14 DAY TRIAL // As we mentioned earlier, DeadMellox, the leader of Team GhostShell, revealed that he has decided to take a break from the hacking scene for an undetermined period of time. Before he does that, we’ve asked him to offer us an interview to find out more about the impact of his group’s operations.
The hacker also detailed some other interesting things about his run-ins with law enforcement and a couple of additional hacks that haven’t been made public.
Softpedia: Have you noticed any changes that may have resulted from Project Sun Rise? Have you noticed any reactions from the targeted companies? What about the governments involved?
DeadMellox: There have been some strange things happening since the year started, well, more than the usual. Speaking strictly just about SunRise, I'd have to say that the only thing out in the open that was clearly noticed were forensic teams rushing to the scene to do some snooping around.
Since websites were getting closed and put under maintenance, I'm assuming the companies in question, knew about the attacks or at the very least found out about them later on. I doubt targets like national diamond corporations, mining, petroleum and other companies from the top 500 in Africa wouldn't find out.
As for any governments in question, the only comment that I saw, was a reporter from South Africa asking an official over there about his opinion and receiving a regular straight-forward reply about it, how the people will be punished for "hacking" and so on.
Softpedia: In the latest leak you mentioned the involvement on the CIA in Angola. What can you tell us about this?
DeadMellox: Not much. The problem with any information on this matter is that you can never know 100% if it’s real or not, since it's not like you can Google "CIA member list" and match that with your own. To put it bluntly, there's hardly any traceback on these people for various reasons.
Records were found labeled "cia" such as names, time, dates, locations, most of them being traced back to the US (Washington and other parts of the east coast), but that alone wasn't enough to make me follow a lead on it, what really got me intrigued was another database that I found in the very same server; "valhalla".
I've encountered the name before in another server in Algeria, related to a petroleum corporation with government ties. Same database names, same information leading to the US.
The Algerian server, I first passed it off as nothing special, I thought at the time that it was just a random trading company from the states doing business with them, but when I found almost the exact same things in Angola, everything sorta clicked.
I could tell you what I found about "Operation Valhalla" specifically, but right now I'd rather not do that. There are still some things that I need to put together for this puzzle to make sense and I don't want to rush it and pass anything on, as "truth" before I'm certain.
This reminds me of another CIA leak of mine back at the beginning of 2012, the one that was accompanied by the Wall Street leaks, when I found a list of names supposedly working undercover for the agency. Two of them that caught my eyes were working for NASA.
Like I said, these things are really hard to verify and even when you do and it gets out there, it usually just gets denied by officials.
Softpedia: How's the collaboration going with Anonymous South Africa?
DeadMellox: Good so far. I've been in contact with the newly made Anonymous RZA branch since summer, last year. Some of them were big fans of my Project DragonFly that waged cyberwar on China. That's when they approached me and asked if I would be willing to help them out too.
I explained to them that I already had plans for the rest of 2012 and that these releases are more about raising awareness towards different topics around the world that need addressed to, rather than for hurting anyone.
They understood and left for a while, but we always kept in touch, even though I lost contact with them plenty of times throughout last year and even at the beginning of this one. When Project WhiteFox ended, I decided to finally give it a try over there too and see what I could do.
Going through its cyberspace was probably one of the hardest things I've had to do since Team GhostShell was founded. At first I thought that I would encounter things like really outdated servers, just like in China, but that part wasn't so bad, in fact their versions tend to be more new.
Problem is that they're not well built so when you try to get inside you'll encounter a lot of errors, glitches, random pings timing you out for no apparent reason, charsets keep popping up while retrieving data, put on top of that slow connections and you get a real nightmare. Nicknaming it "The Cyber Jungle" was really fitting.
Softpedia: Some hackers claiming to be from Anonymous South Africa have said there’s no collaboration with you.
DeadMellox: I don't have time to play with these people anymore. The feds have been using the same tactics for years. This is their extent, counter-intelligence with made up groups, usually with only a few recruited civilians among them for more credibility.
Hyping everything up with their propaganda machines from social networks that they seized, sometimes they get someone to DDoS a website for 30 minutes, then they blog and brag about it for months and everything begins and stops there. What do they get out of it? More specific anon accounts that they can use later.
It's also supposed to prevent other people from starting their own operations in parts of the world, they can at any time just dismiss them from those accounts as not being legitimate and they get big anon accounts to tweet about it too.
Anyone with more than two functional braincells can go check these things out for themselves, either by camping in these few dead networks or people can see the trend on social platforms, the same old data being re-posted over and over again alongside news from the mainstream media and the same old regurgitated motto's that accompany it.
I've witnessed this process being repeated so many times that I've grown sick of it, while at the same time looking at activists and hacktivists alike that were involved in actual work, being taken down and discredited for following their own principals.
So much for creativity, so much for "Everyone is Anonymous," it has turned slowly into an exclusive club for the feds and their own agendas.
