Gay furry hackers on the frontlines of a cyberwar
QC interviews SiegedSec about their hacks on Israel and America, and their ousting from The Five Families hacking syndicate.
After an unplanned, unannounced and unbelievably long hiatus, Queer Computer is back. Over the coming months you can look forward to QC infiltrating your email inboxes with a series of deep-dive investigations into the niche corners of the queer web. And to kick things off, we’re downloading a TOR browser, logging onto the dark web, and delving into the gay furry hacker collective, SiegedSec.
“The gayer the furry, the more a threat to national security they are” — SiegedSec
I’d consider this issue to be a spiritual sequel to HOLY F*CKING BINGLE — a post I wrote about it/she kitten hacker, maia arson crimew, who exposed America’s no-fly list and caused Twitter to go completely bingle in the aftermath. What makes maia such a noteworthy hacker — besides the fact that she has 9 girlfriends — is the use of its real legal name when declaring its hacks, a choice that now confines it within Switzerland’s borders at risk of being arrested. In stark contrast, SiegedSec operates under a veil of mystery. Unlike maia, we know very little about the identity and origins of SiegedSec members.
I first came across these furries in November 2023 after they hacked a nuclear lab in Idaho and subsequently demanded the lab to research the creation of “IRL catgirls” as ransom. I wanted to know more, so I joined their Telegram channel to see what they were saying about this hack:
meow meow meow meow meow meow meow [...] mmmm yummy data~ we've accessed hundreds of thousands of user, employee and citizen data! [...] woah so much crunchy data :3
Truly profound! Cyber security expert, Nick Ascoli, has said that “the leader of SiegedSec, YourAnonWolf, cites ‘fun’ or ‘lulz’ as a primary motivator.” But Queer Computer is not convinced. It might be fun to perform these hacks, but why go through all this trouble just for the lulz? In fact, I believe the motivating force behind these queer wolves of the underworld runs far deeper than the ‘lulz’. SiegedSec are part of a much larger cyber-movement. They are on the frontlines of a global cyberwar — fought by anarchist trans catgirl hackers, radical teenage lefties, mum’s basement-keyboard warriors, and Russian-backed hacking groups — a somewhat juvenile, yet nonetheless consequential cyberwar that is running parallel to our ongoing global conflict.
Queer Computer has reached out to YourAnonWolf via email, securing an exclusive interview with the furry leader of SiegedSec, to uncover the true motives behind their hacks.
YourAnonWolf, who prefers to be known as Vio, was quick to respond. Vio is a renowned hacker, furry and self-described “corn god” (which I can only assume is a homophone for “horn dog”). In June 2022, with this horn dog at the helm, SiegedSec targeted US states with anti-abortion laws, leaking internal documents from government servers in Kentucky and Arkansas. A year later, in June 2023, they hacked the government of Fort Worth, Texas, leaked their documents, and proclaimed:
Did you hear that? :3
*schlop schlop*
It’s the sound of gay furries fucking the U.S government~!
[...]
Texas happens to be one of the largest states banning gender affirming care, and for that, we have made Texas our target.
While they’re certainly having fun schlopping the US government, these actions suggest that SiegedSec’s motivations extend beyond the lulz. I asked Vio how SiegedSec’s identity as gay furry hackers influences their choice of target and the nature of their hacks.
Vio acknowledged that their “audience is primarily queer and furry individuals” and emphasised that SiegedSec tries to take action in what their audience cares about most. On their often-suspended, but currently active Telegram channel, SiegedSec has over 2,000 subscribers — likely comprising queer furries, fellow hackers, enemy hackers, computer security journalists, and yours truly — not a furry. Their Twitter(X) account has a similar following of over 2,000. However, Vio says that regardless of identity, the core group of SiegedSec “strongly believes in fighting for queer rights”.
The Five Families
This belief in queer rights means that SiegedSec doesn’t always see eye-to-eye with their colleagues on the dark web. In August 2023, The Five Families was formed to “establish better unity and connections for everyone in the underground world of the internet”. As the name suggests, the syndicate includes 5 hacker groups: ThreatSec, GhostSec, Stormous, Blackforums, and of course, SiegedSec.
Since its formation, The Five Families have hacked roughly 3 private companies and 2 government institutions (from what I can tell). But what is notably different from SiegedSec’s usual modus operandi is that The Five Families invite the companies they’ve hacked to buy back their own data. As Vio says, the “Five Families' primary goal is making money, and SiegedSec rarely, if ever, did anything for money”. Vio believes this is one of the reasons they were ousted from the syndicate.
On the 21st of December 2023, The Five Families announced the immediate termination of SiegedSec, citing the promotion of child pornography on SiegedSec’s blog as the reason. In reality, SiegedSec had been hacked and a post falsely claiming to recruit pedophiles into their hacking group was published to their site. Multiple hackers began claiming responsibility for this action, but Vio suspects it was an inside job from within the syndicate. “Blackforums from the Five Families is the only group outside SiegedSec that had access to our website”, Vio asserted, suggesting this was a calculated effort to ruin their reputation and ultimately kick SiegedSec out.
Vio believes there are multiple reasons behind the Five Families attack, but the main one might be less about strategy and more about popularity — the members of the other hacking groups just didn’t like them very much personally. As of now, Vio is glad they were kicked, “it was inevitably going to happen, it’s just unfortunate it had to be like this,” they said.
While writing this story, The Five Families have continued their infighting. SiegedSec was replaced by BunnyFunz, ThreatSec was doxxed by the ex-leader of BlackForums, ThreatSec closed, and BunnyFunz quit. The syndicate has fallen apart.
