HackYourMom — is a Ukrainian hacker activist project and a group of cyber volunteers who, from the first days of the full-scale invasion, began doing everything they could to inflict maximum cyber damage on the enemy. ITC’s editorial team talked to Mykyta Knysh, an information security specialist, certified ethical hacker, and founder of the project. In the interview, we tell you why Mykyta left the SBU, which operations he considers the most successful, and why he considers it harmful to raise the issue of the ethics of HackYourMom’s activities.
Content
- 1 Until the end of 2015, I was an employee of the SBU
- 2 A year or two before the war, we had already held corporate events at the shooting range
- 3 I had to build a community of mom’s hackers
- 4 The sofa diamond eye
- 5 We give certain tools to the special services with caution
- 6 Russia is a deathmatch territory
- 7 Raising the discussion of ethics is playing on the enemy’s side
- 8 I appreciate people who have made themselves
- 9 Plans
Until the end of 2015, I was an employee of the SBU
Until the end of 2015, I was an employee of the SBU (Security Service of Ukraine). During the ATO, I performed certain tasks on the demarcation line, including working on prisoner of war exchanges. For that, I received the status of a combatant, although I never ran with a machine gun.
Back then, during Turchynov’s term, I heard many promises to create a cyber army within the SBU. His successors promised the same thing, but it hasn’t happened since, despite the pompous opening of cyber centers.
Instead, at some point, the whole country started watching «mask shows» in the offices of Ukrainian IT businesses. I didn’t really keep my mouth shut and honestly say what I thought about it, so I was often sent to work «at a computer» in the ATO zone.
At the end of 2015, I left the SBU.
It so happened that after that I organized my own hacker conference, Hack ItIt became the largest in Ukraine and one of the largest in Eastern Europe. Later, I had a successful experience in building a business, co-founded Hacken, and got involved in crypto and investments. But later, most of the projects had to be moved outside Ukraine because of the activities of law enforcement agencies and regulators, who began to «clamp down on all of this.
A year or two before the war, we had already held corporate events at the shooting range
A few years before the full-scale war, I almost moved to Canada for business reasons. But when it became clear what was going to happen here, I returned to Kharkiv. My team and I were preparing – we had caches and shelters in Kharkiv and other regions of Ukraine. In a year and a half to two years, our corporate events began to be held at shooting ranges.
This is how we celebrated February 24, 2022. Personally, I was already at the Kharkiv District and filmed a video that the city was not surrounded by tanks. At the same time, I watched the leadership of the SBU and the police flee the city in large numbers.
My colleagues and I began to gather in designated places. We even had weapons — even before the war started, we had set up a small news agency to distribute weapons to our own. Interestingly, on February 23, I picked up a piece of paper from a psychiatrist that I was sane. I made it.
The task at first was to stabilize the situation. There was no hope for the police, who were already halfway to Dnipro. Later, I had to leave the city — I was asked to pick up Nigerians, my partners’ children who were studying in Kharkiv.
It was a funny story, everyone fled, the Foreign Ministry was down, the Ministry of Foreign Affairs was down. And I was gathering Nigerian students in Kharkiv under fire.
HackYourMom started with a series of Google Docs. I told everyone to write instructions on how to harm Russians without getting hurt themselves. Especially at the start, I was interested in CCTV cameras.
We realized that we had many people who were not qualified to take serious action, but had a lot of energy and a desire to do something. I put these people to work on social engineering: we started to identify mermaids with photos of beautiful girls, then we added phishing.
In the first channel, which was later taken down, you could see that we just posted a link to a Google document with instructions. It was closed, and people were asking for access – that’s how they identified their own.
It was like a network: 20 people write an instruction, 30 people distribute it. Instructions were worth their weight in gold back then — there wasn’t even an adequate guide for setting up radios for the military.
So we wrote, wrote, wrote. Instructions for the military on how to use software and hardware, and for civilians on how to move rails to destroy the Russian railroad. The latter was given to Belarusians and Russians who were guerrillas in the enemy’s territory.
Later, it became clear that Google documents were not enough. We created a website and a mobile app, which looked terrible at the start, but people joined. We did everything on the fly and simply opened up trade secrets — we made information publicly available that had previously been sold for money.
Eventually, we came to the point where the Armed Forces, cyber police, and other agencies use our guidelines and recommendations to customize their phones and other devices.
The sofa diamond eye
All our operations that can be discussed publicly can be found on our website. But the most influential one, in my opinion, is the «Couch Diamond Eye» campaign.
We gave instructions on how to break CCTV cameras en masse and extract information from them. People watched the videos and looked for useful information: at first, it was an «operational officer» who spent hours staring at the monitor, then we connected artificial intelligence systems. This project brought many benefits.
