Phineas Fisher Offers $100,000 for Hacks Against Banks and Oil Companies

Last weekend, Vice Motherboard reported that the well-known hacker and hacktivist Phineas Fisher broke a long silence and reached out to the media. The individual or group behind this pseudonym is famous for several high-profile actions. In 2016, Phineas Fisher leaked documents from Turkey’s ruling party to Wikileaks and compromised professional spyware developers and suppliers, including FinFisher and Hacking Team. Phineas Fisher then made stolen company documents, source codes, and even exploits publicly available.

After these incidents and several other attacks, Phineas Fisher published a series of manifestos encouraging other hackers to carry out politically motivated attacks. In 2017, they announced a temporary retirement, and nothing was heard from the hacktivist for over two years—until now.

Phineas Fisher has released a new manifesto proposing to boost interest in hacktivism by offering financial incentives. Essentially, the hacker suggested creating a new kind of bug bounty—rewarding hackers for political attacks carried out in the public interest. This initiative, called the Hacktivist Bug Hunting Program, offers up to $100,000 in cryptocurrency (Bitcoin or Monero) to other activists. Journalists note that this program directly encourages criminal activity.

“I believe hacking is a powerful tool, and hacktivism has only tapped into a fraction of its true potential. Small investments can help it grow; the best days of hacktivism are still ahead,” writes Phineas Fisher.

Potential Targets and Motivation

Phineas Fisher lists possible targets for hacktivists: mining and livestock companies in South America, Israeli spyware developer NSO Group, and oil company Halliburton.

“Hacking to obtain and leak documents of public interest is one of the best ways to use hacking skills for the good of society. I’m not trying to make anyone rich; I’m just trying to provide enough resources so hackers can make a decent living doing good work,” the manifesto states.

Details of Previous Bank Hack

In the new statement, Phineas Fisher also revealed that back in 2016, they hacked the offshore Cayman Bank and Trust Company, stealing money (which was then given away, though details were not specified), documents, and employee emails. The hacker declined to disclose the exact amount but said it was “several hundred thousand dollars.” Using this example, Phineas Fisher called on other hacktivists to follow the same path and join the fight against inequality and capitalism.

As is tradition, the hacker described how the system was breached in the manifesto, aiming to teach others how to conduct similar attacks and use certain techniques to rob banks. For this bank hack, Phineas Fisher used the same exploit previously employed against Hacking Team: attacking a vulnerable VPN and firewall.

Leaked Documents and Bank Confirmation

The stolen bank documents and emails were shared with the website Distributed Denial of Secrets, run by journalist and activist Emma Best. She reported the upload of 640,000 emails, calling it “the most detailed look at international banking ever made available to the public.”

Interestingly, bank representatives confirmed to journalists that the hack did occur. However, they refused to disclose any details, citing an ongoing investigation involving law enforcement agencies.

Hacktivism as a Tool for Social Change

“In the digital age, robbing a bank is a non-violent act, the least risky, and the reward is higher than anywhere else. None of the financial hacks I’ve done or known about have ever been reported. This [hack] will be the first, not because the bank wanted it, but because I decided to make it public,” says Phineas Fisher. “The global financial elite are oppressors, not victims […]. Hacking this elite and returning a tiny fraction of the wealth they’ve stolen doesn’t make them victims. It’s cybercrime. And it’s also activism, motivated by a desire for social change. I don’t profit or benefit from this.”