Ghost Squad Hackers


Ghost Squad Hackers or by the abbreviation "GSH" is a politically motivated hacktivist team responsible for conducting cyber attacks on central banks, Fox News and CNN, leaking sensitive data of the United States Armed Forces, leaking sensitive data of the Israeli government, hijacking Afghanistan's Chief Executive's Twitter account, and much more. Led by the administrative de facto leader known as s1ege. The group's prime intent and focus is embedded on anti-governmental and organization cyber protests within current involvements of media speculation and real life happenings in 2016 to present.

List of attacks on governments and organisations

Ethiopian government

In January 2016, GSH started its very first attacks by the defacing of Ethiopian government websites in response to the killing of nearly 500 students and activists by Ethiopian Security Forces during protests that became extremely violent was involved in the latter part of 2015 and then sparked again between August and October in 2016 Ethiopian protests.

Donald Trump

On May 21, 2016 GSH targeted Donald Trump's official website by launching Distributed Denial of Service attacks for what they saw as racist comments made towards refugees and Mexicans. Shortly after targeting Trump's official website GSH shut down Trump's hotel collection websites.

Israeli Defense Force

The group gained more notoriety after having successfully leaked data of the Israeli Defense Force on April 7, 2016. This was the day #OpIsrael was launched along with Anonymous, leaking the Database of Israel Defense Force posting thousands of IDF soldiers, border patrol, and Israeli Air Force personnel information online.

Ku Klux Klan

On April 23, 2016 GSH targeted the Loyal White Knights of the Ku Klux Klan by taking their websites down in the protest of racism while Anonymous vs. KKK protests were happening in the state of Georgia, U.S.A. Ghost Squad Hackers did the same however, in a turn of events taking down Black Lives Matter's official website after claiming the organization fueled further racism. After encountering further opposition and confrontation between Anonymous activists and BLM group that led to GSH shutting down Black Lives Matter's website over 100 times. Word was quick to spread as GSH and Anonymous were both put in spot light by the TV Series Mr. Robot in an article published online.

Operation Icarus

GSH and Anonymous worked in correlation together when "" was first launched in February 2016. The op was aimed at attacking the central banking system which the attackers accused the banks with corruption and wanted to raise public awareness. This attack sparked the invitation of more hacking teams and affiliations of Anonymous to focus their attention towards that of the Central Banks in direct regards of further scrutiny and cyber attacks.
Ghost Squad Hacker's leader s1ege claimed responsibility for the attacks which were carried out on the Bank of England email server and dozens of other banking websites including the New York Stock Exchange, Bank of France, Bank of Greece, Bank of Jordan and the Bank of South Korea, among others. s1ege went on to state that they want to "start an online revolution" to retaliate against the "elite banking cartels putting the world in a perpetual state of chaos." Hundreds of banks were targeted in this operation and to this day the exact number of banks effected is unknown.

Operation Silence

Notoriety of the group continued to escalate as the heat was turned up during the month of June, 2016. After censoring of media coverage in regards to OpIsrael, OpSilence was initiated targeting mainstream media outlets such as CNN and Fox News. A data dump was later leaked after hacking the United States Military personnel files and releasing information on close to 2,437 army personnel. The information contained in the link was uploaded to an onion link on the dark web along with a paste-bin link which contained credit card numbers and personal information on U.S. Army personnel.

Baton Rouge City government website

July 19, 2016 the sub domain of Baton Rouge City government website was hacked twice in one day by GSH after previously making news after attack towards both the KKK and BLM. These attacks however were targeting the City of Baton Rouge, Louisiana in protest against police brutality in which a city native Alton Sterling was shot and killed by Baton Rouge police officers on the 5th earlier that month. The Baton Rouge website was defaced along with a picture of Alton Sterling with a message that read, "Being black is not a crime! This is for the shooting of Alton Sterling, just because he's black does not mean he is a bad guy. You will pay. We are the justice. We are Ghost Squad Hackers. /R.I.P. Alton Sterling.

Afghanistan government and its officers

Later in the same month GSH took over the official Twitter account of Afghanistan's Chief Executive Dr. Abdullah Abdullah in an effort to raise awareness against corruption and alleged drug deals between Afghanistan and the U.S. They also targeted the Afghan Public Credit Registry website by defacing it which also further allowed them access to several social media accounts including Dr. Abdullah's in which they tweeted,
"Afghanistan Gov Hacked by GhostSquadHackers #CheifExecutiveOfficer Can you hear me now? twitter.com/afgexecutive. We found an exploit in the government server and pulled every login we could. We have more also but Dr. Abdullah was not using phone restriction and 2FA was not enabled".
The attacks on the Afghan government continued relentlessly on the first of September after prior targeting of Afghanistan's Chief Executive Twitter account, GSH further assaulted the government by defacing twelve websites in one day all of which were affiliated with the Afghan government. This included the Afghanistan's Ministry of Justice, the Ministry of Defense, the Ministry of Foreign Affairs, the Ministry of Refugees and Repatriations, and the Afghan Attorney General's Office. Further assaults continued in hopes of raising awareness for Palestine as part of OpSilence and OpIsrael after shutting down the Israeli Prime Minister and the Bank of Israel.

Operation Decrypt ISIS

The group's focus in 2017 shifted slightly towards targeting ISIS and removing them off the internet and social media completely. A multitude of accounts from Facebook, Twitter, and Telegram alike were hacked and added to an extensive list of ISIS removed. Further efforts by GSH later revealed bomb instructions and plans to be carried out by ISIS.
s1ege stated "We really do not care about attacking the U.S. elections. They've already been hacked. We mostly hack ISIS" in an interview with CBS news in the year 2018.
On February 12, 2019 s1ege released a massive leak on Islamic State Telegram and WhatsApp group's/channel's administrators. The leak included hacked phones/mobile devices, hacked Telegram accounts, hacked facebooks, hacked Twitter accounts, credit cards, geolocation data, government issued ID cards, and IP logs belonging to the administrators. The group successfully infiltrated the Islamic state community on encrypted communication applications and exposed the administrators by using malware and exploits. The leak was published on mega.nz and Ghost Squad Hackers Official Twitter account. One of the Telegram and Whatsapp Admins was a former taxi driver living in Auburn was linked to ISIS and accused of administering the group's encrypted messages. He traveled to Syria in support of the Islamic State in 2015. He returned from the conflict zone via Turkey six months later, and was promptly picked up by Australian Federal Police officers at the airport as he flew in, in September 2015. Video footage from the raids obtained by The Herald showed his wife and the children being led away from the home by uniformed police, while officers swarm on the Auburn home. He is believed to not have actually participated in the fighting in Syria, but spent time there with the radical group before returning and allegedly continuing his work for the Caliphate. The man remained involved with the Islamic State's encrypted online messaging and continued to take care of the WhatsApp and Telegram groups that the radical Islamic group uses to communicate internally and for recruiting. Documents leaked by GSH showed that several of the accused ISIS supporter's children were enrolled in local Islamic school Al Bayan. He attended South Granville mosque Al Noor, where some sources suggest he became radicalized. Images from his hacked phone exposed by GSH depicted the ISIS flag flying above Venice, explosions, blood-stained knives, children brandishing ISIS flags, a meme saying 'One bullet away from Paradise' and critically wounded soldiers. Leaked data from GSH showed one Belgian, known to be an ISIS supporter, had a video on his phone about how to most effectively behead someone. Siraj El Moussaoui tried in vain to join the Islamic State in 2016 and was arrested shortly after on suspicion of plotting an attack in Belgium.