MLT (hacktivist)

Last updated
Matthew "MLT" Telfer
Born1994
Newcastle upon Tyne, United Kingdom
Nationality British
Education Northumbria University
Years active2006 - Present Day [1]
Known forFormer affiliation with TeaMp0isoN

MLT, real name Matthew Telfer, [2] [3] (born 1994) is a cybersecurity researcher, former grey hat computer hacker and former member of TeaMp0isoN. MLT was arrested in May 2012 in relation to his activities within TeaMp0isoN, a computer-hacking group which claimed responsibility for many high-profile attacks, including website vandalism of the United Nations, Facebook, NATO, BlackBerry, T-Mobile USA and several other large sites in addition to high-profile denial-of-service attacks and leaks of confidential data. After his arrest, he reformed his actions and shifted his focus to activities as a white hat cybersecurity specialist. He was the founder of now-defunct [4] Project Insecurity LTD. [5]

Contents

History

Believed to be the former co-leader and spokesperson of TeaMp0isoN, [6] MLT, along with Junaid Hussain and other hackers targeted many large websites and corporations over a two-year period, from 2010 up until 2012 when both individuals were arrested. The group first gained popularity after targeting infamous hacking collective LulzSec, releasing personal information on their members and purporting to have hacked their websites, they then went on to target sites such as NATO, and various government officials from the United Kingdom and United States of America . [7] The arrests finally came as a result of the probe into the alleged hacking and wiretapping of the British Security Services Anti-Terrorism Hotline. [8]

MLT was the former hacking partner [9] of Junaid Hussain, who later went on to join ISIS and was killed in a drone strike [10] by the US Government after becoming the third highest target on their 'kill list' due to his role in inspiring international lone-wolf terrorism alongside his hacking activities for ISIS under the banner of Islamic State Hacking Division. It was reported by Vice that Junaid Hussain remained in contact with MLT while in Syria, and that he used to occasionally ask for advice relating to hacking or would sometimes even openly boast about his activities within ISIS to MLT. [11]

Arrest

On 9 May 2012, MLT was arrested in Newcastle upon Tyne by the Metropolitan Police who released a statement saying: "The suspect, who is believed to use the online 'nic' 'MLT', is allegedly a member of and spokesperson for TeaMp0isoN ('TeamPoison')--a group which has claimed responsibility for more than 1,400 offences including denial of service and network intrusions where personal and private information has been illegally extracted from victims in the U.K. and around the world". [12]

It was reported that MLT could have faced up to 10 years in prison for the events leading to his arrest. [13]

Recent activity

In May 2015, someone purporting to be MLT featured on CNN, speaking to them about Junaid Hussain and claiming that he witnessed him appear on video chat once as a 'black power ranger' while wielding an AK-47. [14] In August 2015, MLT featured on Episode 5 of the TV show Viceland Cyberwar where he spoke about subjects ranging from the security of autonomous cars to the death of his former hacking partner. [15] [16]

In 2016, Matthew identified and reported vulnerabilities to eBay [17] and the U.S. Department of Defense. [18] He has stated that he avoids illegal activities and instead dedicates his time to participating in bug bounty programs. [1]

In 2022, MLT appeared as a guest on Darknet Diaries. In this episode the history of TeaMp0isoN and some of the high profile hacks that MLT undertook are discussed, as well as the relationship between MLT and Junaid Hussain. At the same time He was active in the security research group 0xFFFF, as well starting his own group known as 0dayz4dayz which is now defunct.

Currently MLT works as a bug bounty finder as well as a zero-day exploit developer. On the side he is helping found the group Cult of the Lost Callstack.

Career

Matthew was the founder and chief executive officer of now-defunct Project Insecurity LTD, an exploit research group and educational platform.

Related Research Articles

<span class="mw-page-title-main">Hacktivism</span> Computer-based activities as a means of protest

Internet activism, hacktivism, or hactivism, is the use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change. With roots in hacker culture and hacker ethics, its ends are often related to free speech, human rights, or freedom of information movements.

Intrusion Countermeasures Electronics (ICE) is a term used in cyberpunk literature to refer to security programs which protect computerized data from being accessed by hackers.

Cyberterrorism is the use of the Internet to conduct violent acts that result in, or threaten, the loss of life or significant bodily harm, in order to achieve political or ideological gains through threat or intimidation. Acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet by means of tools such as computer viruses, computer worms, phishing, malicious software, hardware methods, programming scripts can all be forms of internet terrorism. Cyberterrorism is a controversial term. Some authors opt for a very narrow definition, relating to deployment by known terrorist organizations of disruption attacks against information systems for the primary purpose of creating alarm, panic, or physical disruption. Other authors prefer a broader definition, which includes cybercrime. Participating in a cyberattack affects the terror threat perception, even if it isn't done with a violent approach. By some definitions, it might be difficult to distinguish which instances of online activities are cyberterrorism or cybercrime.

