The Five Families disrupted after SiegedSec hacked; SiegedSec thrown out, Blog Hijacked (1)

Posted on by Dissent

AlphV wasn’t the only group experiencing some disruption this week

In August, “The Five Families” announced the collaboration of ThreatSec, SiegedSec, Stormous, BlackForums (now BlackSec), and GhostSec:

A group created to establish better unity and connections for everyone in the underground world of the internet, to expand and grow our work and operations. We run shit cause we can!

Today, someone else apparently ran shit because they could, and it resulted in SiegedSec being unceremoniously booted from The Five Families.

A post, shown below, appeared on SiegedSec’s blog this afternoon.

[CONTENT WARNING: References to zoophilia and child pornography]Hello from SiegedSec! From today onward we are changing our recruitment policy. We have strict requirements and you must meet at least two of them. You must have a sexual attraction to kids OR zoo/babyfurs. You must be a member of the MAP (minor attracted person) community or be a zoofur. You (or your ekitten) must be available to fall asleep with us on discord if requested. With every of our new leaks we are going to share about 30gb of CP and Zoo Porn so you can have fun. To enter our group we will ask what your favourite CP sharing sites are, if you can answer you did not pass the test Lets bring back the glory to all members who are daily harassed for being attracted to children. ITS ABSOLUTELY NORMAL! Regards, Vio

In short order, The Five Families became four, as they explained on their Telegram channel:

We recently noticed the siegedsec group promoting heavily uncomfortable subjects and we will like to announce their immediate termination from the five families and all groups involved, we will announce the new group involved in our organization soonWe will be taking care of siegedsec and vio for their promotion of CP and uncomfortable jokes With this post, we are clarifying that we don't support the recent actions by SiegedSec and will be taking steps to make sure every problem gets solved. Updates on the situation will be following shortly

 

SiegedSec rushed to claim that the blog post was fake:

We're aware the SiegedSec blog has been defaced, with claims of supporting pedophilia and zoophilia. We're looking into this attack, as we believe it has come from the hosting provider, however we'll continue looking into it. We don't believe that any external attacker defaced the website. From now until further notice, any message from the SiegedSec blog is not official or associated with the group at all. We do not condone any of the behavior listed in the defacement. Apologies for any inconvenience related to the blog's downtime. meow meow~

As far as DataBreaches knows, SiegedSec’s statement (above) is partly true. The blog was defaced and the post was not written by Vio. It was written mostly by Kmeta, who made DataBreaches aware of the situation. When asked why he did it, Kmeta said he found all the jokes about zoophilia disgusting.  He also told DataBreaches that  SiegedSec knows exactly who was responsible and that he warned SiegedSec that if SiegedSec tried to claim the post was a hoax, Kmeta would call his mother and send her a picture of her son.

SiegedSec subsequently announced on BreachForums that he is leaving SiegedSec. When asked why, he simply said the reason was”primarily stress.”

In less than two hours, Five Families was degraded and the leader of SiegedSec was resigning from SiegedSec, intending to pass the “SiegedSec” username to another member of the group.

That probably will not happen soon, if at all. At last check, Kmeta had now seized the blog, explaining that he had done so out of disgust with the sexually themed and inappropriate jokes on the blog:

This Website Has Been Seized by Kmeta Corporation Of Electronics After extremely degenerated behaviour from vio i decided to put an end to this and jam this address. after numerous times where he was spotted making uncomfortable jokes regarding sexual contact with animals. If you are such a disgusting degenerate to support this kind of actions then i will suggest you to seek help. WHAT HAPPENED? your site isnt your site anymore, its mine) BY WHO? Kmeta Check me out at [nowhere]

For background on SiegedSec’s activities prior to now, see SOCRadar’s profile on them.

Updated December 24:   On December 21,  someone calling himself @D4RKR4BB1T47 on BreachForums (BF) posted a thread in which he initially posted a false seizure notice that names two BF moderators as being responsible for the seizure of SiegedSec. At the bottom of post that seemed to be about BlackForums and not SiegedSec, he then edited his post to  claim, “Me & Ransomed Pulled this off, any other claims are fake or troll posts.”

But he didn’t pull it off, and when I responded to the thread to clear the moderators’ names and to point out @D4RKR4BB1T47 wasn’t responsible for the initial seizure, he responded by falsely suggesting that I had no chat logs to prove my claims and I that was a “fake ass reporter.”

Of course, DataBreaches does have chat logs as they were being provided in real-time as the seizure was taking place and the original seizure notice was being posted.  DataBreaches tends to save chat logs so that this site can prove the accuracy of its reporting if ever challenged. So DataBreaches knew that the keys to the domain were going to be shared with @D4RKR4BB1T47 but that he had not been involved in the seizure.

The following is a redacted version of parts of the chat logs of December 20 — the day before @D4RKR4BB1T47 posted anything (typographical errors as in the original):

Dissent Doe
ok
why did you do this?

[Redacted]
the owner has shown multiple times that he is well attracted to animals in a sexual way and when asked he is saying “just a joke” its something i am not considering funny and seems fari  for me this to happen to them.

Dissent Doe
so you went after them for joking about sex with animals?

[Redacted]
yes

[Redacted]
dark rabbit
wants to claim it
:DDDD

Dissent Doe
noooooooooooooo

[Redacted]
why whats up

Dissent Doe
I don’t want to deal with him

[Redacted]
ill tell him to wait 24h

Dissent Doe
I’d have to reach out to him to interview him…

[Redacted]
i will just use
his namea
as the one who did it

Dissent Doe
why do you want to let him claim it?

[Redacted]
bcs its funny
just drama
getting people
out of my way
sieged now wont sale data
and rabbit look on sieged

Dissent Doe
He has a rep for getting things wrong..

[Redacted]
yep

[Redacted]
dark rabbit will wait a few days
i talked with him then ill let him have fun

But @D4RKR4BB1T47 didn’t wait a few days, and when he posted, he dragged other people into it and then claimed my reporting was false and that I had no proof? 

“Me & Ransomed Pulled this off, any other claims are fake or troll posts.”

Hardly. DataBreaches stands by its reporting. 

Category: Breach IncidentsCommentaries and Analyses