Back to all stories
Hacktivism: Part Two

The introduction of blockchain technology has reinforced hacktivism, which has been prominent in the past four decades, through the popularity of cryptocurrency. With hacktivism often dealing with topics of free speech, human rights, and anti-censorship movements, the Web3 space has allowed hackers to fund social change while maintaining anonymity and bypassing government-regulated banking systems. More recently, hacktivism has played a role in investigating fraud within the blockchain ecosystem. These case studies follow details of hacktivism as it pertains to cryptocurrency, social justice, and technology ethics.

Hacktivism: Part Two

Belarusian Hacktivist Group Creates NFT of President's Stolen Passport for Fundraising Campaign

Founded in August 2020, the Belarusian Cyber-Partisans (BCP) formed in response to President Alexander Lukashenko’s presidential election. Their Twitter handle is @cpartisans and they call themselves ethical hackers.

In July 2021, the BCP hacked into the National Passport Database, a Belarusian government database containing the passport information of all Belarusian citizens. The stolen passport information included that of Belarusian President Lukashenko. President Lukashenko, has a history of corruption and is a known supporter of the Russian war in Ukraine.

On 30 August 2022, the group announced the launch of an NFT collection on OpenSea called Belarusian Passports, which included a digital passport of President Lukashenko, his allies, and known traitors of Belarus and Ukraine. The NFT collection was launched as a fundraising campaign and was ultimately taken down from OpenSea for doxxing violations and revealing personal information without consent. This attack goes hand-in-hand with BCP's previously launched fundraising campaign called the “Resistance Movement of Belarus,” which aims to take power from Lukashenko and ultimately end the dictatorial regime.

Cryptocurrency and Anonymous Helping Ukraine Fight Russia

On February 24th 2022, Russia invaded Ukraine. In the weeks following the invasion, thousands of Ukrainian citizens pulled money from their banks before fleeing to neighboring countries. The Ukrainian banks faced an overload of withdrawals and ultimately had to set withdrawal limits. Due to these limits, cryptocurrency became the saving grace for many Ukrainians citizens and the government, as it provided fast transaction speeds, low costs, and security.

Overall, Ukraine has received approximately $60 million of cryptocurrency donations since the war has started. These donations have helped fund relief to the Ukrainian people and to strengthen military forces against Russia. The hacktivist group Anonymous reportedly intervened, using financial incentives to convince Russian troops to surrender their tanks by offering $53,000 in BTC for each one surrendered. Although the group has not confirmed this, it continued to conduct offensive cyber attacks against Russia. They are allegedly responsible for taking down more than 300 Russian government, social media, and bank websites in addition to hacking multiple Russian TV channels, and replacing the content with videos in support of Ukrainian.

Prime Minister of India’s Pro-Bitcoin Twitter Hack

In previous years, elected leaders were less familiar or uninvolved with the cryptocurrency industry. However, in 2021 cryptocurrency became a trending political subject around the world. In November 2021, Narendra Modi, the Prime Minister of India, urged all democratic countries to work towards regulating cryptocurrencies, primarily Bitcoin. He stated that it was important for governments to play an active role in cryptocurrency to limit criminal activity and unregulated markets, expressing worry about money laundering and the funding of terrorism.

In late November, the Indian government presented legislation to prohibit private cryptocurrencies. That same month, there was a major sell-off where the discount for USDT reached 15% on leading crypto exchanges, while maintaining 1:1 peg with the US dollar on foreign platforms. In retaliation for the proposed bill, Prime Minister Modi’s Twitter was hacked. The hacker tweeted from Modi’s official account declaring that the country had formally endorsed the use of Bitcoin and the Indian government had purchased 500 BTC. The attack was confirmed by his staff and the message to his 70 million Twitter followers was quickly removed. The Indian Computer Emergency Response System (Cert-In), the national agency for monitoring cyber security incidents and threats, reached out to Twitter and Google as part of its full-scale investigation after the incident. There has been no further news on this at the time of writing.

With human rights and anti-corruption campaigns frequently the subject of hacktivism, cryptocurrency has made it possible for hackers to finance social changes while avoiding conventional financial institutions and remaining incognito. Hacktivism has more recently been used to investigate fraud in the blockchain industry, helping to hold fraudulent leaders accountable. As seen with some of the above cases, hacktivists are using the Web3 space to challenge nation-states’ geopolitical interests and their leaders in order to support the cause they believe in. The Web3 space will continue to play a pivotal role in cyber-activism and become a platform that will increasingly be used to voice concerns or support for a cause.

Laws and Regulations

The Computer Fraud and Abuse Act is the major piece of anti-hacking legislation in the US, and at its core is a fraud abuse statute. This has a couple of implications. First, it is both a criminal and a civil law so actors can be prosecuted as criminals in addition to having civil action brought against them. Because it is a fraud statute, it has certain implications for how jail time, fines, and restitution payments are constructed. This design allows the law to function so that if more people are impacted by the attack the punishments can scale with severity of the damage. Most high profile cases in the US have been prosecuted under the Computer Misuse Act and Criminal Law Act.