Softpedia: You’ve told us you’re taking a break from hacking. Why? Are you having trouble with law enforcement?
DeadMellox: I'm taking a break from the public sector. I'm not sure when or if I'll be back. I'm closing up all the accounts from Team GhostShell to its branches, Midas Bank and Ophius Lab for the time being.
I don't feel like wasting my time with these people from the government and their smear campaigns, so I'm removing all the pieces from my side of the board. I have already won what I set out to achieve last year so there really isn't any point in prolonging this.
I didn't have much time to look for the ripple effects of the projects back then, but this year I finally got the chance to.
I encountered for example this Chinese blog that was made last summer, the person was a fan of TGS and after he/she saw VenusTech talk about what sorts of attacks were used on China's servers in Project DragonFly, decided to make a post describing them and how they can be performed.
The blog had literally thousands of people discussing every step and helping each other. I thought that was really cool, you don't get much solidarity around these parts.
It goes without saying that I am fond to some extent of the security teams that have held meetings after GhostShell's releases and brainstormed ways on how to prevent such attacks from happening again at this scale.
Some even decided to take it a step further and create training courses for network admins or pretty much anyone interested, instead of the usual "buy my sec products." The idea itself deserves a round of applause.
I'm also glad that I managed to fix that misunderstanding about GhostShell going to war with Japan. That was never the case and I'm relieved that I got the chance to collaborate afterwards. Truly amazing people with honor.
Softpedia: How did you clarify the misunderstandings with Japan?
DeadMellox: I was in touch with someone working in security over in Japan that helped me deliver to the authorities a few hundred of their vulnerable government servers. I'm happy that I had that opportunity.
Softpedia: What about law enforcement agencies? Have they been trying to get to you?
DeadMellox: As you know already, I like sometimes to play tricks on law enforcement agencies. One of them this year was related to Twitter. When the year started I released "private" conversations between multiple accounts affiliated with Team GhostShell via direct messages.
It contained names and specific locations. In the very same month, I was contacted on IRC about every single last one of them.
For those that aren't familiar with the scene here, if you look up almost every single public complaint file from the FBI on arrested hacktivists, you will see that one of the very first things they do is spy on you, whether it's through these direct messages on Twitter or any other social platform from the US.
It's quite interesting how they don't even try to hide it, so from the very beginning I went with the idea that any conversation there would go to them, that's why this year I wanted to put it to the test and experience it myself.
They're really something else, very different from a regular informant that would normally just try to social engineer you. Agents in general will use another technique, called elicitation. The purpose of it is to mimic everyday small talk and get you to reveal sensitive bits of information without you even realizing it.
They're terrible at it, but it was really a fun experience. From what I could tell, a few of the things they wanted to find about was: 1) If the person they're talking to is really me. 2) How many members are in TGS. 3) What's my relation with the chinese. 4) If I engage in unethical activities like carding.
The ironic part here is that I ended up learning more about them, than they about me. I've documented myself since the 1st of January 2012 including my encounter with all these sorts of users and they all seem really easy to manipulate, I'm quite disappointed actually.
Their phishing attempts on my public email address weren't that good either. Even though they had parked domains that bounced off ISP's every 10 minutes, I could still pin-point them with the help of a dns tree.
Softpedia: Is there anything else you would like to add?
DeadMellox: Putting aside all the mess that is the public sector, the main reason why I want to stop right now is because, after learning about these little mind games of them trying to figure out where the attacks are going to strike next and neutralizing them by either discrediting the entity itself or it's motivation/goals, with the people in question being mostly from the United States, but not limited to just one agency, the only thing that I can think about right now is how to get back at them.
It's clouding my judgment and I'm having difficulties focusing on the next projects because of it. I have put a lot of thought into, around three weeks to be exact and I still can't seem to shake it off.
I have this urge to finally get serious and eradicate every single one of their most important networks from the internet, starting with the one being hosted by Reuters with some of the most wealthy corporations in America. Security is merely an illusion and so is their Phoenix Zhtml surrounding it.
This temper of mine may have helped me gain a position last year as one of the entities that handle the most data in the underworld and black-markets in Asia, one of the seven warlocks, The 6th Warlock - Dark King.
An unstoppable jormungand of the internet that's never satisfied with how much it has consumed, sure is the right way to compare me. haha
Then again, I have no use for that feeling here. Cold blooded revenge shouldn't be part of a hacktivist, at least that's my opinion. Which is why, I've finally come to terms with the decision that I need to put a stop to it. At least for the time being.
"Come what come may, time and the hour, runs through the roughest day." - MacBeth
Speaking of mischief, I have complete access to the WorldBank and NATO. These two are my parting gifts to the american authorities that were "kind" enough to keep an eye on me this whole time, starting with that very first release from GhostShell.
Of course, I'm speaking about the lovely FBI. I've just sent a message with the access points to the same email addresses as before.
We are all ghosts living inside the shell.