GhostShell - My Hacktivist Ideology
I did a lot of things over the years, from publicly declaring cyberwar on political leaders, to hacking Wall Street and other high profile targets such as NASA, The Pentagon and FBI.
This isn't a story about how I started coding when I was 4 months old or how I spent most of my life in my parents' basement, taking over US satellites and playing minesweeper with them. No, none of those things happened. This is a story about an average, overzealous, kid with a technological late start in life that had too much time on his hands and wanted to prove to the whole world that real freedom lies in how much you can explore this vast digital ocean that we call internet without any restrictions.
Put on top of that the fact that I was into world politics, economics and social reforms, and with those things in mind, I just gave you the perfect recipe for making up a hacktivist. But let me explain from the beginning, maybe this way you'll understand how I ended up becoming one of the world's most wanted hacktivists out there, even though technically speaking, up to this day I've never been caught or arrested by anyone.
I was eleven-twelve years old when I got my very first computer. I still remember that day, all I wanted to do was play video games on it and show off to my friends how good I was at them. The thought of programming, let alone security testing, never even crossed my mind back then. I was just your typical everyday kid, with drama problems at school such as bullies and mean teachers that never seemed to leave you alone.
For a short while, I didn't have access to the internet, so I spent most of my time buying off pirated video-games at street corners all the while failing repeatedly to install them properly on my computer. I don't know about you guys, but placing those "crack" executables in the right folders always gave me trouble at the beginning of the century.
So, I suppose I was never a technological genius, nor was I some sort of wizard of programming while in my teens. Far from it. Before I got my personal computer, I spent most of my days at internet cafes, playing Counter-Strike, Mortal Kombat, Grand Theft Auto, Need for Speed, usually in LAN mode with people older than me.
When I finally got my very first broadband internet connection, I started all of a sudden to view everything in a different light. All the possibilities that could happen on my PC, while being connected to this whole new world, were endless. I quickly downloaded the famous or should I say, infamous, Yahoo Messenger, which was quite popular with Europeans, especially Romanians at the time, and I began be-friending random people on it.
I was quite active on all sorts of forums, from anime to video games, which gave me an edge in making even more friends online. Before I knew it, I had a vast network of people that I was constantly in talks with, some older than me, others younger. It was a wonderful and exciting time. It broadened my views on the world, it helped me realize that I was living on a planet with such diverse people and cultures. You could say that the internet and these constant connections with users, helped me mature a lot faster.
At the same time, these connections also inspired me to get into hacking (coding), security testing and eventually into cybersecurity as a whole. I started off by coding simple programs in C# and Pascal when I was about fourteen-fifteen years old. The fact that you could write a script that would do something in your stead, always fascinated me, mostly because I was a lazy-ass and the concept of having programs do everything for you seemed like the ultimate solution to my young problems.
The whole coding phase didn't last very long, which is a shame since I could've learned a lot faster back then, but the lack of a role model and not much implication from my school was detriment to me giving up.
It Began With a Prank
While I was still in my teens, another person around my age, decided to play a prank on me one day by taking over my computer with the help of a trojan. He sent me a file disguised as a picture and before I knew it, he added me to his botnet. That was when I decided that I wanted to "prank" people too!
Fast forward two years later and you have a young person with a botnet of around 5 million Romanian (and a few foreign) computers infected. How did I manage to pull that off? I still can't believe what I did all those years ago to infect so many people and even if I tried to replicate it today I wouldn't be able to, at least not at that scale.
You could say that I got lucky. Back then, the Romanian "warez" scene was at its peak, with almost every household pirating things from music, movies to software on just a few peer-2-peer services. The concept was that you would leave open your port for anyone to come in and download data and in return you would be able to retrieve data from them. I exploited a vulnerability within the service and ended up manually infecting millions of computers by simply sending them an autorun exe file that contained my trojan.
It didn't take long for me to get bored of hoarding up zombies and playing with them, so eventually I ended up losing/discarding my botnet. However, that only lead to more interesting endeavors on my part. Collecting sensitive information became the new hobby and so by the time I had reached eighteen, I was already juggling trillions of private record sets from all over the world.
I never saw anything bad in what I was doing. Some people like to collect stamps, I like to collect your private data. Simple. I've never abused the data that I copied, I never once profited off of it and up until I became a hacktivist, I never intentionally leaked it. My old stashes of sensitive data still exist and are uploaded in various places across the internet, and I can assure you to some extent that no federal agent knows where those are. (Perhaps that's why I've never been arrested before? Who knows, I've been involved in so many things that it's hard to tell at this point.)
