A report recently published by Unicorn Riot, an independent digital media collective, has revealed a hacking operation against a major money laundering and tax evasion network used by leading entrepreneurs and criminals. Cybersecurity specialists mention that the attack was carried out by “Phineas Fisher”, a pseudonym used by a “hacktivist” determined to deal a severe punch against millionaires around the world.
According to Distributed Denial of Secrets (DDoS), a collective dedicated to digital transparency, the hacker compromised Cayman National Bank and Trust networks, managing to extract copies from the bank’s servers, a cache of documents and communications between the bankers and their clients.
After the attack on this bank, a manifesto was published on the Internet explaining Phineas Fisher’s reasons for attacking financial firms; in addition to this document, she published HackBack, a never-seen-before code, which she claims to have used to attack Hacking Team, a firm of cybersecurity experts dedicated to developing products and services to attack activists and journalists. Hacking Team’s main clients were authoritarian and repressive governments worldwide.
Phineas Fisher depicts herself as a libertarian socialist (a term sometimes used as synonymous with anarchism). A supporter of Mexico’s “zapatista” movement, the first time the world knew about her activities was in the cyberattack on Gamma Group, a company that developed the malware known as “FinFisher”, used to track political activists. Since then, Phineas Fisher has continued to collaborate on various hacking campaigns against software developers serving authoritarian governments and major financial groups, such as Cayman National Bank and Trust.
This financial institution has a branch on the Isle of Man, a small territory located between England and Northern Ireland. This is an offshore banking service that many clients (usually incredibly wealthy people) resort for evading some tax obligations.
During the hack, Phineas Fisher managed to extract about 2.2 TB of information from the bank’s networks. The DDoS collective recovered and began publishing some of the information obtained by the hacker, ensuring that it will soon be available on Hunter, a cached document search engine that will be released soon. Based on information presented by the hacker and collective, cybersecurity experts drew up a list of more than 400 Cayman National Bank & Trust customer accounts, including 780 located on the Isle of Man, 270 in Cyprus, 150 in the UK, 107 in Cayman Islands and many others in territories such as The Virgin Islands, Belize, Ireland, Gibraltar, Barbados and even the US.
The investigation also obtained detailed financial information from more than 3,800 companies, trusts and bank-managed accounts belonging to clients around the world. The information includes account balances and other confidential details.
Finally, a list of 22 “politically exposed people” was leaked, which includes entrepreneurs involved in some scandal, as well as data from their relatives. It is believed that these people would be involved in money laundering, corruption or even financing terrorist activities.
According to cybersecurity specialists from the International Cyber Security Institute (IICS), Fisher’s manifesto also includes political stances about financial institutions and their service to the wealthiest, as well as continued references to Zapatista ideology, along with the aforementioned code to hack banks, allegedly used on previous occasions by the hacker and her allies.