One of the most popular pro-hacktivist arguments claims that digital protest movements should be treated as similar to physical ones. According to academics at George Washington University, hacktivism could technically be protected under the US Constitution’s First Amendment, which covers freedom of speech, freedom of the press, the right to assembly, and the right to petition the government. Although there haven't been any legal cases that have won based on that argument, the judicial system still has a gray zone when it comes to dealing with hacktivism. For instance, in 2011, 14 people from the hacktivist group Anonymous were arrested for a DDOS attack on the PayPal website. The attack was part of an operation that intended to expose, “corporate interests controlling the internet and silencing the people’s rights to spread information.” Even though the defendants were charged with a felony under the Computer Fraud and Abuse Act, that charge was dropped and they were eventually sentenced to probation and to pay $5,600 each to the company, down from the over $5 million in losses originally claimed by Paypal.

Hacking is one of the biggest issues facing the crypto industry today. With politics becoming increasingly intertwined with cryptocurrency regulation there is no doubt that we will see more hackers, regardless of their intent, being exposed to federal lawsuits. It is especially true when it comes to certain white hats who see their motivations as ethical, but are tiptoeing around the laws’ gray areas. Hacktivists in the Web3 space will be facing more consequences as the federal government becomes more invested with crypto regulations.

The Future of Hacktivism:

Hacktivism will likely continue growing more in the future and with the evolving opportunities in the Web3 space, hackers will have more chances to make their statements known across the web. Forecasts from the Trellix Advanced Research Center predict that, “there will be hacktivist spikes in geopolitically motivated attacks across Asia and Europe fueled by tensions from opposing political parties, and vulnerabilities in core software supply chains.” Trellix forecasted that there will be an increase in breaches related to software supply chain issues over the next couple of years. Hacktivists have largely switched their tactics from website defacement to conducting large-scale DDoS attacks as the years go by and new groups emerge. Wars such as the one in Russia andUkraine also incentivize hacktivists to meddle in and disrupt a state or leader by gathering information in the Web3 space and disseminating it online.

Hacktivism will keep evolving with Web3 as it increasingly becomes adopted, giving these actors new opportunities to make their political and/or moral beliefs known to the community. As services become more web-browser based, information becomes increasingly available, and oftentimes more vulnerable. As mentioned above, DDoS attacks have been on the rise over the past few years. If a government or corporate computer system doesn’t have the protections to block such attacks, a website can be knocked offline anywhere from several minutes to 24 hours or longer which can have huge financial impacts. The ability for future hacktivist elements to anonymize their operations through the Web3 space and the tools provided there to mask their identity alongside sophisticated and encrypted communication allows for greater hacking opportunities. The advancement of open-source hacking tools and their ease of use is also playing a key role in the rise in hacktivism. Automated DDoS cases are a prime example of this, allowing individuals to play a role in defending or attacking in cyberspace. In addition to conducting DDoS attacks, hacktivists have taken over Twitter accounts and Facebook pages, and have stolen and disclosed sensitive and personal information from the systems that they have penetrated, which will certainly keep happening in the future.

Hacktivists can target anyone, from governments to corporations, to drug dealers and other types of criminals. Police departments, hospitals, small towns, cities, and states also have been attacked. As time progresses, hacktivists' targets are changing as well. As more institutions come into Web3, opportunities arise for hacktivists to make their platforms known and their message heard. As governments and central banks are considering transitioning towards their own digital currencies and moving to Web3, cyber activists’ opportunities to make a statement will also rise. This is particularly relevant for banks issuing central bank digital currencies (CBDCs). According to a new report, two-thirds of the central banks that were surveyed by the Official Monetary and Financial Institutions Forum (OMFIF) said that they would issue a CBDC within 10 years. With these banks investing themselves more into the crypto world, especially if they are backed by governments, the probability that hacktivists will be targeting them for political statements is fairly high. With CBDC’s, banks will have to take great measures to protect and defend their private keys against hacks.

Institutions will not be the only targets that will most likely receive hacktivists’ attention, as individuals will increasingly be a focus of these groups as well. One notable example is the attacker from the Cashio exploit which happened on 23 March, 2022 and led to approximately $52M loss. On 28 March, 2022, a few days after the attack, the hacker made an announcement stating that affected users were able to restore their funds if they were able to explain the source of the assets and why it should be returned. The hacker said that no money would be returned to wealthy users who did not explicitly need the money. The affected users were able to state their case on a website set up by a community member following the format requested by the hacker. As of June 2022, Cashio stated that there were still approximately $25 million in stolen funds that had yet to be returned to victims of the attack. This case is a typical representation of how hacktivists can use Web3to fight for their ideologies and target certain individuals that go against their beliefs. Since Web3 allows for greater anonymity, hacktivists will almost definitely try to use methods such as doxxing to go after individuals that have been perceived as people who have defrauded their investors. With the crash of the crypto market where most people are losing money, individuals defrauding investors may become a target for hacktivists amongst their other traditional marks. The evolving Web3 space gives hackers plenty of opportunities to impact users, remaining anonymous whilst making a statement.