The CIA reportedly used a fake Star Wars fan site to communicate with its spies around the world. Amateur security researcher Ciro Santilli recently scoured the Internet to find sites the spy agency built in the early 2000s to communicate with its informants in other countries, 404 Media reports. Among the sites he found was StarWarsWeb.net, which included a stock image of a boy dressed as a Jedi, pictures of R2D2 and C-3P0, along with ads for Star Wars video games and Lego sets of the time. Santilli dug through a mass of historic domain names, analyzed each sites HTML and used bots to bypass the Wayback Machine to determine what they may have looked like at the time. 'The simplest way to put it - yes, the CIA absolutely had a Star Wars fan website with a secretly embedded communication system,' Zach Edwards, an independent cybersecurity researcher confirmed. 'And while I can't account for everything included in the research from Ciro, his findings seem very sound.' The site was shut down more than a decade ago and it now redirects to the CIA's homepage. But it was not the only fake site the Central Intelligence Agency was using to communicate with its informants. Others included a fan site for the late comedian Johnny Carson, a third was about extreme sports and a fourth was for fans of Brazilian music. There were also websites called Rasta Direct, Fitness Dawg, Iranian soccer pages and a Russian wrestling website, Reuters previously revealed. Some of the sites reportedly targeted France, Spain and Brazil based on their language and content. Each fake website was assigned to only one spy in order to limit exposure of the entire network in case any single agent was captured. They simply had to enter a password into the search bar, which would cause a secret messaging window to popup in which they could covertly speak with their handlers. But when former President Barack Obama announced the discovery of a secret Iranian nuclear enrichment facility in 2009, Iranian officials doubled down on their efforts to find informants who may be speaking with American intelligence agencies, according to a Yahoo News investigation in 2018. They then easily tracked down the fake websites using Google. The sites had sequential IP addresses, as the hosting spaces for these fake sites were often purchased in bulk by the dozens and often from the same internet provider on the same server space. The HTML code for the search bar on the sites also contained the word 'password,' and the website's coding even included the words 'message' and 'compose' - indicating there was a secret messaging system. 'The CIA really failed with this,' said Bill Marczak of the University of Toledo's Citizen Lab, adding that the messaging system 'stuck out like a sore thumb.' By 2011, Iranian authorities successfully dismantled the CIA network in its country, and either executed or imprisoned the informants. Meanwhile, authorities in China also found similar websites being used in their country - and executed more than two dozen CIA sources between 2011 and 2012. But the CIA reportedly was not aware that the system had been compromised until 2013, when it started to notice that many of its agents began to go missing. At that point, the agency was able to extricate some of its agents and resettle them. It also took down the websites. In 2021, the CIA finally admitted to the communications failure with a memo reprimanding spies for poor tradecraft, being overly trusting of sources, underestimating foreign intelligence agencies and 'putting mission over security' by moving too fast and not paying enough attention to potential risks. However, Reuters reports that Langley had known about the security risks involved and only used the mass-produced sites for sources whom it did not consider fully vetted or had limited, albeit potentially valuable, access to state secrets. The top-tier informants instead used custom-made covert communications tools. Still, former officials described the intelligence setback as 'incredibly damaging' as House and Senate intelligence committees held closed-door hearings into the scandal. When asked why Santilli decided to track down the now defunct websites, he said it was because of his interest in Chinese politics, his penchant for TV adaptations of spy novels and 'sticking it up to the CIA for spying on fellow democracies.' 'It reveals a much larger number of websites, it gives a broader understanding of the CIA's interests over time, including more specific democracies which may have been targeted, which were not previously mentioned, and also a statistical understanding of how much importance they were giving to different zones at the time - and unsurprisingly the Middle East comes on top,' he explained. Edwards, meanwhile, said the scandal 'is a reminder that developers make mistakes and sometimes it take years for someone to find those mistakes. 'But this is also not just your average "developer mistake" type of scenario,' he admitted. DailyMail.com has reached out to the CIA for comment.