DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Lone hacktivists persist, but are they making a difference?

Posted on February 21, 2017 by Dissent

Sometime around June, 2015, a hacktivist who calls himself @ElSurveillance on Twitter began defacing web sites of escort services. In July, 2015, I became aware of him and began reporting on his attacks, which usually include messages left on the sites about how the service and conduct is an affront to Islam.

To get an idea of how prolific @ElSurveillance is, his record on Zone-H.org lists 299 defacements, of which 52 are single IP-address defacements, and 247 are mass defacements.

Last month, I was surprised to read on Twitter that he was leaving for “a better place.”

It turns out, the “better place” was not what I had understood that to mean. Now he’s back announcing new attacks, including an as-yet-unnamed Australian site:

Hitting an #Australian #Escorts classifieds with a massive data-leak which includes emails passwords in plain-text and Nums#EscortsOffline pic.twitter.com/v4tmyJEHpd

— ◖المـــراقــــــبة◗™ (@ElSurveillance) February 19, 2017

He’s also coding his own scanners:

Admin Page Scanner under the development especially for #EscortsOffline#IOnlyNeedAWebBrowser4hacking pic.twitter.com/zDs4myKcr7

— ◖المـــراقــــــبة◗™ (@ElSurveillance) February 19, 2017

As we’ve seen with him before, it’s not unusual for him to hit a whole bunch of sites that may be on one server:

26 Escorts websites #hacked – https://t.co/TtuxXeY5kg – Slapping them all#EscortsOffline

— ◖المـــراقــــــبة◗™ (@ElSurveillance) February 15, 2017

Usually, he neither exfiltrates nor dumps any personal information. His message is generally in the defacement message he leaves. But as I learned recently, defacements aren’t his only method of attack, although other methods are not under the “ElSurveillance” identity.

So why does this site continue to cover him, you may be wondering. Well, frankly, I’m fascinated to watch someone who does not affiliate with others, but under his own nickname, has been on a consistent mission for almost two years now. He does not seek media attention, and generally doesn’t get it – probably because most people don’t care about escort service sites and most people using those sites are hopefully smart enough to use throwaway email addresses or names. And yet he persists.

ElSurveillance isn’t the only hacktivist who persists, however. I recently became aware of “[Nine]” whose Twitter account is @NyuSecurity. His profile says:

[Nine]’s avatar.
~#Defacer ~#AntiSec ~  #StopKorrupcion# Mas de 5000 .com.ar hacked # #FreePalestine |DHKC ~ ACAB|

Indeed, if you check his activity on Zone-H, you’ll find that he has 3,489 defacements, of which 287 are single-IP addresses and 3,202 are mass defacements since November of 2013. Unlike ElSurveillance, however, [Nine] has a number of issues that he lists in his defacement messages.

Also unlike ElSurveillance, [Nine] exfiltrates and dumps data:

Ministerio de Modernización Argentina – hacked by @NyuSecurity pic.twitter.com/GJRFQHd75S

— [Nine] (@NyuSecurity) May 20, 2016

So do these somewhat lone hacktivists make a difference?

I recently asked @ElSurveillance if he feels that his efforts have made any difference or had any impact. In DM on Twitter, he replied:

@ElSurveillance’s avatar

To be honest I haven’t checked all the sites I attacked since I started the operation, But yes, I have seen some of them who were suspended or no longer in operation, especially the ones who claimed to be serving in the Islamic Countries….  And as an individual attacker, I strongly believe it worth my time.

Somehow, it’s always the groups that get media coverage, whether they brand themselves as “Anonymous” or “Lulzsec” or some other name, but we should not lose sight of individuals who are out there, trying to change the world for issues they care about.  Whether you consider them criminals or heroes,  they are true hacktivists.

