Through the looking glass: The internet has seen its fair share of weird, but a Star Wars fan site secretly run by the CIA to communicate with overseas spies might top the list. StarWarsWeb.net looked like any other 2010-era fan page, complete with lightsabers, Yoda quotes ("Like these games you will"), LEGO ads, and hyped-up mentions of games like Battlefront 2 and The Force Unleashed II. But behind that nostalgic facade was a covert login system. If you entered the right password into the search bar, you'd unlock a secure line to CIA handlers. Or at least, that was the plan.
This bizarre piece of intel comes courtesy of Ciro Santilli, an independent researcher with a knack for rooting around the dusty corners of the web, who spoke to 404media.
Santili took it upon himself to dig deeper after a Reuters uncovering piece titled "America's Throwaway Spies" revealed a handful of suspicious domains back in 2022. Armed with little more than open-source tools, web dev know-how, and apparently endless patience, he ended up uncovering hundreds of similar sites.
As it turned out, the Star Wars page was just one star in a galaxy of CIA-run covert communication sites.
There were comedy pages, extreme sports sites, and even a Brazilian music fan page. Some were clearly geared toward users in states like Iran and China, where their discovery led to devastating consequences, including the execution of CIA sources around 2011-2012. But others appeared to target France, Germany, Spain, and Brazil.
The fatal flaw, according to both Santilli and the Reuters report, was that many of the sites were sloppily coded, reusing sequential IP addresses or other easily traceable breadcrumbs. Once one site was found, identifying others was often just a matter of basic detective work. This was something Iranian and Chinese counterintelligence teams apparently figured out over a decade ago. You can read this in more detail on Santilli's writeup.
Despite the deadly fallout, this digital forensics saga is now a cold case. Santilli described it as being "like a museum," saying that thanks to the Wayback Machine, people can still go back and view the site.
All said, fifteen years later, the CIA's attempt at geek-coded spycraft remains a cautionary tale that even intelligence agencies are only human. And that on the internet, your secrets have a shelf life.
The CIA used a Star Wars fan website to secretly communicate with spies
