DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

GhostShell, On the Record – MalSec

Posted on March 15, 2016 by Dissent

This post is part of an extended interview conducted by DataBreaches.net and CyberWarNews.info with the hacker formerly known as “GhostShell.”

According to GhostShell, back in the spring of 2012, he was approached by someone who had previously been with LulzSec (although LulzSec was already done by that point). That person, he says, persuaded him to team up. He was not sure of the date when he first agreed to team up,  sometimes suggesting it was around April, and at other times suggesting it was earlier, but MalSec introduced itself via a YouTube video on April 11, 2012. At the time, he later told DataBreaches.net, he was using the identity DeadVox.

His relationship with MalSec does not appear to have lasted beyond mid-April:

… to be honest I don’t remember much of it since everything happened so fast. One day I was working on a foreign op and the next thing you know I’m creating a splinter cell from Anonymous with this random guy I just met that wouldn’t shut up about how he is part of lulzsec. The year had just started and I was already infamous on the net so my first thought about it was “I’m being recruited by the feds. Here we go!”. To be fair the fact that on the news I was reading how all the members were being arrested, some accused of snitching and so on while I was hanging out in the very same network that they had at one point, with this guy besides me going like “Yeah were gonna be a billion times more famous than them” made me even more paranoid. But it was so funny that I couldn’t bail I had to see it through, I had to know where it was going.

I can’t tell you which people were involved or even how many but in the beginning he was the one recruiting users and making contact with the media. Actually there were more members of this same group and other famous ones in MalSec, like really known ones most of which got arrested throughout the years. I can’t even hint you since you’d figure it out on the spot and this isn’t what this interview is about.

I eventually began recruiting and training my own people since things were going slow. No one was keeping up and I felt the need to have my own group. Even that wasn’t enough so on the 16th of April I created Team GhostShell. On the same day of the first leak.

I was always fighting with the other guy because things weren’t progressing fast enough. He would always ask me for my private data before a release to “inspect” it and would get back to me in a couple of days to let me know if I can leak it or not. Now that I look back at it every single thing he did was step by step the exact same thing every other known and caught hacker group has been going through. Some fed clearing things up with his superiors, logging the conversations through IRSSI and generally handling the situation whenever someone stepped out of line and leaked something he didn’t say it was ok.

On another occasion, he explained it this way:

I was the one in charge of all hacking activities and everyone else came to me whenever they would attack something but just as explained it was the constant friction between me and the other guy. I was being held back from doing what I wanted to. He had to vet everything, with whom I have no idea and then I had to wait for him to do the public release, media campaign and all that. I didn’t like that type of situation at all, it was too sketchy and overall I wanted more freedom of expression.

[…]

On the bright side, one of the many advantages you get from being apart of such a group is that you get great publicity. Since the leaks are approved by the feds they will go out of their way to help you get famous. One of the funniest things out of this is that no matter how much infamy I got as the years went by I never really got articles written by the same mainstream medias as we did when I was in MalSec. ArsTechnica, Motherboard, Wired etc., I’m looking at you homeboys. A famous group of hackers means a more important bust later on. Tell me you’ve never noticed how for some hacker groups that are barely known publicly do a major hack, get instant public exposure and then right after they get arrested. They’ve been infiltrated and used for a long time and if by the end of their little adventure they’re not famous enough they’ll get an extra boost, on the house. Win-win for everyone.

As suggested by his response to that question, GhostShell was discreet and did not name others involved in certain operations or projects, although in the case of MalSec, he gave us additional information and enough hints that enabled us to guess to whom he was referring as his recruiter and possible fed. Because, however, he did not actually name him or offer any hard proof that the individual  is a fed, we are not naming him, either.

We are also aware, from comments on Twitter, that some dispute GhostShell’s description of his involvement in MalSec and his version of what happened.  We are simply reporting statements GhostShell has made without any warranty of their accuracy.

Interview Topics:

  • #OpRomania
  • Anonymous
  • MalSec
  • “Team” GhostShell?
  • More on Snitches, the Feds, and the Scene
  • Why did he really disappear in 2013?
  • On criticisms of “simple” hacks
  • Psychological Factors
  • Difficulty Finding Work and Risk of Arrest
  • If You Knew Then What You Know Now….

Related:

  • Qantas obtains injunction to prevent hacked data’s release
  • Ransomware attack disrupts Korea's largest guarantee insurer
  • Theft from Glasgow’s Queen Elizabeth University Hospital sparks probe
  • Global operation targets NoName057(16) pro-Russian cybercrime network in Operation Eastwood
  • More than 100 British government personnel exposed by Ministry of Defence data leak
  • New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers
Category: Commentaries and AnalysesHack

Post navigation

← GhostShell, On the Record – Anonymous
GhostShell, On the Record – “Team” GhostShell? →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Missouri Adopts New Data Breach Notice Law
  • Qantas obtains injunction to prevent hacked data’s release
  • Ransomware attack disrupts Korea’s largest guarantee insurer
  • Theft from Glasgow’s Queen Elizabeth University Hospital sparks probe
  • Global operation targets NoName057(16) pro-Russian cybercrime network in Operation Eastwood
  • More than 100 British government personnel exposed by Ministry of Defence data leak
  • New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers
  • North Country Healthcare responds to Stormous’s claims of a breach
  • Gladney Adoption Center had serious data exposures in the past few months. What will they do to prevent more?
  • Former U.S. Soldier Pleads Guilty to Hacking and Extortion Scheme Involving Telecommunications Companies

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Meta investors, Zuckerberg reach settlement to end $8 billion trial over Facebook privacy violations
  • ICE is gaining access to trove of Medicaid records, adding new peril for immigrants
  • Microsoft can’t protect French data from US government access
  • Texas Enacts Electronic Health Record Data Localization Law
  • Upstate NY county clerk again refuses to enforce Texas abortion judgment
  • Attorney General James Leads Coalition Urging Congress to Protect Americans from Masked ICE Agents
  • Attorney General Tong Announces $85,000 Settlement with TicketNetwork for Violations of the Connecticut Data Privacy Act​

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.