Greetings, user. If there’s one thing whispered in hacker circles in hushed, conspiratorial tones, it's who’s an informant and who isn’t. How do law enforcement and government agencies recruit hackers? What traits do they look for?
I work for no government, no offense. The funny thing is, I’m not even an anarchist or anti-government; after all, I was raised in a proud American household. Despite how public I have always been about not becoming an informant, but to mind your own business, I was once targeted by a confidential informant for the Department of Defense, which placed me in their crosshairs to be profiled and contacted. Ultimately, this exposed a platform the DoD was using to determine candidates.
Are informants inherently evil? That is a valid question. But what is a valid response to this controversy? Do hacktivists rely on law enforcement during their OpChildSafety campaigns? Hacktivists who are also parents know the answer to this question.
If any of us uncovered a plot to murder or hurt someone, especially involving women and children, or a terrorist plot, would we look the other way because our ideals prevent us from doing so?
That’s a rhetorical question. We already understand the answer. Some people act like we do not live in the real world.
Let’s go back in time a bit and make a few connections, and contrast them with my personal encounter with the Defense Department.
Turning hackers into assets
Everyone should remember the infamous hacker Albert Gonzalez, who was the first hacker in US history to receive a 20-year prison sentence after committing one of the largest credit card and debit card thefts ever, amounting to over 170 million accounts.
After being caught by the Secret Service, he initially tried to avoid prison by becoming an informant. In the end, it backfired because he continued committing massive crimes behind their backs. Being an informant didn’t make him immune to prosecution.
We don’t have to go into too much detail about Hector Monsegur, aka Sabu, who brought down LulzSec after getting caught and became a cooperating informant with the FBI. However, it is relevant to note that through him, the FBI was able to monitor real-time LulzSec operations, identify and arrest other LulzSec members, and build broader cases against hackers associated with Anonymous, AntiSec, and other splinter groups.
When hackers become insiders
Informants are the ultimate insiders, embedded within the nerve centers of hacktivist groups and oftentimes in trusted positions. This allows them to note which targets they plan to hit, who the leaders and organizers are, and identify the role of each participant in the hacking campaigns.
It isn’t uncommon for informants to ask a lot of questions or suggest illegal activities that could be used to implicate someone in a cybercrime. This has happened to me on a few occasions, and if you know what to look for before you open your mouth, you're already prepared to filter out those you suspect mean you harm.
You do not have to be engaged in illegal activities to have your name on the lips of an informant. Since they are inherently a part of the hacker subculture and the circles hackers travel in, it may be as simple as the fact that they do not like you. Maybe you stole their thunder.
I heard it from a self-claimed government informant that he shares intel on other hackers simply because he doesn’t like them. While this doesn’t meet any criteria of probable cause in any jurisdiction, it certainly does reveal a particular mindset of a person with low ethical standards.
I say this because those who leverage their relationship with law enforcement as a tool for personal vendettas speak to that effect. It could be said this is also a form of narcissistic injury and revenge seeking, since narcissists often find themselves in positions of power over others to mask their insecurities.
Let me be the first to say, as someone who no longer commits cybercrimes and doesn’t work for the government, the informants are still there, exploring ways to trap even the most law-abiding individuals in compromising positions that put them in a state of exploitability and control.
My first encounter with an informant
Back in 2009, I recruited a hacker who went by the alias XXxxImmortalxxXX, better known by his moniker, Hex0010, who was also a member of TeaMp0isoN. He admitted to me he was an informant for the DoD.
The funny thing is, when he revealed his secret involvement with them, he seemed relieved, like a great weight had been lifted.
Even though I did not trust him, it presented a unique opportunity to exploit his vulnerability, if it was even real and not a psychological ploy, and weaponize it into a tactical advantage, since I was confident in my own OPSEC.
He told me he saw me as a brother, denoting kinship. I played my own role by adding that we were kindred spirits, since we were pursuing similar goals in hacktivism, further solidifying the appearance that I believed him.
Ultimately, this gave me access to his knowledge, as he revealed aspects of the objectives the DoD had given him to fulfill and shared his own reasons for maintaining a relationship with them.
He said the DoD simply looked the other way while we went about our business. Unlike the case of Albert Gonzales, I believed this to be true, since he wasn’t making too much noise anyway.
Digital forensic competition and recruitment platform
One day, he introduced me to the DC3 Challenge, an annual digital forensic challenge hosted by the DoD Cyber Crime Center. That year, it was their 4th annual challenge, and he was eager for the ETA to join.
