Unfortunately, the hacker couldn’t reveal the name of his home country because he comes from a place where his kind is not tolerated by local authorities. However, our Eastern European hacker, wherever he may come from, has a very interesting story to tell, revealing a lot of details about his life and his hacking operations.
Softpedia: What is the significance of your hacker name? What does SEPO stand for?
SEPO: SEPO is the abbreviation of my first name and the last name. I don't remember who gave me this nickname, but I'm using it for at least 6 years.
Softpedia: Are you a black hat or a gray hat and were you always what you are now?
SEPO: I am a gray hat. I help administrators if they ask for my help. If I hack a website, I never publish all the database, all the accounts. I am making just PoC, sharing to administrators that their website can be hacked.
Most of time I contact the administrators to tell them that I'm going to publish some info. If they respond, I let them close all vuln's and only after I publish the info. If they don't contact me and don't pay attention to my emails - that is only their problem.
If there is a website sharing some content that can disturb anyone, or if it’s working only for money, or working for governments and it is on the list of Anonymous’ targets, I become a black hat.
Softpedia: So you contact administrators to let them know that their sites are vulnerable?
SEPO: Yes, most of time I contact the administrators to tell them about vulns. Sometime they respond to me, some of them ask for a little help. It's cool when you can use your knowledge to help someone.
Softpedia: When did you start to hack, and why? Did you ever hack just for fun or was it always for a purpose?
SEPO: Until 2009 I was hacking only emails and ICQ accounts. Then I discovered a tutorial for SQL Injection and I started to learn PHP and MySQL. This method has become my favorite, and then goes XSS and social engineering.
When I was hacking emails and ICQ accounts it was just for fun, but after a little time I found that a lot of hackers are making good money for this.
I tried to make some money and it was pretty nice after I was paid with $700 for a big list of emails. It took me several weeks, but the result was a good one.
Now it’s hacktivism, only targeting governments and corrupted companies, universities and others.
Softpedia: Were you ever part of a group, or did you always work alone?
SEPO: Anonymous. But as you know Anonymous is not a group. It's an idea. And yes, I'm working alone. It's pretty hard to find someone else that wants to hack with you.
Softpedia: How many websites did you hack so far? How many defaced? How many DDOSed?
SEPO: I didn't count how many they were. There were important websites and not so important. If we take a look at last week we can see that out of the 22 websites more than 50% are banks. From 2010 until this moment I can say about 150 sites like this. I mean banks, shops, TV and radio, government websites etc.
I don't look to deface websites. I don't know why. I'm looking at how other hackers are defacing site by site and I like it, but I don't like to do it by myself.
I participated in DDOSing VISA, MASTERCARD, PayPal and the FBI, but this is not hacking. Everyone can DDOS a website, but not everyone can hack it. I prefer to hack and leak some info from the servers.
Softpedia: Why did you target African companies until recently? Was there any specific reason?
SEPO: No. There wasn't any reason. If not me, then it could be someone else. After these hacks I have a lot of emails with proof about how corrupt the African countries and governments are. A lot of people are asking me to hack new governments and I will try to do it for them.
Softpedia: What are your plans for the future? For how long are you going to hack sites and what do you plan on doing next? Which companies will you target?
SEPO: I have big plans, there is a big list of targets. I'm working on this list everyday trying to find vulns. I'm looking for exploits and updating my own software.
I have devised targeted companies in a few groups, but only big companies. There are a lot of pharmaceutical, tobacco, military companies and a lot of others.
Also, all the corporations involved in ACTA are on my hack list.
Softpedia: Are you afraid of the consequences of your actions? Are you afraid of getting caught by authorities?
SEPO: No, I'm not afraid because I know that there can't be any dangerous consequences for me or others. I'm not afraid of being caught, 'coz I know that I am not a criminal. I have never killed people, I did not steal anything, ever.
Softpedia: How old are you now and what was it like when you where growing up? Was there something in your childhood that made you start hacking?
SEPO: I'm almost 24. I live in a poor country, in a poor city full of criminals. Not even the media is broadcasting. I had 2 ways to go: to be a criminal like others, or to learn something new. I choose to learn. I have a master degree in economics, but all I know about programming and hacking I learned by myself.
I remember like it was yesterday, my first email hack. It was an email of a criminal from my city. I hacked his email in a few minutes; the password he used was “123321”.
I was making fun with it. I didn't change the password. I was subscribing him to all the [expletive] sites from the Internet, using his email to register on dating sites and I had a lot of fun with it.
Then I was encouraged by a movie called Hackers. I was reading magazines about them and I asked myself: “Why not? I can learn hacking. I want to do this.”
Now I can say that I can do this.
Last year when Anonymous started attacking I thought that this is the moment when I can start hacking. Not for fun, but for an idea. After this I was looking at what LulzSec is doing. It was amazing.
Somewhere on Pastebin there must be the a hack that I published as a guest. It was sonymusic.cz.
LulzSec and Anonymous inspired me to start hacking on a higher level.
Softpedia: Have you ever considered moving to another country?
SEPO: No! I love my country. I was born here and will stay here. I believe that someday this country, as the rest of the world, will reborn like a Phoenix and all the people will live without fear for their future.
Softpedia: What do you think about the fact that society names hackers as being criminals?
SEPO: Society names hackers as being criminals ‘coz the media is telling them this. Everyone believes that the media is telling the truth and they will not listen to hackers.
Wanna find criminals? Look at the media, at our government, police. They are true criminals.
They are killing people - they are heroes. We hack a website - we are criminals. No comment.
Softpedia: Each year, companies targeted by hackers report that they lose tens of thousands and even millions as a result of data breaches. What do you think about this?
SEPO: When they tell the media that they have lost a lot of money after a hack, the hacker is considered guilty. But why isn’t the site admin blamed? His job is to admin the site/server and prevent hacks. It's easier to say that a hacker is guilty than it is to say that the site admin is stupid.
Softpedia: Tell me more about your daily life, besides hacking. What do you do in your spare time?
SEPO: I don't have a lot of free time. I'm working, don't ask me where. But when I have some free time I play football with my friends, volleyball. I like to travel, read books, mostly Sci-Fi, and a lot of other things ;)
Softpedia: You said you have a master’s degree in economics. Do you plan on ever becoming an accountant? Do you have a passion for numbers and math?
SEPO: I like math, but I don't wanna work like an accountant. This kind of job is not for me. You will ask “Then why did you learn economics?”
Yes, I know it sounds stupid, but at first I didn't know how boring it will be.