Hacker Interviews – Anonrising freesec

Today we will speak with Anonrising freesec, a hacker that is very active online and that is also fighting online terrorism.

You are a talented hacker that has already participated in several hacking campaigns, could you tell me more about you.

Sure, I’ve been working with OPDdosISIS mainly against ISIS, taking sites down (2013-2015) also Im working on OPAnonHQ, which is against the huge amount of profit they make with the anonymous idea, since they need about 200.000 dollars a year to run the servers (confirmed stats below)

• Purchase/Sale Value: $452,520 USD
• Daily Revenue: $1,240 USD
• Monthly Revenue: $37,734 USD
• Yearly Revenue: $452,510 USD
• Daily Unique Visitors: 261,001
• Monthly Unique Visitors: 7,944,048
• Yearly Unique Visitors: 95,265,365

OpWhales, OpKillingBay-EU, OpSeaWorld – For this operations, we provide network support via creating media and assisting and bringing sites offline.

Op Gabon – To support Gabon population, by bringing websites offline and spreading awareness through the social media .

Op NoDapl – As AnonRising/Risingsquad we provided media mirrors and IRC support for this operation and shared awareness via other social media platforms.

And many more OPS which are still going on.

Could you tell me which his your technical background and when you started hacking?

I started hacking in 2012-2013, before that I was just playing around with computers and networks, my technical background is mainly based on the knowledge of programming techniques and languages (e.g. Perl, PHP and Python) which are growing day by day. Hacking server/site exploiting common vulnerabilities such as Sqli, RFI, XSS, using certain exploits, and learning other methods everyday :). Of course, I have a deep knowledge of DDoS/DoS mainly on layer 3/7, I sue  heavily modified scripts to launch the attack, one in particular, was developed by Korrupt.

Which are your motivations?

Stop online terrorism, and just learn more and more everyday. And just have fun doing what you do or learn

What was your greatest hacking challenge?

Every hack is a new challenge for me/us, you will always have to find other ways to evade detection of defensive measures, and mostly you can`t use the same hack/exploit twice.

Which was your latest hack? Can you describe me it?

It is still going on, against AnonHQ getting their direct IPs, and have fun with their servers, since nothing is 100% secure.

What are the 4 tools that cannot be missed in the hacker’s arsenal and why?

Metasploit is really awesome for the exploits and the options it comes with, Nmap/Zenmap which allows you to scan the WWW, the Burp suite to analyze received and send modified packets, and Hydra to launch brute-force attack and much more.

Which are the most interesting hacking communities on the web today, why?

Certain forums and IRC are really good to hang around, to learn new methods, or to checkout the newest exploits in the underground. Also are forums and IRC are great to keep in touch with other persons.

Did you participate in hacking attacks against the IS propaganda online? When? How?

Yes, I did it from 2013-2015 with opddosisis taking their propaganda sites ofline and gather intel of their websites, and reporting their Twitter accounts to the group. It`s quiet amazing how company`s like Cloudflare protect online propaganda just for the money.

Where do you find IS people to hack? How do you choose your targets?

We mainly had a group for that that locate the websites and share them via Pastebin, it also provides details like IP addresses and open ports of the targets. Then we do the work

We often hear about cyber weapons and cyber attacks against critical infrastructure. Do you believe it is real the risk of a major and lethal cyber attack against a critical infrastructure?

Since the world is even more technology dependent, then my answer is more clear. Yes, I think that the most human beings are not educated about computers and the Internet. They mostly don`t care about malware or hacking, which makes them an easy target. And as seen before, malware can hit a critical infrastructure causing a blackout, or a huge data leak of personal info. Security leverages on every single person.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Anonrising freesec, hacking)