Team Bastet

Team Bastet is a “white-hat” hacktivist group based in the Federated States of Micronesia, formed in 2015 by an pseudonymous person known simply as “Bastet”. It mainly targets scammers, spammers, and other (non-hacktivist) hackers. More recently, as of 2020, it has taken an anti-cryptocurrency stance.

Team Bastet is rumoured to be associated with, or funded by, ArgosyMTM Group, due to “Bastet” themselves being a supporter of Ellen Peck’s political stances, but both Peck and “Bastet” deny this. However, Peck has praised Team Bastet for “helping make the Internet less dangerous”.

History
The first hack attributed to “Bastet” was in 2013, when a email server sending “Canadian pharmacy” spam was hijacked, replacing the usual content of its messages with “Hacked by Bastet”. The “pharmacy” website itself was defaced with the same message, and the list of spammed email addresses was leaked onto Pastebin. A few days later, the spam server was taken offline.

“Bastet” continued their hacking, targeting various types of spammers and scammers. Several copycat hackers appeared with similar motives, such as “Sekhmet”, “Mafdet”, “Nefertem”, and “Freyja”.

In 2015, “Bastet”, “Sekhmet”, and “Nefertem”, along with 2 other people attributed only as “two guys from Micronesia”, formed a hacking group known as Team Bastet.

Leadership
Team Bastet has no real leaders; “Bastet” themselves may actually be multiple people. Most members use pseudonyms taken from Egyptian, Norse, Greek, and Roman deities.

Presentation
The group goes for a presentation emulating the Internet culture of the 2000s, and heavily uses “dead memes” like LOLcats and various YTMND “fads” in its publicity. Shock images such as goatse and tubgirl are often used when sites are defaced.

Website
The Team Bastet website is accessible from both the “normal” Internet (teambastet.fm), and the TOR network. It includes a form for people to suggest hacking targets (such as scam sites), which says “Safebrowsing and Netcraft do jackshit against scammers. Report them to us instead; we’ll actually do something.” People are also encouraged to forward any spam email they receive to Team Bastet’s email addresses.

Team Bastet refuses to accept donations via Bitcoin or other cryptocurrencies, calling them “Monopoly money”. Instead, they have publicly-available accounts on platforms such as PayPal or Patreon. These accounts are often terminated, so “alt-tech” and TOR sites are also used to solicit donations.

History of hacks

 * May 2013: First hack attributed to “Bastet”. Targeted a pharmacy spam email server.
 * March-May 2014: Several members of the Syrian Electronic Army (SEA) hacking group were doxxed by “Nefertem”. The SEA website was also defaced.
 * August 2015: First reported hacks under the Team Bastet name, targeting phishing and tech support scams.
 * 2016-2018: Rivalry with OurMine, another hacking group. In 2016, after the official Team Bastet Twitter account was hacked by OurMine, OurMine’s website was defaced with “Goatse” images by Team Bastet, starting a rivalry. Later, Team Bastet would often infiltrate accounts that had just been hacked by OurMine, posting content labeling OurMine as “publicity hounds”. Team Bastet and OurMine would often hijack each other’s social media accounts. In 2018, Team Bastet declared a truce with OurMine.
 * May 12, 2017: Team Bastet hackers discovered the “kill switch” in WannaCry ransomware, and used it to stop the further spread.
 * July 15, 2020: After several high-profile Twitter accounts, including these of Ellen Peck, the official Team Bastet account, and the account of founder “Bastet”, were hacked by crypto scammers, member “Aten” posted the names, home addresses, and phone numbers of the suspected hackers.
 * 2020-present: Operation Reflector. Hijacks popular YouTube channels hacked by cryptocurrency scammers, and returns them to their original owners.
 * Mid-to-late 2021: Operation ClosedSea DDOS attack on OpenSea and other NFT platforms, due to allegations of massive art theft.
 * March 26, 2022: After Nathaniel Bandy’s YouTube channel got hacked by a cryptocurrency scam, the official Twitter accounts of MicroStrategy and Michael Saylor (alleged to be the hackers) were hijacked by Team Bastet, which demanded a sum of 1 million US dollars (in “real legal tender, not crypto-monopoly-money”), and the returning of Bandy’s accounts.
 * April 1, 2022: Great r/place War. Team Bastet affiliates assisted in placing a message on the r/place canvas (part of Reddit’s April Fools festivities) saying “FUCK NFTS”, coordinated on r/fucknftsplace. When users from r/superstonk (a subreddit dedicated to fans of the company GameStop, which had an NFT marketplace in the works) started “griefing” to censor the message, Team Bastet counterattacked, not only restoring the anti-NFT message, but also co-ordinating with “The Void” to destroy r/superstonk’s own contributions to the canvas, and hijacking several r/superstonk moderator accounts. r/superstonk was also “griefed” by several sockpuppet accounts, and due to aforementioned hijacked mod accounts, the subreddit header was briefly vandalized with Team Bastet images, and the header text “💎🙌Superstonk🚀🦍” was replaced with “TEAM BASTET WUZ HERE - fuck nfts, gme is a cult”; the “about community” sidebar was also changed to display links to rival subreddit r/gme_meltdown. Several prominent “GME apes” were also doxxed throughout the day, especially these who had participated in the griefing of the message placed by r/fucknftsplace members. When “GME apes” started a DDOS attack on teambastet.fm, bastet.fm, and associated sites, Team Bastet retaliated by blocking several “ape” IP addresses from accessing its sites, effectively rendering the DDOS against them worthless, and launching its own DDOS attacks on GameStop, LoopRing, and ImmutableX. The r/place canvas continued to be a battlefield, with Team Bastet placing its own “propaganda poster” where the r/superstonk “tapestry” once stood.

Reception
Team Bastet is widely praised as one of the most notable “white-hat” hacking groups. According to several sources, Team Bastet’s attacks on ransomware groups have saved an estimated 100 million US dollars.