Pierluigi Paganini July 23, 2016

Let’s continue the series of interviews with talented hackers some of them like Scrub are involved in anti-ISIS campaigns.

Scrub is a member of #GhostSquadHackers and currently involved in the #opTurkey campaign.

Enjoy the Interview.

You are a popular talented hacker that has already participated in several hacking campaigns, could you tell me more about.

I started off with fighting ISIS online with a couple of other Anonymous members, suspending ISIS-affiliated accounts and taking down ISIS websites from the internet.

Could you tell me which his your technical background and when you started hacking? Which are your motivations?

I started hacking around 2012, I gradually got much better at hacking at 2015, defacing websites and hacking accounts, then I started hacking for good – like the #OpISIS campaign, taking down ISIS-affiliated websites and suspended ISIS accounts. My motivations are for fun and sometimes for the good.

What was your greatest hacking challenge? Which was your latest hack? Can you describe me it?

The most recent hack is for the #OpTurkey campaign, defacing Turkish websites and taking down Turkish government websites. I don’t really know what my most challenging hack has been.

What are the 4 tools that cannot be missed in the hacker’s arsenal and why?

The 4 tools can be:

• A simple DoS tool for disrupting servers, or a botnet to infect computers and use them for a DDoS attack.
• A social engineering tool can be used for phishing – stealing accounts.
• PHP shells are great for rooting websites, and gaining access to other domains connected to the rooted server.
• Exploitation tools are optional – you can exploit SQL injectable servers via tools or doing it manually. I prefer to do it manually.

Which are the most interesting hacking communities on the web today, why?

Well, Hackforums has always been on the list for numerous reasons, giving tutorials on how to exploit web servers and the like. Great source for beginner hackers.

Did you participate in hacking attacks against the IS propaganda online? When? How?

Yes, I started around about November 14 th 2015, a day after the Paris attacks given from ISIS. I started from suspended their accounts online and leaking ISIS website databases.

Where do you find IS people to hack? How do you choose your targets?

I choose my targets from the @CtrlSec bots and the @tool_binary from BinarySec. The websites you can publically find on Pastebin.

We often hear about cyber weapons and cyber attacks against critical infrastructure. Do you believe it is real the risk of a major and lethal cyber attack against a critical infrastructure?

Yes, the risk is high as these infrastructures are critical targets for attackers, this can cause many problems to the owners.

Thanks a lot!

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –  Hacker, Scrub)