Gadgetory

let's talk about some of the more more intense hacks that you maybe participated in tell me about an operation tunisia operation school it started off as a anonymous operation obviously the people of Tunisia were like doing their thing you know on the streets protesting and we're doing awesome but the government started doing some weird things with the incident of communications they started intercepting communications by redirecting traffic for example if you were inside Tunisia try to access Yahoo or Facebook and try to access it by HTTP what they're like low-level routing would do is forward you either to one of their fishing servers basically or a middleman server or finally they will just redirect you to yahoo.com but without the https of stripping that encryption mechanism what that what that did was it compromised you know probably thousands to millions of Tunisians who were trying to access the internet and communicate online anyway even like you know stories of rumors I mean I don't know who's confirmed but there were two lesions there were bloggers and all that getting raided randomly like this randomly getting rated and I would assume it's because of this they were hijacking traffic monitoring journalists and bloggers and figuring out who's like who's inciting riots or was assigning the revolution and you guys obviously didn't like that well anonymous it's something like that but you know we had like a subgroup quote internet fed so it was like a little group before lowsec and it was much broader it's like thirty people in there a lot of random people that shouldn't even be in there in the first place but like you know one of my mates from LulzSec actually created like a grease monkey script or something to redirect the redirects and so once the you know it would it would redirect you off to the insecure server or to like a man-in-the-middle server it will redirect you actually back to the original real HTTP backs Yahoo server or Facebook server that's what really caught my interest I'm like wow you know this government it's like I understand they don't want this revolution you know I understand that but now you're messing with Vasili users in that night now you plane likes now your who super dictator like now you're not even cool my books it's time for war basically so then we moved on to hacking the Prime Minister's website apparently that was a big crush to the government apparently because I say apparently because their response was so extreme as soon as we deface the Prime Minister's website with a message like this is anonymous we are legion we don't you know forget they don't forgive expect us they basically firewalled the entire to legion internet so if you were in the United States or anywhere else outside of Tunisia you would not be able to access any sites within Tunisia but when we spoke to Tunisia's in Tunisia they said no it's fine and I said I could go to the Prime Minister's website right now is cool I seen this picture and at this point there was a Tunisian activist who you know was really into anonymous and he said what can I do I'm inside Tunisia so we had the bright idea of well what would happen if and this goes back to that first point I made earlier how do you bypass a firewall so you make it call you so we had this guy connects through a like a TeamViewer a remote desktop in connected to his machine from his machine wery hacks the Prime Minister's website cuz it the original four ability was still open and so imagine this right the guy is sitting eyes computer watching a bunch of hackers in this case it's a boy and some other guy and he sees his mouse moving around the screen typing into his web browser exploiting a vulnerability hacking the site grabbing like the defacement message which was a like a letter to tunisia and he got to witness all of that in real time that was really cool I can't imagine how it felt for him but we react the Tunisian Prime Minister's website internally from inside Tunisia and at that point that's when the Tunisian government began completely shutting down internet very similar to what each Egypt it during the Egyptian revolution and the rest is history yeah well and then after that I mean the final nail in the coffin operation Tunisia after you know we were all firewalled out of Tunisia what else can we really do besides you know just tweeting the story and getting it out so everybody's doing that they're doing that whole publicity thing and pushing the issue so I'm over here like okay well I'm a security researcher you know I've ordered machines and networks for many years my time with anonymous is not conclusive to my skills that I've been doing this for mass amount of time so one thing I did was I did a network-wide security audit of Tunisia's infrastructure and what I realized what I found was that Tunisia's entire government communications their entire network for emails to back buries the cellphone companies that were using the embassy internet systems they all relied on two DNS servers for the entire infrastructure of the tunisian government so i had to bring them down and by bringing those two tunisian dns servers down hitting it with like 50 gigabits per second or something i literally like destroy the entire infrastructure giving the tunisian opportunity to probably do more because at that point the government had no way of communicating each other unless they had you know analog phone systems which I'm pretty sure they did but it really causing a lot of problems I'm sure now you said in the past then you know Sachs with anonymous with a low second with others that you were sloppy and ultimately that's what resulted in the FBI finding you can you tell me how were you sloppy in what ways were they able to track you down ultimately well the biggest mistake I made was even mess with anonymous in the first place I mean Anonymous is cool the idea is wonderful but the problem with Anonymous is that it its major failure is exactly what you see on Twitter they centralize themselves compare anonymous back on 4chan and now compare anonymous now what's the difference all right anyone of everyone a 4chan was just anonymous there was no nicknames no pseudonyms no Twitter's no IRC no sort of public profile at all so if one guy did a hack you don't know that guy is from the hole in the wall this is anonymous now when you know it was moved to a certain IRC Network it was move on to I