Update: Post-publication, I received a reply to my email inquiry to @NyuSecurity as to whether he felt he was making a difference. His response:

La diferencia principalmente trato de hacerla para conmigo, practicar, mejorar y asi. Puedo decir que muchas empresas y organismos del Estado cuentan con mas seguridad luego de que yo expusiera una brecha. Tambien puedo decir que muchos han escuchado mi mensaje y han recapacitado en cuanto ha aquello que iba mal.

So he, too, feels like he is making some difference and that his targets are hearing his message and not just increasing their site’s security, although even that could be considered having an impact.

Category: Breach IncidentsHack

Post navigation

← Harvard Computer Society’s Face Should be VERY Crimson: Inadvertently Exposed Student Info Online – for YEARS
Patient info goes for how much on the dark web? →

4 thoughts on “Lone hacktivists persist, but are they making a difference?”

  1. Indee One says:
    February 24, 2017 at 2:45 pm

    I am no psychologist, but it sounds like attacking certain “escort sites” is this person’s way of getting rid a culture that some may feel is less than proper…I will stop speculating now because I don’t really know why.

    I do fascinating to hear of line hacktivists defacing sites for undisclosed reasons. It makes me wonder why these and why do they want to act in this way? (Especially with not seeking media attention.)

    Keep reporting and following this…

    1. Dissent says:
      February 24, 2017 at 3:41 pm

      His motivation is clear and he’s stated it numerous times in his Twitter feed.

      1. Indee One says:
        February 24, 2017 at 10:14 pm

        I re looked at this Twitter account..I was thinking of visiting another hacker’s account that I was following. My bad…Too many hackers have all of these cryptic names.. Sometimes hard to keep up…:)

    2. ElSurveillance says:
      February 25, 2017 at 9:56 pm

      When I first started the operation, I mainly used to target most of the sites

      The answer for “Seeking media attention”
      Many of hacker out there nowadays are seeking the media’s attention for different reasons but mainly to make some money
      either by asking their supporters to
      1) Donate money
      2) Sell their products such as botnet, Hacking tools, Databases, T-shirt or some other crack products and so on
      3) Or these who call themselves hackers but actually they are harmless anyway due the less knowledge and skills they have
      * So the more attention they get, The more chances their products will get noticed by people

      I’m not looking for any of the listed above
      I don’t need any support from the fans/followers
      I don’t need money as I have a full time job
      I don’t need to be in a group to claim the entire credits
      I don’t need tools as I develop and code my own tools

      I strongly believe that I have what it takes to keep my campaigns running continuously and effectively and I don’t need to hide behind some kids such as anonymous or like the groups who most of them got arrested anyway

      If you need any more details, You know where to find me
      “I do respond on the questions”
      Have a good one
      ElSurveillance

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Masimo Manufacturing Facilities Hit by Cyberattack
  • Education giant Pearson hit by cyberattack exposing customer data
  • Star Health hacker claims sending bullets, threats to top executives: Reports
  • Nova Scotia Power hit by cyberattack, critical infrastructure targeted, no outages reported
  • Georgia hospital defeats data-tracking lawsuit
  • 60K BTC Wallets Tied to LockBit Ransomware Gang Leaked
  • UK: Legal Aid Agency hit by cyber security incident
  • Public notice for individuals affected by an information security breach in the Social Services, Health Care and Rescue Services Division of Helsinki
  • PowerSchool paid a hacker’s extortion demand, but now school district clients are being extorted anyway (3)
  • Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The App Store Freedom Act Compromises User Privacy To Punish Big Tech
  • Florida bill requiring encryption backdoors for social media accounts has failed
  • Apple Siri Eavesdropping Payout Deadline Confirmed—How To Make A Claim
  • Privacy matters to Canadians – Privacy Commissioner of Canada marks Privacy Awareness Week with release of latest survey results
  • Missouri Clinic Must Give State AG Minor Trans Care Information
  • Georgia hospital defeats data-tracking lawsuit
  • No Postal Service Data Sharing to Deport Immigrants

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.