representation
How long has Phoenix been around?
– Since May 2022.
– What about the Phoenix group, which was arrested in Ukraine in 2021 and KillNet hooked you up with?
– It’s hard to call Phoenix a “group”. Rather, it was a small branch of a large hacker association. Five people worked, supervised by a group of people, myself included.
– What kind of union?
– I can not say.
– What did the Ukrainian “branch” do?
– SBU, of course, said that they were wonderful and terrible – hacked iPhones and Android smartphones … In fact, they were pawns, they fell (drops are a category of cybercriminals who turn stolen money into cash – socialbites.ca) ).
The SBU has greatly embellished these men’s abilities to care for their operations. Behind the arrested men were more serious persons who, as far as I know, are now free. outside of Ukraine.
– So why is the new Phoenix group on KillNet presented to us as “Ukrainian hackers joining Russia”?
“KillNet didn’t know the nuances I just told you about. I’m the creator of Phoenix now and I’ve run Phoenix in Ukraine before. So the logic of KillNet is clear to me and I have no complaints.
– What was the name of the new Phoenix group? It’s very easy to get confused.
“Honestly, I didn’t think anyone would care about ex Phoenix. Especially since ex Phoenix is such a small group.
And then… Phoenix is a symbolic name for me personally. I recreated a gang of hackers reborn in the same way the legendary Phoenix bird was reborn from its ashes.
– Is there anyone in your group now living or living and “working” in Ukraine?
– Yes, there are enough such people. They work in a variety of fields on par with Russian hackers, but at the same time put their lives and freedoms at greater risk. Also SBU employees and even some people from the political party in Ukraine work with us.
– Why did they decide to support Russia?
– In short, there are enough people in Ukraine who are not satisfied with the current government.
– What do you say to Phoenix now? Russian hackers, Ukrainian, international?
“Actually, it doesn’t matter much. I’ll be happy with the “Russian”, “Russian”, “pro-Russian” options.
DDoS attacks
– Do I understand correctly that the main weapon of Russian hackers today is DDoS (a type of attack that disables websites and online services using large numbers of computers or other tools lined up in a chain or botnet. – socialbites.ca)?
– One of them, yes.
– DDoS attacks from the Russian Federation are often unresolved, even by companies that use protection services from Cloudflare and Google. From where? What is so incredible about Russian DDoS attacks?
– This is the virtue of our “black” hackers and hackers. We’re constantly developing new attack methods, so Cloudflare and Google can’t keep up with us in this area.
– How accurate is it to say that the Russian Federation today produces the most powerful DDoS attacks in the world?
– Completely. The newest attack methods and dozens of botnets (a network of infected devices involved in the attack on a particular site at the behest of hackers. – socialbites.ca) has hundreds of commanders of hacker groups and thousands of fighters. work.
Russian hackers were, are and will be the best in the world, as well as their attacks.
– What attack methods are you talking about?
– Simple and affordable – HTTP GET request. As part of this method, the site server is requested for a file, image, script, or any other information to display in the browser. We make millions of such requests per second, which paralyzes the operation of the web resource infrastructure.
– What role do DDoS platforms like Passion play in the strength of Russian hackers? (The latest service that combines several botnets, where you can order a DDoS attack for money. Passion is associated with pro-Russian hackers in the West. – socialbites.ca)
– As a rule, hackers do not use public services. They are expensive and their power is not great.
At the same time, some groups have personal botnets, with the help of which they carry out bespoke attacks. For example, such services are provided by KillNet. Phoenix is also developing this aspect. Some groups, say, share power with one another or combine for a common cause.
Together, it seems to me right now, they form an incredible power attack that no one can defend.
– Does Phoenix use hired force for his attacks?
– No, we have our own botnets. And our methods are also “authors”. Our bot pool is constantly approaching the power of Mirai (one of the most famous and largest botnets in the world, with 900,000 devices according to some reports – socialbites.ca).
In general, I think we will pass Mirai soon. Now we are considering how to combine several botnets. If successful, we will manage a network of millions of infected devices.
– Can you somehow quantify the nominal power of Russian botnets? How many devices do they have? At what speed do they develop?
– Everything is quite individual. Everyone has their own botnets with different attack methods and different numbers of infected devices. There may be thousands or millions of bots. The same goes for attack power. Personally, I’ve witnessed both 50 Gb/s and 500 Gb/s attacks (for comparison, the Mirai botnet’s record power is 623 Gb/s).
– If someone orders an attack on Gosuslugi from KillNet or Phoenix tomorrow, will the attack take place?
– Never. At least because the owners of the largest botnets are Russians – they have a set-level block for attacks against Russia or the CIS. Even if someone decides to do it, it will pay off a lot.
future plans
– What do you and the Phoenix members earn now? Can you at least give a hint on how you monetize your activities?
– No secret. Working with DDoS orders from abroad and hacking away from poor foreign players in the crypto market.
– How often do you receive orders from abroad?
– There is.
For example, recently orders came from Italy and Spain. They wanted to “ddosit” government websites. As I understand it, there are some political complaints – the opposition is opposed to the current government.
– Do hacking and hacking provide a regular income? Can you give me an approximate salary for a hacker in Phoenix?
– No… There is no regularity here.
Let’s say this month I can pay a salary of several hundred thousand rubles to the top officials, and the next day I go to a regular job so that I have something to pay for the loans and maintain the combat capability of the group.
What will you do when SVO is over?
– We will continue to work as we do in Europe. Perhaps we will do something more lawful and beneficial for the cherished citizens of our great country.
– The government plans to remove responsibility for cybercrime from pro-Russian hackers. What do you think about this initiative?
“This is not going to help us at all. We’re talking about the complete legalization of our work, which automatically results in a restriction on freedom of movement. I don’t think anyone will go there. Moreover, these are just promises.
– If an official cyber army was created in Russia to recruit IT specialists with hacking experience like you, would you join it?
– If so, then only for the position of commander and on his own terms financially and legally. And this is with a very, very urgent need.
– Which part of existing hackers do you think would want to become official cyber soldiers of the Russian Federation?
– We discuss this topic often in the hacking community, so I think I’m competent enough to say “no” to everyone. Get government help and cooperate – we are always welcome. But being an official cyber army… There is nothing more valuable to a hacker than freedom.