mean he gave it a lot of prominence and it's not even communicate with journalists directly now you could get stories all you could you know do your little PR propaganda whatever it is they you know they were doing but you know in left and left a lot of chances open for mistakes in my case my biggest mistake besides messing with anonymous not messing with joining the idea was using the nickname Sabu Sabu was a nickname that I used a pseudonym that I used since the 90s so I've also went to war with other people in other groups from the 90s on using that name so over the years people collect the little tidbits of information like oh he goes by Xavier so I mean I had no problem with that right because I as a security researcher that was my name are you aware by exhales which is my middle name I went by Xavier and I really security was research advisories exploits you can find all my workings go online and type in Xavier DeLeon or whatever or even go to my old blog because I have set up blog spot.com all right all my old research is there not all of it but you gotta see my exploits my local root exploits they developed so usually the nickname Samba was a major flaw in my strategist and his strategy I didn't attend assemble I've seen first connected with anonymous using a completely different name if you ask me what the name is forgotten no it was something random I probably would have avoided all this drama had I used a continue used the name but it was a situation where like you know I was using a shell server here in New York and you know I had of several different screens running one screen was running our SSI or bit checks you know I see client projects on F net and then I ran another screen connected to and I'm not the same that i was send him Nowell basic no no so basically I had SAP over here and I had read the name over here so one of those nights so I'm like may have been thinking I can lost my connection to this server reconnected I used my name Sabu because that was my actual username on the server then have you ever used bitch X it'll it'll point back to the username so you try to log onto IRC hop on IRC using where you logged into the root user you're gonna see that when you log into the server is gonna try to use the nickname roots right so in this case is my name my username on the server which was running solaris by those awesome old solaris system since my nickname my username was actually Sabu when it connected to the anonymous IRC Network it came up with Sabu and I kind of said well that means to wait now it is what it is I'm already logged so might as well stick with it might as well stick with it and once the FBI came to you once they came to your door they put you in a very difficult situation and they they basically put me in a situation where I had to choose between my family and an idea now the idea is beautiful I love the idea but I'm not gonna choose you know two kids I'm not gonna choose then the movement over to kids I mean I'm sorry about that I'm sorry that that boggles anybody's minds but I'm pretty sure anyone with children would agree that you would choose your children over you know something as you know as strange is that I mean there were a group of strangers and I have a lot of friends which I still have friends there they're probably wait for me to come back online and talk to them about you know it's nothing personal and how did the FBI monitoring work because it at that point effectively they started watching what you were doing and asked you to be more let's continue what you were doing but with them watching how exactly did that monitoring work well so yeah so those back to that previous question and did the whole the whole point was well keep doing what it is that you doing mmm to them that's the most important thing to suddenly change my modus operandi and start you know texting people like hey can I have your number I want to call you which I never did before you know what have been strange so they just simply said well keep doing with what it is that you're doing and what's gonna sit back and watch so really a tail just watching and monitoring with and it was like a Windows laptop and then just had the key logger and a screenshot taker and you know it was all automated I'm pretty sure was like a like I don't know was a kernel rootkit that they has it set up I can't really say for sure because I didn't do a security audit of the machine technically that's federal property right so I don't want to sit there to try to debug the software and break-in and go to prison for this one you know federal property did they provide you of any other resources servers or accounts or anything like that to help what point you know they provided servers for you know for use by anybody and those servers that are not being used by anybody you know it's kind of funny how people talk about it well he provided servers to you know the hackers well he didn't use the service it's like I provide it's not like I wanted to provide it you know that obviously it's part of my cooperation agreement they provided a server hey you guys want you to serve it by all means what was it pushing it you know saying but uh you know that's pretty much what that entail just sitting there logging and just keep doing what I'm doing and that provided me an opportunity keep the one I'm doing don't like hack the planet and they really kind of encourage you to do that and they said that you stopped about 300 hacks of domestic targets ultimately they were fine with you hacking international targets is that right well the thing is I wasn't acting anymore I had to stop hacking mm-hmm so all I could do is just be me and try to push issues and work on operations and keep them what it is that I was doing before I even got arrested nothing changed between me before my arrests and me after my arrest anything changed was that you know I had a situation where ever the computer was logged which is kinda ironic because most people they got arrested anyway if you look at the discoveries in the evidence they all had IRC logging enabled you know it baffles my mind especially those guys from the UK it finds computer full of IRC logs you know you could you know you want to judge me for having my computer log but you still provide the same sort of evidence rather you know it's a lot of like the Apocrypha in regards to that but that's pretty much really what happened just IRC login