Why can we talk about it and not be afraid that it will stop working? Because each camera is connected differently: it is impossible to simply update the software of all cameras and close this channel for us. That’s why we still urge people to break cameras and pass the information to the Defense Forces.
There are also operations of a different nature: for example, once we were asked to help find information about children abducted by Russians from the occupied territories. Then we broke the bases of the «Artek» camp.
We give certain tools to the special services with caution
We have a fun job — we break whatever the Defense Forces ask for, if we can. If it’s the Russians, we can do anything. We do not work with government agencies, only with the Ukrainian Defense Forces. Even more broadly, with anyone who kills our enemies.
We are confident that this is the way cooperation with such services should be conducted now. Unfortunately, our services are not yet ready for other formats because of the high level of corruption. We understand that we need to help them and strengthen them, but at the same time we know that they may soon start using the same tools against Ukrainian businesses.
If the data we find is not of military value, we sell it on the black market. They disassemble it into molecules — first they rob it, then they sell something, then they give a loan, and finally, they work psychologically and use it as an agent.
Russia is a deathmatch territory
For us, Russia is deathmatch territory. If you’ve played computer games, you know what it means «kill everyone». The map of our game is the Russian Federation, and we are allowed to kill anyone, anywhere, anytime.
The Geneva Convention, the only document that regulates wars, says nothing about information campaigns.
Of course, we are sane people, not sadists. We are categorically against stories like the one that happened in «Crocus City», and I even sympathize with the people who died there. This is called humanity.
Our task is to find, identify and help destroy war-related targets. This could be, for example, an aviation commander or a chief engineer who maintains airports and hangs bombs on airplanes.
The only moral constraint is not to kill civilians who are not related to the war. And «to cheat them out of money is a legal goal. After all, when he buys a chocolate bar in a store, he automatically supports aggression and pays for missiles that will then fly into our homes.
Raising the discussion of ethics is playing on the enemy’s side
I recently gave a lecture at a university in The Hague. I wanted to find out how they react to our activities abroad. There were students from the Netherlands who are engaged in cybersecurity.
One of them asked me how we filter out civilian and military targets. I asked her a counter question – how does the Russian Iskander missile filter out civilians from the military when it hits a house?
She answered that it does not. Then I asked if, after the missile hit a residential building, I should filter targets?
You see, when you’re in Europe, smoking in Amsterdam, eating cheese in France, you’re not afraid. And you can talk about etiquette, but when you are at war, the realities are different.
As for laws and regulations, our activities are not regulated in any way. The Geneva Convention says nothing about cybersecurity at all. Therefore, even raising this discussion is playing on the enemy’s side. We can destroy and rob them, and it doesn’t matter who says what.
I appreciate people who have made themselves
I hire new people for the project in the same way as I hire people for a job – I don’t ask them where they studied or who they are. I just ask them to show me what they’ve already done. This is how professionals are selected.
With the juniors, everything is easier — we already have a proven methodology, just like at school. First, they are thrown into a chat room where they learn how to set up a laptop, VPN, and so on. In the second, they check how they coped with the tasks of the first. In the third, they and their classmates start looking for each other.
Until the third grade, no one does any real work. And only then, when we have taken care of their privacy and security, they move on to cyber warfare operations.
I come from a poor but very spiritually and mentally rich family. So I appreciate people who have made themselves, and we have a lot of them in our team. People who become our moderators go the whole way. They first study, then participate in the project, then criticize it. And it’s important for us that they not only criticize, but also suggest how to make it better.
We have a 15-year-old boy as a moderator, and when he passed, he was 14. He offered more ideas than some professionals on the team. I saw that he was eager, but he had little systematized knowledge. So, on my behalf, I gave him a gift of training to get an American certification.
Imagine a person at the age of 14 becoming a certified ethical hacker. This is not super cool in the world of information security, but he can already claim $2-3 thousand in salary.
He turned out to be a grateful person and wrote a whole section on the website. That is, he went to training and processed this experience and transformed it into improving our instructions, which he had already improved before.
Plans
We understand that the war will not end quickly. Everyone can see that Trump is trying to freeze this story, but it will definitely not end there. We will have to work long hours, so we have launched another project Academy of Social Engineering of Ataman Naebalo V.O. We will be collecting schemes that will allow everyone to «throw» Russians on their territory.
After the war is over, we, of course, plan to scale up as a project and put this story on a commercial track. To sell our experience and build an OSINT community.
My dream is that our social engineering specialists will be turned into OSINT-ers, and we will create our own information agency. We will be able to hire an intern to expose any dishonest official. I want them to start dealing with internal corruption under Article 34 of the Constitution. After all, it says that everyone has the right to collect, process and disseminate information, including about corrupt officials.
Spelling error report
The following text will be sent to our editors: