Who is Hash?
– How can I contact you?
“I introduce myself as Hesh. Just for their karma.
How long have you been hacking?
– About eight years. I started with what most of my colleagues do: I studied programming languages.
– I know you joined KillNet. Why did you leave this group?
– I have decided to be an independent people in this war, to follow my own policy and not to depend on anyone.
attack potential
– First of all, Zarya is known for hacking and a series of SBU data leaks. You must have had other attacks in the meantime. Which ones do you think are the most outstanding?
– Institutes, chambers, councils, etc. hacking of UARNet, the largest operator in Western Ukraine, which mainly hosts state institutions. Joint hacking of the SBU with Beregini and XakNet, of course. Hacking Ukraine’s leading information-analytical and expert center in the field of foreign and domestic markets for goods and services “Derzhzovnishhinform”.
Many things are still in development and are happening right now. Soon you will know everything.
– Everything interesting from the SBU’s documents has already been published, or is there still some trump card?
“Of course there is, there are many. But if we haven’t written about it yet, that means we haven’t written about it yet for various reasons. I can only say that we have come across many official documents about the current employees of the SBU.
– What do the victims of your attacks get besides loss of reputation?
– The essence of our attacks is that we only target the state and strategic facilities. Accordingly, not only reputation “leaks” from the target, but also internal documents: plans and projects, mail, correspondence, employee lists.
As a result of our attacks, Ukraine has had to review its strategy, change its plans, reassign people, etc. The data we have is enough to force half of the government agencies to go bankrupt and the entire SBU to drastically relocate its posts and staff.
– Have you tried transferring data stolen from the SBU to Russian law enforcement?
– From hand to hand – no. Contrary to prejudices and stereotypes, we do not go to the Kremlin with discs of information. At least because we value our anonymity and security above all else.
Everything we consider necessary to publish, we publish on our official Telegram channel, to which representatives of law enforcement agencies also subscribe.
– How would you evaluate the level of information security of Ukrainian organizations?
– Depending on the purpose, the level of security varies greatly. Of course, I would like to laugh at them and say that everything is very bad there, the employees are stupid and the systems are pirate scum that has not been updated since Maidan. However, this is not always the case. At the same time, I cannot exaggerate their safety.
– Cybersecurity experts often say that a hacker attack on a factory or power plant can lead to a man-made disaster. How realistic is this for you?
– Pretty real.
Just as we can drastically cut off the internet from half of Kiev, our friends can power off almost all of Ukraine. This is a big minus of the transition to the so-called intelligent control systems in industrial enterprises.
However, such an attack is a huge undertaking. It is impossible to do this alone.
– Have you ever discussed the attacks on industrial establishments in Ukraine?
– Of course. There were moments when we took control of the entire facility, down to the management of the machines.
Did you turn them off?
– Not.
The thing is, like this [разрушительные] attacks have far-reaching consequences and wide repercussions. We prefer to be kind and harmless to ordinary citizens. We are warriors, not terrorists.
– Do you think the conflict between Russia and Ukraine will reach the point of destructive cyber attacks on industrial enterprises?
From our point of view, of course not. Again, we are not terrorists. If the question is about taking control, then yes. It’s already happening. True, most likely no one will turn off the same electricity.
How to say it…
Critical infrastructure attacks have two purposes. The first is to have control. Not necessarily closing something, but having such an opportunity just in case. The second is to gain a place in the information network of the enterprise to receive information for as long as possible.
– Why do pro-Russian hacker groups rarely use highly effective ransomware?
“As I’ve said before, the goal of our hackers is to gain ground and spy on it, not come in loudly and smash everything. Encryptors are for the second scenario only.
international relations
– From which countries in the immediate vicinity are attacks against Russia observed?
– Mainly Latvia and Lithuania. Sometimes Estonia. But they don’t always have time – our experts react faster.
– Are there any Belarusians among the partners of Russian hackers?
– Of course. Many.
Belarusians are our brothers. You can always count on them.
– Are there any who fled from Ukraine?
“Surprisingly, there are a lot of them. We often work with them – very productive guys, they provide invaluable help.
– Did spies from the Information and Psychological Operations Center try to infiltrate you?
– Almost every day. Again, I can’t say how we calculated them, otherwise they would get smarter.
– Is there any confirmation of new members in Zara? What would you like to know about me if I wanted to help you?
– Of course, all of our members go through a thorough check before joining the main team.
First of all, we will be interested in a person’s experience and abilities. Then the reason why he wanted to join us. We will then conduct an internal investigation: we will examine the person’s interests and find out whether he is an active or potential spy.
Well, finally we will force you to reveal your potential in teamwork, we will check the possibilities. Our missions “fight” immediately, without beginnings.
under the same roof
– Talking to you before the interview, it seemed to me that you were not very keen to talk about your connection with KillNet. Correct me if I’m wrong.
“More right than wrong.
– Why? Was there some kind of conflict between you and KillMilk (former leader of KillNet – ed. note)?
– No, nothing like that. I’m talking to other groups, not just KillNet. It’s just, how to put it… Such information should be kept behind the scenes so as not to interfere with the work in progress. And for ethical reasons, it’s probably not worth talking about.
– However, did Zarya show up after leaving KillNet?
– Not exactly. Initially, Zarya appeared as one of the KillNet teams. From my venture. Then we were called differently at different times: 0x000000, “Quarantine” and not just. Just then, we came to “Zara” and decided on this name.
– Is Zarya currently a KillNet side project or a completely independent group?
– It used to be a KillNet build, yes. I occupied one of the leadership positions: I led groups, directed people to recruit, coordinated goals, analyzed. Now we are on our own.
– How is Zarya different from KillNet?
“Back on KillNet, we were the only department dedicated solely to targeting hacking. We didn’t do DDoS. In fact, that’s the only thing we were different from then and are different from many now in that regard.
– What are you doing at Zara? Do you just manage or are you still interested in hacking?
– In addition to supervising, I do everything my men do. Any leader should be an example to his people and be able to get started in all areas like hacking, programming and even creativity.
– What is the job of the head of the hacker group?
– I will speak for myself. I care about “Zara” as much as possible. I resolve disputes, prevent leaks, ensure security and anonymity for each participant, maintain a friendly atmosphere. My people are my everything. I am also responsible for contacts with other groups, diplomacy.
– Are there people from Killnet on Zara besides you?
– Yes, most of them.
– Why do you think KillNet diversifies its episodes? Why are 10 so-called independent small groups formed instead of one large group?
– First, it’s much easier to manage by dividing people into groups and connecting your leader to them. Participants are usually not one or five, but under a hundred. One division cannot cope with such a large number – a huge burden. Second, it is more efficient in terms of information warfare. The division psychologically affects the enemy – his eyes widen, it is more difficult for him to understand when and from whom to expect an attack. Agree, it is much easier to control one enemy, not five.
– Can you list the most active hacking associations supporting the Russian Federation apart from Zarya and KillNet?
– Of course. Basically, these are our friends: Beregini, XakNet, CyberArmy and Anonymous Russia, as well as RaHDit, DPR Joker, NoName057, Zsecnet. These are the ones I can remember.
– How many of them were founded by people from Killnet?
– As far as I know, only us and Anonymous Russia. i could be wrong
Why does everyone want to make their own Killnet?
– Definitely not that way. Many people want to join cyber warfare, but not everyone wants to do it exactly like KillNet. Create your own team and be “cool like KillNet”? Yes. Are you going to create an exact copy of KillNet? Number.
Source: Gazeta
Jackson Ruhl is a tech and sci-fi expert, who writes for “Social Bites”. He brings his readers the latest news and developments from the world of technology and science fiction.