DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

GhostShell, On the Record – MalSec

Posted on March 15, 2016 by Dissent

This post is part of an extended interview conducted by DataBreaches.net and CyberWarNews.info with the hacker formerly known as “GhostShell.”

According to GhostShell, back in the spring of 2012, he was approached by someone who had previously been with LulzSec (although LulzSec was already done by that point). That person, he says, persuaded him to team up. He was not sure of the date when he first agreed to team up,  sometimes suggesting it was around April, and at other times suggesting it was earlier, but MalSec introduced itself via a YouTube video on April 11, 2012. At the time, he later told DataBreaches.net, he was using the identity DeadVox.

His relationship with MalSec does not appear to have lasted beyond mid-April:

… to be honest I don’t remember much of it since everything happened so fast. One day I was working on a foreign op and the next thing you know I’m creating a splinter cell from Anonymous with this random guy I just met that wouldn’t shut up about how he is part of lulzsec. The year had just started and I was already infamous on the net so my first thought about it was “I’m being recruited by the feds. Here we go!”. To be fair the fact that on the news I was reading how all the members were being arrested, some accused of snitching and so on while I was hanging out in the very same network that they had at one point, with this guy besides me going like “Yeah were gonna be a billion times more famous than them” made me even more paranoid. But it was so funny that I couldn’t bail I had to see it through, I had to know where it was going.

I can’t tell you which people were involved or even how many but in the beginning he was the one recruiting users and making contact with the media. Actually there were more members of this same group and other famous ones in MalSec, like really known ones most of which got arrested throughout the years. I can’t even hint you since you’d figure it out on the spot and this isn’t what this interview is about.

I eventually began recruiting and training my own people since things were going slow. No one was keeping up and I felt the need to have my own group. Even that wasn’t enough so on the 16th of April I created Team GhostShell. On the same day of the first leak.

I was always fighting with the other guy because things weren’t progressing fast enough. He would always ask me for my private data before a release to “inspect” it and would get back to me in a couple of days to let me know if I can leak it or not. Now that I look back at it every single thing he did was step by step the exact same thing every other known and caught hacker group has been going through. Some fed clearing things up with his superiors, logging the conversations through IRSSI and generally handling the situation whenever someone stepped out of line and leaked something he didn’t say it was ok.

On another occasion, he explained it this way:

I was the one in charge of all hacking activities and everyone else came to me whenever they would attack something but just as explained it was the constant friction between me and the other guy. I was being held back from doing what I wanted to. He had to vet everything, with whom I have no idea and then I had to wait for him to do the public release, media campaign and all that. I didn’t like that type of situation at all, it was too sketchy and overall I wanted more freedom of expression.

[…]

On the bright side, one of the many advantages you get from being apart of such a group is that you get great publicity. Since the leaks are approved by the feds they will go out of their way to help you get famous. One of the funniest things out of this is that no matter how much infamy I got as the years went by I never really got articles written by the same mainstream medias as we did when I was in MalSec. ArsTechnica, Motherboard, Wired etc., I’m looking at you homeboys. A famous group of hackers means a more important bust later on. Tell me you’ve never noticed how for some hacker groups that are barely known publicly do a major hack, get instant public exposure and then right after they get arrested. They’ve been infiltrated and used for a long time and if by the end of their little adventure they’re not famous enough they’ll get an extra boost, on the house. Win-win for everyone.

As suggested by his response to that question, GhostShell was discreet and did not name others involved in certain operations or projects, although in the case of MalSec, he gave us additional information and enough hints that enabled us to guess to whom he was referring as his recruiter and possible fed. Because, however, he did not actually name him or offer any hard proof that the individual  is a fed, we are not naming him, either.

We are also aware, from comments on Twitter, that some dispute GhostShell’s description of his involvement in MalSec and his version of what happened.  We are simply reporting statements GhostShell has made without any warranty of their accuracy.

Interview Topics:

  • #OpRomania
  • Anonymous
  • MalSec
  • “Team” GhostShell?
  • More on Snitches, the Feds, and the Scene
  • Why did he really disappear in 2013?
  • On criticisms of “simple” hacks
  • Psychological Factors
  • Difficulty Finding Work and Risk of Arrest
  • If You Knew Then What You Know Now….

Related posts:

  • Taking pity on law enforcement, Romanian hacker “GhostShell” doxes himself
  • GhostShell, On the Record – Snitches, Feds, and the Scene
  • GhostShell, On the Record – Anonymous
  • GhostShell, On the Record – “Team” GhostShell?
Category: Commentaries and AnalysesHack

Post navigation

← GhostShell, On the Record – Anonymous
GhostShell, On the Record – “Team” GhostShell? →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.