A Romanian has claimed to be the main force behind the hacker collective group GhostShell, which has been behind some of the biggest cyberattacks in recent history including attacks on the FBI, Nasa and the Pentagon. GhostShell was believed to be hacking sites just to prove any website was hackable while publicly mocking security firms like Trend Micro and Booz Allen Hamilton.
The Romanian sent a series of emails and some additional text correspondence to a few cybersecurity journalists from Wired, The Telegraph, The Atlantic and others. However, his claim cannot be verified. The Next Web, a well known IT Blog, whose correspondent was also sent the email has published the same as shown below:
"My name is Eugen Razvan G and I am the man behind the pseudonym Team Ghostshell. I'm Ghostshell. Although over the years I've been told in many ways. Some of you who have written about me, you know that DeadMellox. It is correct, except that it was an identity created to help me to know the people who follow me, including the FBI. I think you remember the fiasco Flashpoin or Whitefox Project.
Finally, I am 24 years old, born on August 16, 1991 in Bucharest, Romania. Although frequent travelers, still live here. Stand about 15 minutes from the largest building in Europe, the People's House.
Prior to founding Team Ghostshell, I was part of another network by hackers, MalSec. I set up a former member of LulzSec, who was never caught on AnonOps network in early 2012. We drove all hacking operations, and he handles relations with the media. I had a conflict with him, because I suspected that it was the FBI and we parted. I took with me all the time hackers whom they recruit and personal trainers. He kept the rest. Others left "
The website received the email from a generic Yahoo email address, with the name White Fox. Next Web says the email domain is an important one, as it has been tied to a previous GhostShell project with the same name.
Eugen, who claimed to be the face of GhostShell, provided a Pastebin login that the team was quickly able to confirm was legitimate, and used by the official GhostShell Twitter account (@TeamGhostBin) to disseminate leaked information before its suspension. The website says the proof handed over by Eugen makes a compelling case for him to indeed be a part of the hacktivist group if not the leader.
When asked why after all this while he decided to reveal his identity knowing the punishment he can face, Eugen said, "I just want to own up to my actions, face them head on and hope for the best. What I really want is to continue being part of this industry. Cybersecurity is something that I enjoy to the fullest even with all the drama that it brings and legal troubles. In return I hope other hackers and hacktivists take inspiration from this example and try to better themselves. Just because you've explored parts of the internet and protested about things that were important to you doesn't mean you should be afraid and constantly paranoid of the people around you."
GhostShell came into the limelight in 2012, hacking crucial data related to the US and Russian intelligence agencies, but almost disappeared for about three years after that. In 2015, the group announced its comeback with a much darker version that is bent on leaking information through its "dark hacktivism" campaign.