DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

GhostShell, On the Record – MalSec

Posted on March 15, 2016 by Dissent

This post is part of an extended interview conducted by DataBreaches.net and CyberWarNews.info with the hacker formerly known as “GhostShell.”

According to GhostShell, back in the spring of 2012, he was approached by someone who had previously been with LulzSec (although LulzSec was already done by that point). That person, he says, persuaded him to team up. He was not sure of the date when he first agreed to team up,  sometimes suggesting it was around April, and at other times suggesting it was earlier, but MalSec introduced itself via a YouTube video on April 11, 2012. At the time, he later told DataBreaches.net, he was using the identity DeadVox.

His relationship with MalSec does not appear to have lasted beyond mid-April:

… to be honest I don’t remember much of it since everything happened so fast. One day I was working on a foreign op and the next thing you know I’m creating a splinter cell from Anonymous with this random guy I just met that wouldn’t shut up about how he is part of lulzsec. The year had just started and I was already infamous on the net so my first thought about it was “I’m being recruited by the feds. Here we go!”. To be fair the fact that on the news I was reading how all the members were being arrested, some accused of snitching and so on while I was hanging out in the very same network that they had at one point, with this guy besides me going like “Yeah were gonna be a billion times more famous than them” made me even more paranoid. But it was so funny that I couldn’t bail I had to see it through, I had to know where it was going.

I can’t tell you which people were involved or even how many but in the beginning he was the one recruiting users and making contact with the media. Actually there were more members of this same group and other famous ones in MalSec, like really known ones most of which got arrested throughout the years. I can’t even hint you since you’d figure it out on the spot and this isn’t what this interview is about.

I eventually began recruiting and training my own people since things were going slow. No one was keeping up and I felt the need to have my own group. Even that wasn’t enough so on the 16th of April I created Team GhostShell. On the same day of the first leak.

I was always fighting with the other guy because things weren’t progressing fast enough. He would always ask me for my private data before a release to “inspect” it and would get back to me in a couple of days to let me know if I can leak it or not. Now that I look back at it every single thing he did was step by step the exact same thing every other known and caught hacker group has been going through. Some fed clearing things up with his superiors, logging the conversations through IRSSI and generally handling the situation whenever someone stepped out of line and leaked something he didn’t say it was ok.

On another occasion, he explained it this way:

I was the one in charge of all hacking activities and everyone else came to me whenever they would attack something but just as explained it was the constant friction between me and the other guy. I was being held back from doing what I wanted to. He had to vet everything, with whom I have no idea and then I had to wait for him to do the public release, media campaign and all that. I didn’t like that type of situation at all, it was too sketchy and overall I wanted more freedom of expression.

[…]

On the bright side, one of the many advantages you get from being apart of such a group is that you get great publicity. Since the leaks are approved by the feds they will go out of their way to help you get famous. One of the funniest things out of this is that no matter how much infamy I got as the years went by I never really got articles written by the same mainstream medias as we did when I was in MalSec. ArsTechnica, Motherboard, Wired etc., I’m looking at you homeboys. A famous group of hackers means a more important bust later on. Tell me you’ve never noticed how for some hacker groups that are barely known publicly do a major hack, get instant public exposure and then right after they get arrested. They’ve been infiltrated and used for a long time and if by the end of their little adventure they’re not famous enough they’ll get an extra boost, on the house. Win-win for everyone.

As suggested by his response to that question, GhostShell was discreet and did not name others involved in certain operations or projects, although in the case of MalSec, he gave us additional information and enough hints that enabled us to guess to whom he was referring as his recruiter and possible fed. Because, however, he did not actually name him or offer any hard proof that the individual  is a fed, we are not naming him, either.

We are also aware, from comments on Twitter, that some dispute GhostShell’s description of his involvement in MalSec and his version of what happened.  We are simply reporting statements GhostShell has made without any warranty of their accuracy.

Interview Topics:

  • #OpRomania
  • Anonymous
  • MalSec
  • “Team” GhostShell?
  • More on Snitches, the Feds, and the Scene
  • Why did he really disappear in 2013?
  • On criticisms of “simple” hacks
  • Psychological Factors
  • Difficulty Finding Work and Risk of Arrest
  • If You Knew Then What You Know Now….
Category: Commentaries and AnalysesHack

Post navigation

← GhostShell, On the Record – Anonymous
GhostShell, On the Record – “Team” GhostShell? →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • ICE takes steps to deport the Australian hacker known as “DR32”
  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.