A cyberwar with Israel
Now, SiegedSec has lost complete control of their website, stating that “until further notice, any message from the SiegedSec blog is not official or associated with the group at all.” One of the hacking groups who have taken control of the site and taken credit for the hack is D7BBUK.
In a post on D7BBUK’s Telegram channel they announced:
Today we have officially seized the website of "SiegedSec" [...] With a lot of love and support to israel! [...] #WeStandWithIsrael 🇮🇱🇮🇱🇮🇱
This takeover by D7BBUK appears to be in direct response to SiegedSec's recent activities. Through October and November 2023, SiegedSec executed “Operation Israel”, a series of four significant cyberattacks on Israeli organisations with messages that criticise the Israeli government and its occupation of Palestine.
First, SiegedSec launched a DoS attack targeting Israeli Building Automation and Control Networks (BACnet) and Modbus Industrial Control Systems. As Vio explained to me, BACnet manages building systems, including “ventilation, door sensors, and lighting”, and Modbus is integral to key industrial functions, such as “energy management, water treatment, and power distribution”. A DoS attack is like a single person repeatedly calling a phone line to keep it busy and preventing anyone else from getting through. In this case, SiegedSec’s relentless barrage of calls aims to overwhelm these building systems, causing disruption in their normal operations and posing a significant risk to the productivity of Israeli businesses and industry.
Simultaneously, SiegedSec orchestrated a DDoS attack on Israeli Global Navigation Satellite System (GNSS) receivers. Unlike a DoS attack, a DDoS is like a thousand people calling the same phone number at exactly the same time. In this scenario, SiegedSec employed a botnet — a network of malware-infected computers — to inundate GNSS receivers with signals. Vio explains, “GNSS receivers control the input of satellite data to other systems that may require GPS data,” meaning they are critical for navigational and mapping operations. A DDoS attack on these receivers could potentially impact aviation and military capabilities by disrupting or completely blocking GPS signals, or by transmitting false data to aircrafts. Queer Computer has not been able to confirm the impact of this hack.
Twenty days later on Halloween, SiegedSec knocked on the door of BEZEQ, Israel’s largest telecommunications company. The treat: leaking the data of nearly 50,000 customers — names, email addresses and phone numbers. The trick: an email to all of BEZEQ’s customers, letting them know they’ve been hacked by gay furry hackers. Just ten days later, SiegedSec hit another major Israeli telecom, Cellcomm, altering their customer support messages to display: FREE PALESTINE.
For their final act, SiegedSec targeted two prominent Israeli entities: Israir, an airline based in Tel Aviv, and Shufersal, Israel’s largest supermarket chain. At Israir, they leaked hundreds of documents, which included internal reports, investigations, software details, and staff credentials. And over at Shufersal they wreaked havoc by remotely disconnecting a variety of internet-connected devices, from alarms to temperature sensors. Vio notes that these devices were cut off “from the management interface, so they could no longer be used properly or modified in any way without reconnecting”. Further complicating the issue, SiegedSec erased all of Shufersal’s records, significantly adding to the challenge of reconnecting these devices.
It’s hard to measure the success of these hacks. Since the escalation of Israel’s occupation and genocide in Palestine, hackers have piled onto the Israeli–Palestinian conflict on both sides. It’s unlikely that the Israeli government and businesses will announce the successful attacks of their infrastructure, and consequently, it won’t be picked up by mainstream media. But Vio says their “attacks certainly made some sort of initial impact, being shut down/disconnected.” What is in question is for how long? The supermarket devices have likely been reconnected by now, and Vio suspects that they could have been down from anywhere between a couple hours and a week. With the uncertainty around the impact of their hacks lingering, I asked Vio what motivates SiegedSec to perform them in the first place:
what motivates us for these hacks is a strong hatred for Israel's
carelessness for human life in Palestine, as well as other countries in recent history. Some people believe we support Hamas' actions or support hatred on all jewish people, which is completely incorrect; this is about the civilians being killed.
Most of what I’ve read about SiegedSec online suggests that the group is motivated more by the 'lulz', than any serious pursuit of political justice. But I believe SiegedSec represent more than just rogue hackers looking for amusement; their demand for real life catgirls is a smokescreen, masking deeper motives rooted in radical activism and social justice. Although, I had to ask of course: “You recently ate up a lot of yummy data from the Idaho National Laboratory and demanded they research the creation of irl catgirls as ransom. Where are you on your quest for real-life catgirls?”
Vio:
our quest for catgirls has worked out purrfectly, i currently have my INL-provided catgirl next to me right now! :D
What’s next?
With their recently acquired sexy-cat girlfriends by their side, SiegedSec has started the year strong with Operation PAVE — taking aim at the Pornography Age Verification Enforcement Act introduced in North Carolina. They believe the bill “contains intentionally vague wording” that may flag queer content as “harmful to minors”. So far they’ve released the personal information of all the sponsors of that bill — home addresses, phone numbers, passwords, email addresses, personal social media accounts, and more. And they aren’t stopping there:
we've got big plans for 2024! more attacks on the US government and its allies, fun collaborations with other groups/individuals (including someone you mentioned too - but i can't publicly confirm who it is yet ;D),1 and we'd also like to develop our community more, to encourage other queer hackers to do the same as SiegedSec is doing.
Vio’s parting words for our interview:
be gay, do crime :3 also fuck the government.
HOLY FUCKING BINGLE!
as a furry gen z socialist whos a rexouium I gotta say fighting this battle against the shit like the genocide in gaza and things like hacking it is just amazing these furry hackers are my goats I would love to join them in the fight against zionism, fascism, imperialism, and more. FREE PALESTINE HAZA!!!!!!