In the case of the hacker known as SPYDIRBYTE, one could say that malware maketh the man. As controversial as that may sound, consider how malware can be leveraged against the enemies of a hacktivist, such as corrupt state and commercial actors.
When we think of malware, we often envision simple, whimsical DDoS attacks taking random websites offline. I've spent more time criticizing the Anonymous collective for such attacks than for anything else. However, after interviewing SPYDIRBYTE, I began to understand that, in some cases, a DDoS attack can be a statement.
In most instances, DDoS attacks are whimsical and have no lasting impact on their targets. But take e-commerce websites, for example: when these go offline, people panic. While a business isn’t making money, customers lose interest and may take their business elsewhere. Regardless of the target, system administrators often end up scrambling to restore service.
Not only is access to websites disrupted but the daily routines of system admins and consumers are also thrown into chaos. Now, put a determined hacktivist behind the keyboard and see what ensues. Sometimes, a statement is enough to signal to the powers-that-be that their days are numbered.
“Nowadays people say DDoSing is [for a "SKID"] move, but every single Operation of Anonymous always has been DDoS … Most of our victories is from DDoS and website defacement or getting into a database,” he explained.
Now, let’s take a trip down memory lane to when it all began for SPYDIRBYTE.
Pain produces power
What happens when a bright young man with hope for a better future has had enough? This is seemingly a common theme among nearly every hacker I’ve encountered. You see, whether it’s societal pain, emotional or psychological, or something tragic or traumatizing in our respective upbringings, there is some uncanny element among us all that seems to break forth from the recesses of powerlessness.
From this undefinable element, the forces of causality come into play, where young upcoming hackers discover something about themselves that’s more powerful than the harmful forces oppressing them.
“A lot has happened to me as a child... Tired of the judgment, tired of the abuse, tired of the government, tired of not being free…” he says, recalling the past as he contrasts his upbringing with his life within the Anonymous hacktivist collective.
“As an Anonymous member, you're free... You can be anyone you want to be and not be judged for it because them people don't know who you are, you can do anything you wanna do and not have to worry about getting in trouble or being told you can or can't do something that you believe in that should be right for the people…”
With a father who was barely home and his biological mother nowhere in sight by the time he was only five, he found himself in an extremely abusive environment with a monstrous stepmother.
“Literally locked in my own bedroom grounded for months on end turned out to be years... I went to school but barely went and listened because of my home life,” he explained, describing events that are utterly unconscionable.
“So judgment in school was a b*tch... everyone looked at me differently because of what my parents were telling the school, but my father didn't realize what was really going on because if I had said anything, I would have gotten beaten.”
“Then if we're talking about my blackhat side... I just love to cause chaos... I love the power behind hacking... It's kind of like being superhuman because we're doing something others can't do and probably know nothing about... It's an adrenaline rush for sure.”
Disowned. Misjudged by his peers without a cause. He ended up falling into a street gang while simultaneously stepping into the role of a hacker, perhaps driven by anger, which reminds me of a quote from The Watchman by Jonathan Littman about the life of the infamous hacker Kevin Poulsen:
“He was a new generation of hacker, not the third generation inspired by innocent wonder … but a disenfranchised fourth generation inspired by anger.”
Regardless of my musings, he was redefining his identity and discovering a version of himself borne from strength and not from any notion of vulnerability.
“[I] dropped out of school… Ran away from home… Live home to home to home [and] moved to different states, living the real hacker/Anonymous life.”
“I watched a couple of my homies die... family members... So I was so mad at the world already. I didn't care what was gonna happen to me... So I became a serial swatter/ doxxer and was just going after a lot of hackers/people for no reason... DDoSing everything that I can for the movement... just doing hella sh*t for the movement... Then I was trying to get my life straight.”
His life started on the IRC chats back in 2009, the original 4chan room, as he describes it. There was this unique cultural dynamic among members of 4chan, which played a significant role in its notoriety. SPYDIRBYTE loved the waves of trolling and doxxing among these chaotic personalities.
He also frequently visited Hack Forums to learn, connect, and equip himself with new tools. The hacker world thrived on DDoS attacks, phishing schemes, trolling others to tears, doxxing, and infecting anyone naive enough to click the wrong links with malware.
Two years later, while immersed in this thriving underworld, he was unceremoniously doxxed and swatted, an experience that changed the trajectory of his life. Interestingly enough, having his home raided by law enforcement didn’t just inspire him – it emboldened him. Rather than feeling defeated or frightened, he stood in awe of this display of power and resolved to learn how to execute such actions himself.
Doxxing and swatting are tactics often used to strike fear into their enemies. However, their plan failed, ultimately transforming him into an imposing opponent.
His first hack at age 13 set things in motion after discovering how to launch phishing and social engineering campaigns. This quickly evolved into using malware, which he used to get revenge on the individuals responsible for doxing and swatting him.
Wanting to get more involved with Anonymous and its operations, he found the AnonOps IRC channels and started taking part in Operation Darknet and Operation AntiSecurity.
Defining operations
Operation Darknet was a large-scale hacktivism operation aimed at the child abuse website known as LolitaCity onion site, whereby they released the names of some 1,500 members and DDoSed 40 websites known to distribute child sexual abuse images.
Armed with Q Bot, SPYDIRBYTE shut down “LolitaCity and a few other dark web websites that were a threat to the movement.”
Furthermore, his very first defacement was also LolitaCity. Its vile admins had lost control of their CSAM empire, but his OpChildSafety work didn’t end there.
“There was this hosting server that traffickers [in child sexual abuse]and predators were using called FreedomHosting. We had it completely shut down in 2013,” he said.