Little did I know, applicants would be required to use their actual names and information. While I didn’t think my hacking group would find this very interesting, I signed up and found out the hard way after trying to register as ‘GhostExodus.’
This made me wonder if Hex0010 was using the competition registration as a clever ploy to uncover the identities of my members. The circumstances would suggest this was so.
After all, this was a tactic I used when de-anonymizing my adversaries. I would create fake forum boards to obtain IP addresses and plain-text logins. However, the DC3 registration process went a step further.
I was on my way out of the hacking world anyway, and I told myself that my hacking activities were most likely not an interest to national security, so I signed up again with my actual information, consequences be damned.
That is when the recruiter contacted me.
I was contacted personally by a man in charge of the registration process, who clarified that I should use my actual name, that the information wouldn’t be retained for records, and so on.
However, if I wasn’t on the government’s radar before, I sure was now, because they now had a registration application plainly revealing that GhostExodus is Jesse McGraw from an address in Texas.
Analyzing psychological grooming
Google had a lot to say about me back then, because I was a busy hacker. Thankfully, there was not a single shred of a digital fingerprint that I was also Jesse McGraw, as I’d never used my actual name on anything since 1998 until now.
The agent had looked into my hacking activities, even finding my YouTube channel and website called the Department of Offensive Computing, where I was developing homemade video tutorials, while using a variation of the DoD’s emblem seal.
Straight away, the agent referred to me as Ghosty and attempted to appeal to my ego using flattery and praising me for my prowess as a hacker, being impressed by my exploits and training content. Most young hackers all suffer from the condition of wanting to be desired. We want people to recognize our skills, to want our skills. This is a foothold for recruiters.
Things took a different turn when the agent revealed what it was he was aiming for:
“I don’t know how you’d feel about narking on your friends, but why don’t you consider coming over to the other side? Your country could use someone like you. Think about it.”
After spending a significant amount of time analyzing his message, I realized it revealed the recruiter's mindset and how I was perceived from the outside: potentially valuable, subversive, and arguably dangerous enough to be worth co-opting.
The fact that he opened up the conversation with an acknowledgment of moral friction, but then tried to normalize betrayal, is a common tactic used in psychological grooming.
In a nutshell, he was trying to plant seeds of persuasion by playing the “good cop” role. Moreover, suggesting that I shift over to the “other side” is a textbook seduction-by-allediance strategy. But there’s also a subtext involved that I haven’t hinted at yet.
Common traits among candidates
Why would government agencies, albeit an agency that oversees the military, look for subversive hackers to work for them? Because when you examine the character of most hackers who have become informants, the ones that are arguably the most uncontrollable are the most desired.
One of the oldest and simplest strategies of warfare for neutralizing a threat is to convert it. Becoming part of the power structure, instead of following my personal ideology to oppose it, was a total inversion of what I believed in.
All this only confirmed that I was already being profiled, and that this encounter wasn’t random. Hex0010 had led me here, and now here I was. My skills, movements, and possibly my affiliations already triggered some kind of interest.
It’s important to note, especially in relation to the hacktivist group Anonymous, that merely performing acts of resistance doesn’t make you an enemy or even a threat by design. After all, most resistance movements don’t affect the power structure. They may become a nuisance, but being annoying and being a threat aren’t the same thing.
Conversely, your resistance makes you more desirable, especially if you are intelligent, capable, and yield influence, which is a common characteristic among many of these informants.
This doesn’t mean they have to be likeable. These people are good candidates, not because the government expects you to obey, but because they want to own your fire and put your edge on their blade.
I have always been national security-minded, even as a blackhat hacker. I carry the same mindset today, which is why I advocate for rules or guidelines for hacktivists to follow in order to avoid committing unethical sabotage against civilian infrastructure.
The DoD recruiter wanted to harness my fire, but I wanted to raise awareness of potential access points that could jeopardize sensitive government information, which, in turn, could possibly affect the country.
Under the pretense that I needed time to consider his offer, I used the open door to provide him with a variety of web application exploits my team and I had discovered on U.S. government and military websites.
This included vulnerable remote desktops running directly on government local networks. Aside from my own involvement in these, I took credit for the ones my team had found in order to protect them from any potential legal repercussions. I got what I wanted, and never considered his proposal.
In a twist of fate, I was soon arrested because there was a hole in my OPSEC, and the FBI found it. Hex0010 was inadvertently involved in putting me on the FBI’s radar, but that’s old news.
The important thing to take away from all this is quite simple: you don’t need an ideology to tell yourself the difference between right and wrong.
Your email address will not be published. Required fields are markedmarked