<span class="mw-page-title-main">Cyberwarfare</span> Use of digital attacks against a nation

Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic warfare.

<span class="mw-page-title-main">Kiwicon</span>

Kiwicon is a New Zealand computer security conference held annually in Wellington from 2007. It brings together a variety of people interested in information security. Representatives of government agencies and corporations attend, along with hackers.

<span class="mw-page-title-main">Anonymous (hacker group)</span> Decentralized hacktivist group

Anonymous is a decentralized international activist and hacktivist collective and movement primarily known for its various cyberattacks against several governments, government institutions and government agencies, corporations and the Church of Scientology.

Cyberwarfare by Russia includes denial of service attacks, hacker attacks, dissemination of disinformation and propaganda, participation of state-sponsored teams in political blogs, internet surveillance using SORM technology, persecution of cyber-dissidents and other active measures. According to investigative journalist Andrei Soldatov, some of these activities were coordinated by the Russian signals intelligence, which was part of the FSB and formerly a part of the 16th KGB department. An analysis by the Defense Intelligence Agency in 2017 outlines Russia's view of "Information Countermeasures" or IPb as "strategically decisive and critically important to control its domestic populace and influence adversary states", dividing 'Information Countermeasures' into two categories of "Informational-Technical" and "Informational-Psychological" groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to "attempts to change people's behavior or beliefs in favor of Russian governmental objectives."

Cyberwarfare is the use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes. As a major developed economy, the United States is highly dependent on the Internet and therefore greatly exposed to cyber attacks. At the same time, the United States has substantial capabilities in both defense and power projection thanks to comparatively advanced technology and a large military budget. Cyber warfare presents a growing threat to physical systems and infrastructures that are linked to the internet. Malicious hacking from domestic or foreign enemies remains a constant threat to the United States. In response to these growing threats, the United States has developed significant cyber capabilities.

Teamp0ison was a computer security research group consisting of 3 to 5 core members. The group gained notoriety in 2011/2012 for its blackhat hacking activities, which included attacks on the United Nations, NASA, NATO, Facebook, Minecraft Pocket Edition Forums, and several other large corporations and government entities. TeaMp0isoN disbanded in 2012 following the arrests of some of its core members, "TriCk", and "MLT".

A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, personal computer devices, or smartphones. An attacker is a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent. Depending on the context, cyberattacks can be part of cyber warfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, societies or organizations and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyber weapon. Cyberattacks have increased over the last few years. A well-known example of a cyberattack is a distributed denial of service attack (DDoS).

<span class="mw-page-title-main">Roman Seleznev</span> Russian computer hacker

Roman Valerevich Seleznev, also known by his hacker name Track2, is a Russian computer hacker. Seleznev was indicted in the United States in 2011, and was convicted of hacking into servers to steal credit-card data. His activities are estimated to have caused more than $169 million in damages to businesses and financial institutions. Seleznev was arrested on July 5, 2014, and was sentenced to 27 years in prison for wire fraud, intentional damage to a protected computer, and identity theft.

<span class="mw-page-title-main">Curtis Culwell Center attack</span> 2015 failed Texas terrorist attack

The Curtis Culwell Center attack was a failed terrorist attack on an exhibit featuring cartoon images of Muhammad at the Curtis Culwell Center in Garland, Texas on May 3, 2015, which ended in a shootout with police guarding the event, and the deaths of the two perpetrators. The attackers shot an unarmed Garland Independent School District (GISD) security officer in the ankle. Shortly after opening fire, both attackers were shot by an off-duty Garland police officer and killed by SWAT.

Junaid Hussain was a British black hat hacker and propagandist under the nom de guerre of Abu Hussain al-Britani who supported the Islamic State of Iraq and the Levant (ISIL). Hussain, who was raised in Birmingham in a family originally from Pakistan, was jailed in 2012 for hacking Tony Blair's accounts and posting his personal information online. Hussain left the UK around 2013 for Syria.

<span class="mw-page-title-main">Islamic State Hacking Division</span>

The Islamic State Hacking Division (ISHD) or The United Cyber Caliphate(UCC) is a merger of several hacker groups self-identifying as the digital army for the Islamic State of Iraq and Levant (ISIS/ISIL). The unified organization comprises at least four distinct groups, including the Ghost Caliphate Section, Sons Caliphate Army (SCA), Caliphate Cyber Army (CCA), and the Kalashnikov E-Security Team. Other groups potentially involved with the United Cyber Caliphate are the Pro-ISIS Media group Rabitat Al-Ansar (League of Supporters) and the Islamic Cyber Army (ICA). Evidence does not support the direct involvement of the Islamic State leadership. It suggests external and independent coordination of Pro-ISIS cyber campaigns under the United Cyber Caliphate(UCC) name. Investigations also display alleged links to Russian Intelligence group, APT28, using the name as a guise to wage war against western nations.

