Pierluigi Paganini March 14, 2016

G.Razvan Eugen is a 24 year-old Romanian that claims to be the founder of the collective Team GhostShell that hacked numerous entities worldwide.

Do you remember the notorious Team GhostShell hacking crew?

GhostShell is a group of hacktivists most active in 2012 that targeted systems worldwide, the list of victims is long and includes the FBI, NASA, the Pentagon, and the Russian government.

Three years ago the group launched its last attack, we had no news about the popular hackers since 2015 when the Team GhostShell conducted a number of cyber attacks against various targets, including the Smithsonian photo contest website, The Church of Jesus Christ of Latter-day Saints, Socialblade, and the Exploratorium in San Francisco.

Now the TheNextWeb was approached by a man claiming to be the leader of the popular hacker collective. The man used the name ‘White Fox’ and a generic Yahoo email address.

The moniker White Fox is not new, in 2012, GhostShell Team claimed responsibility for a number of attacks conducted under the operation dubbed #ProjectWhiteFox.

The hackers leaked roughly 1.6 million records and accounts from a wide range of companies operating in different sectors such as aerospace, nanotechnology, banking, law, military, education and  government. Below the list of the targets hacked by the hacktivits:

• The European Space Agency
• NASA’s Engineers: Center for Advanced Engineering
• Federal Reserve
• The Pentagon
• Credit Union National Association (CUNA)
• Crestwood Technology Group – CTG123
• Bigelow Aerospace
• California Manufacturers & Technology Association – CMTA.net
• Aerospace Suppliers
• World Airport Transfers
• General Dynamics Defense Systems – GD-OtsCanada
• Zero-Max – Manufacturer of parts
• MicroController Shop
• Jp Chem eData
• Human Security Gateway
• NanoConference
• Hamamatsu
• HMI CronPowder
• Defense Contractor for the Pentagon – DPAtitle3
• Business Consultancy dealing mostly with military personnel – Drum Cussac
• Institute of makers of explosives – IME
• Texas Bankers

After a first contact, the journalist Emil Protalinski was added by the man to an email list that included other cyber security journalists from principal online magazines.

Then the man revealed his true identity, his name is G.Razvan Eugen, a 24 year-old Romanian and he claims to be the founder of the Team GhostShell

Eugen demonstrated to be a member of the Team GhostShell by providing evidence of access to the Pastebin account used by the hacking group, the same used by the official GhostShell Twitter account (@TeamGhostBin) to leak stolen data before it was suspended by Twitter.

Eugen also gave information about the private @DeadMellox Twitter account he had been using to communicate for several years and other email accounts he used while was leading the group.

“Overall, we can’t with 100 percent certainty say that Eugen’s claims are correct, and that he is indeed GhostShell, but the case is pretty compelling.” wrote the TNW

“I just want to own up to my actions, face them head on and hope for the best. What I really want is to continue being part of this industry. Cybersecurity is something that I enjoy to the fullest even with all the drama that it brings and legal troubles. 

Eugen added that “[other Team GhostShell members] were never directly involved in the main projects/leaks. 99 percent of them are from me.”

The Eugen coming out is very risky, he risks several years in prison … let’s see what will happen.

Pierluigi Paganini

(Security Affairs – Team GhostShell, hackitivism)