FreedomHosting was an infamous illegal dark web hosting service known for hosting sites that distribute CSAM, drugs, weapons, and software.
This attack was executed four years before the ghost from BlackForums known as Vanerak brought FreedomHosting to its knees, along with 20% of the entire dark web.
With Operation Anti-Sec, he found himself having Lulz at government website security alongside members of Anonymous, with the operation spearheaded by LulzSec. This Op included a sizable list of government targets.
“I shut down the CIA website for four days…” he said, reminiscing on the days when vigilante hackers defaced or DDoSed government websites to publicly broadcast their pirate message to the world.
Attacking a website is the equivalent of using it as a bullhorn to exercise radical activism.
It was now the turn of the year 2013, and he was now participating in Operation Last Resort, where he attacked the Department of Homeland Security Liaison cyber team. By setting up a honeypot, he exposed the identities of their whole cybersecurity team.
This Anonymous-led hacktivism was an aggressive legal reform initiative that followed in the wake of the tragic suicide of hacker folk hero Aaron Swartz. Hackers seized control of the US Sentencing Commission website and turned it into a game of Asteroids. Anonymous threatened to release decryption keys for secret court files if their demands were not met.
In 2014, during Operation Ferguson, he shut down the LAPD website, and Chicago PD website, along with over 80 other police sites. This moved onto a bona fide hacking spree between 2015 and 2018, where he hacked ISIS websites, KKK sites, corrupt government entities, you name it. If an operation was declared, he was there.
It was during this time that his malware was gaining popularity and spreading with prolific abandon. This, in turn, fueled some of his most powerful DDoS attacks to date. For example, he alleged to be the mastermind behind the Alex Jones InfoWars botnet attack, which distributed billions of requests using just 70 thousand bots. The list of attacks is vast and also includes a recent attack on the Moms For Liberty site.
Weaponizing malware
“I started writing my own malware after using a tool called DarkComet, which was a RAT Tool which RAT means Remote Access Trojan where hackers can control other people's computers, spy through the camera, collect anything we want to with DarkComet, and even back then FUD Malware was sooo easy back then it was like Malware was unstoppable for a couple of years,” he said.
“My first programming language was Delphi for malware... I just love the Idea of a RAT... it's like really a superpower that's unstoppable to 90% of the people that don't know sh*t about anything malware-like or how it's distributed.”
With his knowledge of writing malware, he said he also helped in the development of Orcus RAT, also known as Orcus Administrator, which is a widely popular Remote Access Trojan.
Instead of resorting to breaking into a single system or network and putting in the hours, he made malware work for him. Like the popular saying, ‘Work smarter, not harder.’
He was able to leverage over 40k computers from scammers, other hackers, ISIS members, and computer systems belonging to the Iranian government. Somewhere in this rather extensive target résumé and repertoire, he asserted that he shut down all police websites in the United States, including the official website of the State of Texas.
He learned how to profiteer by selling identities, such as Social Security information, which itself is a bustling online market. Meanwhile, his aptitude for spreading malware evolved into creating honeypots and drive-by downloads embedded in social media advertisements, allowing him to collect credit card information.
He also wrote 'bait software' to lure other hackers targeting children on platforms like Roblox and Discord. Through these tactics alone, he managed to backdoor over 700 targets. Protecting vulnerable kids from predators and other hackers has always been a principle he’s stood by, especially when the threats against kids vastly outnumber any “cyber guardians.”
“Then if we're talking about my blackhat side... I just love to cause chaos... I love the power behind hacking... It's kind of like being superhuman because we're doing something others can't do and probably know nothing about... It's an adrenaline rush for sure.”
Unraveling motives
The mindset and overarching motives of hackers are often difficult to pin down long enough to slap a label on it. People say hacktivists are greyhat hackers, political hackers, this or that. When we think of hacktivists whose goal is to frustrate and expose corrupt government institutions, each of us conjures up a subjective picture to help us understand them better.
Hacktivists do not have to be a paragon of virtue to fight for a just cause, wanting nothing in return. Hackers cut from this cloth can be seen as anti-heroes, simply because they lack all the heroic qualities in the traditional sense while struggling in this human condition. It’s the struggle to overcome life’s insurmountable hardships that makes them relatable.
This is a good thing, even when the process is questionable or difficult to understand.
While most people grind their teeth and ball their fists at what’s going on in the world around them, incessantly complaining and ranting passive-aggressively on social media, they often lack the will to act.
That is the difference between hackers and the rest of the world. Nearly all of Earth is interconnected through the digital phenomenon we call the World Wide Web. That is why it is our world now. Because of this, we strive to amplify the voice of the people.
While driving government website administrators crazy as they scramble to wrestle for control, or while hacktivists like SPYDIRBYTE fight a frontline battle against the hordes of online pedophiles, or protest against the unjust and the corrupt when checks and balances fail, the willingness to act is what sets them apart from those too afraid to do it.
“Everything the movement stands for is fighting for justice and freedom... As a Native American... I will keep fighting for that without others knowing who I am... I don't need to be recognized for what I do for the people... 90% of these people that are on the internet today don't know sh*t [about] what happens in the background of anything... They follow the media... If others were to follow the movement, they would most definitely change what today’s world would be like.,” he said.
Lastly, he aims to mentor and guide the next generation of hackers who are interested in getting involved in hacktivism with Anonymous, which is his way of giving back to the movement by contributing to its survival and subsequent future.
At the end of the interview, he offered a quote from Edward Snowden, who said: “I can't in good conscience allow the US government to destroy privacy, internet freedom, and basic liberties for people around the world with this massive surveillance machine they're secretly building.”
Your email address will not be published. Required fields are markedmarked