Fancy Bear is a Russian cyber espionage group. Cybersecurity firm CrowdStrike has said with a medium level of confidence that it is associated with the Russian military intelligence agency GRU. The UK's Foreign and Commonwealth Office as well as security firms SecureWorks, ThreatConnect, and Mandiant, have also said the group is sponsored by the Russian government. In 2018, an indictment by the United States Special Counsel identified Fancy Bear as GRU Unit 26165. This refers to its unified Military Unit Number of the Russian army regiments. The headquarters of Fancy Bear and the entire military unit, which reportedly specializes in state-sponsored cyberattacks and decryption of hacked data, were targeted by Ukrainian drones on July 24, 2023, the rooftop on one of the buildings collapsed as a result of the explosion.

Lazarus Group is a cybercrime group made up of an unknown number of individuals run by the government of North Korea. While not much is known about the Lazarus Group, researchers have attributed many cyberattacks to them between 2010 and 2021. Originally a criminal group, the group has now been designated as an advanced persistent threat due to intended nature, threat, and wide array of methods used when conducting an operation. Names given by cybersecurity organizations include Hidden Cobra and Zinc. According to North Korean defector Kim Kuk-song, the unit is internally known in North Korea as 414 Liaison Office.

Sally-Anne Frances Jones was a British terrorist, Islamist, and UN-designated recruiter and propagandist for the Islamic State of Iraq and the Levant (ISIL), known variously as Umm Hussain al-Britani, Sakinah Hussein, and the White Widow. She is thought to have been killed in June 2017 by a US drone strike, but sources are unable to confirm.

<span class="mw-page-title-main">Cris Thomas</span> American cybersecurity researcher and hacker

Cris Thomas is an American cybersecurity researcher, white hat hacker, and award winning best selling author. A founding member and researcher at the high-profile hacker security think tank L0pht Heavy Industries, Thomas was one of seven L0pht members who testified before the U.S. Senate Committee on Governmental Affairs (1998) on the topic of government and homeland computer security, specifically warning of internet vulnerabilities and claiming that the group could "take down the internet within 30 minutes".

<span class="mw-page-title-main">Sandworm (hacker group)</span> Russian hacker group

Sandworm is an Advanced Persistent Threat operated by Military Unit 74455, a cyberwarfare unit of the GRU, Russia's military intelligence service. Other names for the group, given by cybersecurity researchers, include Telebots, Voodoo Bear, and Iron Viking.

References

  1. 1 2 "TeaMp0isoN member interview". Security Affairs. August 2016. Retrieved 2016-09-20.
  2. Francisco, Shaun Nichols in San. "Hey, you know what a popular medical record system doesn't need? 23 security vulnerabilities". www.theregister.com.
  3. Hobbs, Andrew (August 8, 2018). "Critical security flaws found in popular medical records software".
  4. "PROJECT INSECURITY LTD - Overview (free company information from Companies House)". find-and-update.company-information.service.gov.uk.
  5. "PROJECT INSECURITY LTD - Officers (free information from Companies House)". find-and-update.company-information.service.gov.uk.
  6. "Teenager arrested accused of computer hacking". Sky News. 2012. Retrieved 2017-07-09.
  7. Deception in the Digital Age, exploiting and defending human targets. Cameron H. Malin. 2017. Retrieved 2016-09-20.
  8. "TeaMp0isoN Hacks Met Police Anti-Terror Hotline". Sky News. 2012. Retrieved 2016-09-20.
  9. "How a Teenage Hacker Became the Target of a US Drone Strike". Vice. August 2016. Retrieved 2016-09-20.
  10. "British Born ISIS hacker killed in drone strike". The Independent. August 2015. Retrieved 2016-09-20.
  11. "British Hacker is No. 3 on Pentagon kill list". The Sunday Times. August 2015. Archived from the original on September 21, 2015. Retrieved 2016-09-20.
  12. "teampoison hacker suspect has anonymous ties". darkreading.com. 2012-05-11. Retrieved 2016-09-20.
  13. "teenager arrested over teampoison hacking attacks". telegraph.co.uk. 2012-05-10. Retrieved 2016-09-20.
  14. "ISIS jihadi linked to Garland attack has long history as hacker". CNN. May 2015. Retrieved 2016-09-20.
  15. "Cyberwar: Syria's Cyber Battlefields". Viceland. August 2015. Retrieved 2016-09-20.
  16. "MLT on the Future of Hacking". Viceland. August 2015. Retrieved 2016-09-20.
  17. "eBay XSS bug left users vulnerable to (almost) undetectable phishing attacks". Sophos. January 2016. Retrieved 2016-09-20.
  18. "Researcher Finds Several 'Serious' Vulnerabilities in US Military Websites". Vice. January 2016. Retrieved 2016-09-20.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.