I did a lot of things over the years, from publicly declaring cyberwar on China and Russia's political leaders, to hacking Wall Street's main network that hires IT people, and to other high profile targets such as NASA, The Pentagon and FBI. But what about behind the scene? Well, let's just say that if we were to combine everything that I've done publicly all these years, it wouldn't even be a fraction of a fraction of what I have done behind closed doors.
One example that I can give is from back in 2016, when in one of my projects I publicly leaked around thirty million private records from poorly configured mongodb servers. What most people don't know, is that shortly after I also tried leaking another one billion private records from similar places but was stopped by various people, (including journalists) convincing me that "I had made my point".
Hacktivism seems like such a straight forward concept to people that usually they band all of us in the same tightly locked jar and either believe that we're all heroes or villains. This notion couldn't be farther from the truth, at least from my point of view. I believe that every single hacktivist is different, that their ideas, actions and beliefs are all unique.
Let's take as examples some of my favorite hacktivists on the internet and compare their philosophies, to prove that you can't just place us all on the same pedestal in terms of ideologies and everything else. We're all different, we all have our own hopes and dreams and our individual actions speak louder than your words typed in some comments section of a website.
Jeremy Hammond, Junaid Hussain, Gottfried Svartholm, Matt DeHart, Lauri Love and one or two currently unknown hacktivists from the leaking portal Par:AnoIA, are my top picks when it comes to hacktivists from the western side of the internet. I'm not going to go into too many details regarding their activities since they're already infamous enough, however I would like to illustrate that at the end of the day, we all took different paths in our lives and ended up at various crossings, some more fortunate than others.
Jeremy Hammond - a former member of lulzsec/antisec, is most famous for breaking inside the company known as Stratfor. An anarchist at heart with a passion for making corrupt people's lives a living hell. He is currently serving a ten year sentence for his actions.
Junaid Hussain - the hacktivist trickster, enjoyed toying with the lives of politicians, law enforcement agencies and private companies alike. He's most famous for going after Tony Blair and MI6's terrorism hotline. He got droned by the Pentagon back in 2015 after he joined ISIS and became a cyber-terrorist.
Gottfried Svartholm - one of the founders of the infamous torrent website ThePirateBay. A real badass viking pirate that turned eventually into a hacktivist by breaking inside the Swedish tax office between 2010-2012. His current status is that of a free man.
Matt DeHart - his involvement with Anonymous goes way back to the roots of 4chan and Project Chanology. A former military analyst, he's most famous for receiving a secret document allegedly detailing an investigation into CIA activities by the FBI. He is currently serving a lengthily prison sentence.
Lauri Love - another former ally of Anonymous that ended up infiltrating various places from the US army, the missile defense agency and NASA. He is most famous for setting a new precedent in the UK by not being extradited to the US. Currently safe and far away from an outrageous US prison sentence.
Paranoia Hacktivists - probably among the best hacktivists when it comes to operational security and keeping a low profile while also exposing sensitive data to the world through various kinds of protests. They represent my favorite pick as far as OpSec goes and they are famous for leaking different types of data from police to governmental. As of 2018, the Par:AnoIA website is still up and running, even though the members are inactive.
All of these hacktivists are so diverse in their own actions and beliefs that it is almost impossible to tag them in the same category. From anarchists, to terrorists, pirates, to protesters of various political statements. They are all brilliant in their own way of doing things and you can't help but respect them for that. It doesn't mean that you have to agree with their distinct ideologies but at the very least you can agree with the fact that one hacktivist doesn't represent us all and that one hacktivist may not speak to you personally, but another might.
I am writing this story because I would like to paint a better picture of what hacktivism is like, how diverse and messy it can be, but also of the dangers that come with it. My advice to other hacktivists out there would be to learn from the mistakes that we did so that you can become the better improved version of this medium. A new generation that can stand taller than any of us did and shout louder than all of us combined. Be the change and voice of the future!
Personally, I have been an active hacktivist since the very first day of 2012 and I can't tell you my secret of why I haven't been arrested so far because, honestly, I have absolutely no idea. I am definitely the first of my "kind" when it comes to this type of situation and yet another unique example from the list. Even though I made my identity public knowledge back in 2016 in hopes of getting into the cybersecurity industry legitimately, I remain up to this day in limbo. Who wants to work with a hacktivist that not even the feds want to touch with a ten foot pole? Haha.
I may not know how the next worldwide notorious hacktivist may look or be like, but I am definitely looking forward to their arrival on the scene. Best of luck to you and here's a piece of advice from me: Information is power, wealth, influence, fame, knowledge, truth. Information is everything.
Main Image Credit : The awesome piece of artwork used to head this article is called 'Hacktivist and it was created by graphic designer Yimbo Escárrega.