MarketPhineas Fisher
Company Profile

Phineas Fisher

Phineas Fisher is an unidentified hacktivist and anarchist. Notable hacks include the surveillance company Gamma International, Hacking Team, the Sindicat De Mossos d'Esquadra and the ruling Turkish Justice and Development Party, three of which were later made searchable by WikiLeaks.

Hacks
Gamma International attack In 2014, Gamma International, most known for the FinFisher malware was hacked and a 40 gigabyte dump of information was released detailing Gamma's client lists, price lists, source code, details about the effectiveness of the FinFisher malware, user and support documentation and a list of classes/tutorials. Months later Fisher released the first document of the HackBack! series named HackBack!: DIY Guide for those without the patience to wait for whistleblowers which claimed responsibility for the Gamma International hack as well as giving detailed instructions aimed at beginners on how to repeat similar attacks, intending to "Inform and inspire you to go out and hack shit". After the release, WikiLeaks rereleased it as part of SpyFiles 4. Hacking Team attack in Phineas Fisher's manifesto following their hack of the Cayman National Bank (2019) (translation of The Anarchist Library) Fisher in 2015 claimed to have successfully breached Hacking Team. In the communique, which was this time released in Spanish, Fisher claimed to have breached the network through a 0-day exploit from a bug found in a SonicWall SSL-VPN embedded network device. The exploit was subsequently patched by SonicWall before it was made public by security researcher and ex LulzSec member Darren 'Pwnsauce' Martyn who stated "The only recommendation I have if you use these products is to unplug them, douse them in kerosene, and set them on fire. It is the only way to be safe from something seemingly developed with this level of negligence." After the release of the files, WikiLeaks rereleased the Hacking Team emails. Mossos D'Esquadra union attack On May 15, 2016, Phineas Fisher breached and leaked data from Sindicat De Mossos d'Esquadra (SME), the police union of the Catalonian police force. Fisher uploaded a video to YouTube of the attack and a link to a cache of personal data of officers such as full names, addresses, bank accounts and telephone numbers for more than five thousand officers, a quarter of the total force. The Minister of the Interior, Jordi Jané i Guasch stated that the leak "does not compromise the work or investigations of the agents, but does compromise their privacy". Fisher claimed that Ciutat Morta, a Catalan documentary investigating the 4F case, inspired her to commit the attack. Fisher uploaded a thirty-nine minute video after the attack to YouTube. The video consists of the attacker probing an SME website with publicly available open-source tools before using an SQL injection to dump the data. Whilst the attacker waits they show the viewer images of people who have allegedly been victim to police brutality at the hands of Mossos, a woman blinded at the 2012 Barcelona General Strike. The video is set to a soundtrack themed around anti-police and overtly 'revolutionary' English and Spanish language hip-hop. Arrests In early January 2017 the mossos in conjunction with the Policía Nacional raided and arrested at least four people, including a person in Salamanca, Spain and two in the Sants district of Barcelona under suspicion of the SME attack. A few hours after the raids were reported in the Spanish press Vice Motherboard claimed that they had been in contact with an email address previously associated with Fisher who claimed to be free at the time of contact. AKP hack In 2016, Fisher claimed responsibility for breaching networks belonging to the Turkish ruling Justice and Development Party (AKP) and stealing hundreds of thousands of emails and other files In solidarity with the Kurdish movement in Rojava and Bakur. Wikileaks caused issues with Fisher after the organization published the AKP emails despite Fisher directing them not to, potentially leaving operational and personal details vulnerable. Fisher also accused Wikileaks of saying they knew the emails were "all spam and crap." The information was not in the files uploaded by WikiLeaks, but in files described by WikiLeaks as "the full data for the Turkey AKP emails and more" which was archived by Emma Best, who then removed it when the personal data was discovered. Most experts and commentators agree that Fisher was behind the attack. Cayman Island National Bank and Trust hack In November 2019, DDoSecrets published over 2 terabytes of data from the Cayman Island National Bank and Trust, dubbed the Sherwood files. The files were provided by Phineas Fisher, who was previously responsible for the hack and subsequent release of Gamma Group and Hacking Team documents and emails. The files included lists of the bank's politically exposed clients and was used for studies of how elites use offshore banking. The leak led to at least one government investigation. == Bug bounty ==
Bug bounty
In Fisher's 2019 Cayman Bank hack communique, Hackback! Una guía DIY para robar bancos (Hackback! A DIY guide to robbing banks), Fisher offered hackers up to US$100,000 in either of the Bitcoin or Monero cryptocurrencies to carry out acts of hacktivism that lead to public disclosure of documents, naming it the "Hacktivist Bug Hunting Program". In the communique, Fisher states that "this program is my attempt to make it possible for good hackers to earn a living in an honest way by revealing material of public interest, instead of having to go selling their work to the cybersecurity, cybercrime or business industries", going on to cite examples of companies to target such as extraction industries in Latin America, Private Military Contractors including Blackwater and Halliburton and operators of private prisons such as GEO Group and CoreCivic. MilicoLeaks In 2020, Fisher claimed to have paid US$10,000 out of the "Hacktivist Bug Hunting Program" to an anonymous hacker who leaked over two gigabytes of emails and documents from several email accounts belonging to Chilean military personnel. The archive was named MilicoLeaks by Distributed Denial of Secrets. The cache of documents included over three thousand emails and one thousand documents, some related to "intelligence, finance and international relations". The Chilean military confirmed the breach in an official document via Twitter. == Identity ==
Identity
The identity of Phineas Fisher is currently unknown. Fisher has been accused of being a Russian agent by tech journalist Joseph Menn in his book Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World. The book also claims that this is also the assumption of the state department, quoting James Lewis, claims which Fisher strongly denied An Italian judge echoed this claim, saying "[Phineas Fisher’s motives were] certainly political and ideological." Fisher has issued communiques which reference Anarchism and anarchist related content such as the Zapatista Army of National Liberation as well as labeling herself an 'anarchist-revolutionary'. The name "Phineas Fisher" is a play on the name of the FinFisher malware developed by Gamma International. "Subcowmandante Marcos" is a word play on the former Zapatista Army of National Liberation spokesperson Subcomandante Marcos. The Cayman National Bank hack communique featured ASCII art of a cow with a pipe reminiscent of a famous image of Marcos and used the well-known Zapatista slogan "Para que nos vieran, nos tapamos el rostro" ("In order to be seen, we covered our faces"). == See also ==
Source: Wikipedia ↗
tickerdossier.comtickerdossier.substack.com