GhostShell, On the Record – Difficulty Finding Work and Risk of Arrest

This post is part of an extended interview conducted by DataBreaches.net and CyberWarNews.info with the hacker formerly known as “GhostShell.”

How did GhostShell avoid arrest for so many years? Was his OpSec that good, or is Romanian law enforcement a bit uninterested? We asked him how it is that he was never identified or arrested. On one occasion, he responded:

I can think of a couple of reasons. One of them is why arrest someone that’s useful, that you can use to move things around in the industry simply by riding that person’s actions? For example, you attack a specific country or region then the topic is about “How well protected are we in that sector?”. By using “the bad guy” as the prime example you can change something within that sphere of influence. It gets the ball rolling. It’s a cool trick.

Another aspect to all of this is my nationality, country of origin. Romania alongside the Republic of Moldova are the current poorest nations in Europe. Despite popular belief on how east europeans are criminal masterminds in the cyber arena, it’s not entirely true. The majority of every single cyber actor that gets caught is low level. Most of them are scammers. They do what they do for profit. Spammers are also notorious I waited for years to get v&, it’s gotten ridiculous. What am I, untouchable? Bullshit.

Look at romanian hacker news for these past five years. The most notorious one was a cracker. Like, no seriously, it was a literal cracker. I’m not one to make fun of hackers but this guy all he did was crack emails. Got caught for breaching a few celebrity emails then resurfaced later and started successfully attacking high profile politicians? I wonder why the whole thing sounds so familiar.

In any case the point was that east european countries most of the time arrest petty thieves, not internationally wanted hacktivists. Like I mentioned previously, were pretty rare, were like unicorns. On their hunting range, hacktivits are more valued assets than your average ebay scammer. They can use us in internationally debated arenas and is a good excuse for them to socialise with other federal organisations, on the principle “hey you have a cool hacktivist, we have a cool hacktivist too”.

Knowing GhostShell’s plan to dox himself in the hopes it would help him find work in the industry, we asked him if he would work for the Romanian government if they tried to recruit him – or, for that matter, whether any other governments had approached him or vice versa:

Screw the romanian government. I don’t wanna work for those douchebags. The romanian authorities can’t wait to sell me to the americans. I just want to get this over with so I can get a job in the industry. I’m thinking of working for the russians. I waited for years to get v&, it’s gotten ridiculous. What am I, untouchable? Bullshit.

Q: Have any governments or agents tried to recruit you to hack for them?

Ironically the only governments that tried to recruit me were the same ones I publicly declared war to. The chinese and the russian one. That very same year in 2012. I never replied back to the chinese which prompted them the next year to send me hacker convention invites on my tormail address which I ignored. Funny stuff though. The russians tried to bullshit me by saying they were from Ukraine or Belarus and that “we could help each other out”, the whole thing was so amusing I just had to reply them back. I straight out called on their lies, said that I knew they were russian and if they didn’t admit to it and get to the point I would stop talking to them. They replied back and confirmed. I never contacted them again.

Q: Did you ever apply to work for any government?

No. I did apply this one time to the CIA on their website though. Does that count? I think it was in 2014, I was so bored, nothing was happening on the networks I was in so I went to the CIA application portal and midway through I noticed it was vulnerable to XSS. So I did what every bored hacker would do, I exploited it, wrote with privileges on their site that “We’ve got some great midget porn. Join us today!”, took a screenshot of it and shared it.

Still somewhat disbelieving that he intended to dox himself, at one point we asked GhostShell, So… your intentions are to out yourself/dox yourself through our reporting/articles and then hopefully get a real job in the industry, right? Are you hoping you can dox yourself and get work without ever being prosecuted by the Romanian govt or other govts, or are you thinking/resigned that you will get arrested and jailed before you can change your life to get work in the industry, or…? He answered:

No, I’m all for being prosecuted by any gov. I just want to do it and get this over with. I’m not trying to run or make excuses for myself.

Even though I know from the experience of others that hackers generally tend to not go to prison especially if they’re first time offenders, with the exception where they may end up in a rehabilitation centre if they have additional issues like drug induced or alcohol problems, there is always a possibility that my neanderthal people will lock me up because of my activities.

Then again I highly doubt that for one solid reason. There’s a legislation set in place in Romania that says if you’re prosecuted over here you can’t be anywhere else of the same crime. So if they do decide to charge and lock me here, the american government can’t do it anymore. The grounds for an extradition would become void as well.

I personally just want to get past this and work legally in the industry. There are so many more projects that I would like to apply from that side of the field that I wouldn’t be able to realistically put out from here, due to limitations, lack of resources, isolation from the community and so on. No matter how much I managed to do all these years both publicly and behind the scene there are just some things you can’t do by yourself.

Interview Topics:

Related: