Most people would be surprised to learn that often times the most valuable tool in computer hacking isn’t a program, tool or exploit at all – but rather the human mind. For the purposes of this article I would like to discuss two invaluable strategies employed by some of the worlds most dangerous hackers as a means of compromising and/or tracking their targets online. These would be the psychological practices of “Mentalism” and “Social Engineering.” Before moving forward, you should understand the differences between the two.
Mentalism is the skill of getting people to tell you information about themselves without them realizing they are providing you with information. It’s a skill or talent most commonly associated with “Cold Readers” and/or “Psychics,” but has absolutely nothing to do with any sort of magical abilities – imaginary or otherwise. Rather, they are purely logical and psychological talents/techniques. Social Engineering on the other hand is the art of making people to execute your will or do things for you – usually under false or manipulative pretenses.
Below you will find a brief strategy guide and overview of these two tactics/techniques, utilized by some of the worlds best hackers to infiltrate different circles online – be it the KKK, Islamic State, CIA or anyone else for that matter. These are also techniques I’ve personally taught to hundreds of individuals on underground forums and online chats over the years – allegedly. Good luck proving it, anyways 😉
How Does It Work?
It may or may not be common knowledge at this point, but starting in 2015 I started my own international intelligence/espionage group known as the “Anonymous Intelligence Agency” – an organization which accepted a broad range of tips, leaks and other sensitive information from hackers all around the world. Over the years, through the moderation of online forums and chatroom’s, part of my dealings have involved the instruction of various techniques, strategies and styles to go about extracting information from others, and/or acquiring information about specific targets online. Strategies at the very heart of social engineering and mentalist theory.
Learn More – The Anonymous Intelligence Agency: https://roguesecuritylabs.ltd/anon-intell/
Say for example you are starting from scratch and want to narrow down someones location online. You might open a conversation with something like “man, it’s so cold here, I can’t stand the cold weather!” To which someone might respond something like “yeah, its cold here too” or “well, sucks for you, its warm here.” Might sound like an innocent exchange – right? But the person you’re talking to just identified they are currently residing somewhere in the southern hemisphere. Continuing the conversation on a little further or at a different point in time, you might then bring up the weather that day by saying something like “man, its such a nice day out today, not a cloud in site!” To which someone might respond “well, its raining here” – vice versa. Cross referencing a weather map from that day, there’s only a few places on Earth where it’s raining at the present moment in time – further narrowing down their geo-location. See where I am going with this?
This is what is refereed to as mentalism, getting people to provide you with information/intelligence without them having a clue they are actually doing it. You can do this with almost any conversation as well, be it through politics, personality, sexual interests, hobbies, food preferences – et cetera.
For example, take a bold stand on a political issue in one director or another and see how people react/respond to it, I guarantee it’ll tell you a lot about their personality, ideals, personal beliefs and behaviors. Just by “triggering” someone with a controversial statement, which doesn’t necessarily even have to be something you personally believe or think is true, allows you to uncover so much about a person or group of people. This is also something you can do quite easily with sexuality as well. Just pretend to make a candid statement about your own fantasies, fetishes, interests or desires and people will almost certainly react or respond to it with their own. With the proper level of skill and over a long enough period of time, you can begin putting together full psychological profile on individuals or even fully compromise our target, without said target even realizing you’ve done so.
Dealing with Scammers or Fraudsters
When you are not trying to track someone or uncover their identities online, there are other techniques you can utilize for separate purposes – say for use in law enforcement. For example, I always instructed people to play as dumb as humanly possible when dealing with fraudsters, scammers or the like – techniques which have resulted in dozens of tips worldwide, presumably dozens of arrests at the same time.
For example, say you become aware of a phone, email or internet scam asking for money, donations or any other financial information. When dealing with these people you should pretend to be as open as humanly possible about getting them money. For example, say you are dealing with a charity fraudster. Tell them something like,”you know, I’ve been meaning to get involved with a charity for quite some time now. Yours sounds like the perfect opportunity! If I wanted to write a check is there a physical address I can mail it to?” Or, “do you have a bank account I could wire a bigger sum of money to?” Or “do you have an email address or web address where I can ask questions or learn more about what your trying to do?” See where I am going with this? If they give you any of this information, then this is all tangible evidence authorities can use to compromise the individual(s) behind the scam. By playing dumb and being as open as possible to cooperating with them, without actually giving them anything, this is how you can trick them into handing you more information than they otherwise should or would have given upfront.
Social engineering is quite literally referred to as “the Art of human hacking” and it’s essentially the art of manipulating others to execute your goals or do something for you – essentially making others work on your behalf. Unlike mentalism which is purely psychological, social engineering usually refers to any physical action carried out by someone else under the guise of your manipulation, guidance or direction.
Believe it or not, in most circles around the world social engineering itself is considered to be the single largest threat to cyber security worldwide – not any sort of malware, computer program, exploit, Operating System or otherwise. If you’d like a demonstration of why this is, look no further than an interview with the hacker behind the breach of CIA Director John Brennan’s personal emails in 2016 – a hack almost exclusively pulled off through their the use of social engineering to trick a low-level corporate employee. As the old saying goes, you’re only as strong as your weakest link. Or at least in this instance, you are only as secure as your dumbest or most clueless employee……
Social engineers are also infamous for penetrating different hacking circles or groups online, simply just to compromise their members. For example, look no further than ZHacker and what he did to Nama Tikure of Anonymous and different members of Pryzraky within days of ‘joining’ or assisting them. For those of you not aware, ZHacker is a state sponsored hacker given protection by international law enforcement authorities to go undercover as a “Black Hat,” simply just to try and infiltrate some of the worlds most active or top hacking groups.
To set himself up, ZHacker pretends to write malware samples or manipulates screen shots to make it appear as though he has carried out certain hacks, or is in possession of information he’s actually not. This is done for no other reason than to boost his so called ‘street cred,‘ to falsely gain the admiration or attention of others. This is how he and others like him attempt to infiltrate groups or lull them into a false sense of security. Then, once their guard is down, he compromises them before exposing their identities to the world. Simply by just pretending to be a black hat, he socially engineers actual black hats into trusting him before ultimately compromising them. This is how people/hackers like them work.
Honestly, this article could go on like this for quite some time, but I think I’ve given you a base understanding the basic principles involved here? It should go without saying, but the human mind is the most dangerous weapon anyone can wield – plan accordingly.