GhostShell, On the Record – Snitches, Feds, and the Scene
This post is part of an extended interview conducted by DataBreaches.net and CyberWarNews.info with the hacker formerly known as “GhostShell.”
GhostShell talked about snitches in the context of a number of questions over the course of the interview, but given the presence of so many snitches and federal agents in Anonymous, it’s not surprising that it was one of the recurring themes. In addition to sharing his suspicion that the leader of MalSec was a fed, at one point in our interview, GhostShell offered some tips to new hackers as to how to spot feds or snitches:
Instead of being paranoid of everything and everyone here’s a trick that I’ve been using for a long time.
- First of all trust no one completely. If you’re a hacker then the only type of other person online that you could trust in any shape or form is the active/known hacker. Make sure that they’re legit in every way because I’ve encountered before feds leaking old data from other people while trying to get some people to report about it and build a fake identity upon it which then they can infiltrate hacker groups with. They’ve even tried at some point to use some of my old leaked data for it.
- Always remember that a federal agent can NEVER deliberately hack someone or something without permission and even then the only type of targets they can go after are hackers. You are not going to see feds hacking websites just to prove themselves to you.
- However that doesn’t mean they can’t use escape goats to do it for them, like informants or other caught hackers that switched sides. The first ones get immunity when the case goes to trial and the second type get leniency for helping the authorities.
- Another trick for figuring out which people are working with the authorities out in public, all you have to do is check out how long they’ve been operating. For example, large accounts that have been active for more than 3-5 years (the usual length of an investigation) are more than likely to be working for the other side.
- Make a list of all the famous and active anon/hacker accounts that have operated since 2011 and figure out for yourselves how many legit ones have been taken down, and why the rest are still standing.
- When a hacker takes down a website or infiltrates it they eventually get caught and you’ll see news about it pop up but what happens with the people that weren’t hackers? Has anyone ever realistically wondered that? If you’re a person from within the scene you already know at least about some of them and how they’ve been caught and then put right back at the keyboard.
- A caught hacker has a chance of being rehabilitated and put to work in cybersecurity, a caught spokesperson has a chance of being rehabilitated and put to work in journalism. I’m neutral on all of this, I even think that it’s great some governments reform and integrate people back in the system and if hackers would understand how everything works they would be less paranoid, less jumpy at everything and more content with the whole thing.
Q: What else would you want us to know about the scene?
I’m gonna use this question as a time capsule. I’m gonna claim some things and in the distant future people can figure out if I was right or wrong.
First off, the deep web, the one hosted on that so called “anonymous” network is the largest honeypot ever created by international agencies spearheaded by the US in collaboration with the UK. Every single “creepy” website about hired hitmen, cannibals, pedo sites, red rooms and all of that is fake. They’re honeypots. The rest of the networks, the very few ones are entrapments. Drug sites? Entrapment. Credit card shops? Entrapment. Hacker forums? Obvious entrapment. I mean hell the largest one there is notorious for being filled with only feds and researchers that only go there to practice catching hackers.
Despite all the hype about hackers in recent years, hackers are incredibly rare, they’re kinda like unicorns. And even when they do band together they do it in smaller numbers of 3-4. Not dozens. Unless you’re being entrapped in a group like MalSec or AnonSec, you’re not going to see legit hackers working together for long. Look at every single large hacker group that got caught. There are so many patterns to every single one of them it’s not even funny.
Another thing I’m gonna claim is that IRC has zero security and most hacker irc’s are run by the feds. There are a lot more out there than you think and the majority of them are dead with the exception of a couple of feds idling for weeks in there at a time.
If you’re a person with a functional brain think about it like this: Why haven’t these couple of networks been taken down yet despite most of then being online for more than 7-8 years? Even if you don’t know anything about anything you’re gonna tell me the world governments can’t track down or shut down a few irc networks that by default and design have no security/anonymity?
The majority of known hackers and more importantly hacktivists have hanged out at some point on the same irc networks. Myself included. We all know each other, better than any outsider thinks.
VPN doesn’t help you stay anonymous. All that it does is redirect your traffic to a third party, legal company that is susceptible to law enforcement searches via subpoenas. If you’re a hacker and you believe there’s a service out there that isn’t keeping logs then you deserve everything that’s coming to you, especially if you’re one that has seen first hand companies lying about their policy.
Everytime you use a vpn your ip doesn’t go away, it only changes. Do a ct/cp on yourself and you’ll find out what every fed sees. Your new ip, name of the vpn and address. All they have to do is log the time and ip go to that company and get your real one then straight to your actual isp. GG wannabe keyboard warrior, rip.