, Ciro Santilli, said he started investigating these sites for several reasons: he’s interested in Chinese politics (his mother-in-law is part of the Falun Gong religious group), he likes TV shows based on spy stories, he wanted to “stick it up to the CIA for spying on fellow democracies” (Santilli is Brazilian), and he has the technical skills to investigate because of his background in web development and Linux. He also admitted he was partly motivated by “fame and fortune.”

Santilli found other websites that may also be linked to the CIA. These included a fan site for a comedian, one about extreme sports, and another focused on Brazilian music. He wrote that some of these websites appeared to be aimed at people in Germany, France, Spain, and Brazil, based on the language and content.

“It reveals a much larger number of websites,” Santilli explained, adding that it helps people better understand what countries the CIA was focusing on at the time. “And unsurprisingly, the Middle East comes on top.”

Image: a screenshot of the site included in Santilli's research.

Back in November 2018, Yahoo News published a major report about the CIA’s secret messaging system and how it got exposed. According to the article, the trouble started in Iran, but later led to more than 20 CIA sources being killed in China between 2011 and 2012. After that, the CIA shut the system down.

In 2022, Reuters published a follow-up report titled “America’s Throwaway Spies.” It showed how the CIA made serious errors when creating these secret websites. For example, Iranian officials were able to catch one CIA informant, Gholamreza Hosseini, because the websites were badly made. One major mistake: the websites’ IP addresses were all very similar, so if you found one, it was easy to find others that were connected.

Reuters also explained that typing a password into the search bar on what looked like a normal website would trigger a secret login system used by CIA sources.

The Reuters article listed two domain names and described nine websites in total. It also included clues that Santilli used to find many more. He noticed that the filenames of screenshots in the article sometimes showed the URLs of the secret CIA websites. He looked those up on the Wayback Machine (an online archive of old websites) and used a tool called viewdns.info to find more connected sites based on IP addresses.

In his own detailed write-up, Santilli explained how he uncovered the Star Wars site and others. He said he used freely available online tools, searched through old domain names, examined HTML code, and even used “a small army of Tor bots” to get around restrictions on the Wayback Machine. He said he didn’t pay for any data. According to a past report by Citizen Lab, 885 secret CIA websites were identified after Hosseini told Reuters that he used one called iraniangoals.com. Santilli said he ended up with hundreds of domain names, which he checked manually “as patience would allow.”

Zach Edwards, a cybersecurity researcher, told 404 Media: “The recent efforts to uncover the websites CIA used to communicate with their spies all over the world aligns with what I understood about this network. We’re now about 15 years past when these websites were being actively used, yet new information continues to drip out year after year.”

Edwards also confirmed the main claim: “The simplest way to put it—yes, the CIA absolutely had a Star Wars fan website with a secretly embedded communication system—and while I can’t account for everything included in the research from Ciro, his findings seem very sound.” He added that this is a reminder that even skilled developers can make mistakes—and some of those mistakes take years to discover. But in this case, it wasn’t just a small coding error—it had serious consequences.

About his research, Santilli said: “At the very least the potential public benefit of enlightening history seems to be greater than that risk now. I really hope we're right about this.” He also said, “It is also cute to have more content for people to look at, much like a museum. It's just cool to be able to go to the Wayback Machine and be able to see a relic spy gadget ‘live’ in all its glory.”

The CIA declined to comment.

Thanks for visiting Our Secret House. Create your free account or donate by signing up to never miss any news!

If you would like to show your support today you can do so by becoming a digital subscriber. Doing so helps helps make Secret House possible and makes a real difference for our future.

Read more