Interview with a Hacker

Chronicles of a Black Hat

How you would define yourself with respect to the hacking activities you are conducting?
I’m a Black Hat. This means that hacking is my job and gives me salary. I run black-ops for those hiring me. I’m quite expensive.

How did you learn hacking techniques?
Mainly at school. At the University we also used to have a couple of cybercafés at the very beginning (around 1999-2000), which is basically where most of us started.

What led you to become a hacker?
I’d say it was a mix of friends and free time. I was a teenager hanging out at that cybercafé and… everything began there, ya know. I was impressed by the things those guys were doing, I just fell in love with hacking… it was that much easier to accomplish goals, hacking into servers, stealing information, pictures… a lot of fun. Then I went into other things, meaning money.

What were/are your aims?
Right now it’s just money. People can hire me, I do the job, get the money, and disappear.

Have your motivations for hacking ever changed over time?
I would say yes. At the very beginning it was all about curiosity and learning. Then I decided to step forward into the real world, where people pay you money because they don’t know how to play as I do.

Are you part of a group or do you act alone?
I was initially part of a group. Then some people left, others stayed, although they lacked real skills; in the meanwhile I grew up and updated myself. That’s why right now I’m working mainly alone. I may buy 0day from some friends, but I prefer to run all jobs alone.

What criminal offenses have you committed with a computer?
I guess they would include gaining unauthorized access to computer systems and networks; stealing accounts, personal information, and selling them out. And I guess also industrial espionage and money laundering.

Have you ever been arrested or convicted for computer crimes?

Have laws and penalties against cybercrimes had a deterrent effect on you?
Sort of… but I’ve decided to take the risk.

Have technical difficulties encountered when penetrating a system represented a deterrent or a challenge?
They are basically a challenge. Whenever the target can’t be hacked well… ya know, there’s plenty of other targets out there :)

What is your main aspiration?
Stop working in 2 or 3 years, retiring, giving money to my family, buy my own house.

Can you describe the impact and results of the hacking activities you have conducted?
I don’t understand the question.

Have you aver considered the negative effects of your hacking activities on people?
Are you talking about identity theft and this kind of things? Yes I did consider the effects, but… it’s not my fault if the victim is an idiot, I’m sorry.

* Interview conducted by Raoul Chiesa in coordination with the UNICRI Management and External Relations team.