Putting someone on a (most) wanted list is "doxing"?
[Edit] "An international search is underway for Daniil Maksimovich SHCHUKIN on suspicion of numerous counts of gang-related and commercial extortion using ransomware to the detriment of commercial enterprises, public facilities, and institutions."
Yeah, I’m not okay with this. Doxxing is a term with an extremely negative connotation and is often done to people who, bluntly, weren’t hiding or doing anything wrong. The correct term for the same act here is either “accuse” or “unmask”.
So it is doxxing if the doxxed committed wrongdoings from the perspective of... the doxxer? Ideals, morality, alignment, goals and purpose are and have always been a static constant for all humankind. There is no pineapple pizza, it is a lie, for I don't like it, and therefore nobody else ever did either.
So basically it's like Terrorism or Genociding, where if it's against the team you are rooting for, it is that, and if it's not against your in-group it's just War?
I'd rather "doxxing" just mean "de-anonymizing" because that's 1) how I already read it, 2) removes the whole "who is the more moral side in this dispute therefore has the right to make the accusation" problem
If someone wasn't previously known, only an alias or alter-ego, but you then link those together with a real-life identity, that's very much the definition of "doxxing", at least the original definition, maybe it's different today? Positive or negative doesn't really matter, just like "shooting" or "jumping" in itself isn't positive or negative, it's just a verb.
This does seem close to the original intent of "doxxing", where information ("dox") is publicized that connects a real-world identity to a previously anonymous online persona. These are hackers in the classic sense who were going out of their way to stay anonymous.
The dilution of the word doxxing has been interesting, though. Some of the recent "doxxing" controversies have been about figures who weren't all that anonymous to begin with. The pop culture meaning has been extended to cover any mention of someone's real identity at all, even if it wasn't a secret.
> Putting someone on a (most) wanted list is "doxing"?
No, if they just put UNKN on the most wanted list, then it wouldn't be doxing. But then they also tie UNKN together with "Daniil Maksimovich Shchukin", and that's the doxxing, regardless or not if it's on a most wanted list.
I think this is not how wanted lists work, here in Germany at least. Do they work this way where you are living? The goal of wanted lists in Germany is to find the person the police is searching for to put them in front of a court if the prosecution can make a case.
Perhaps this goes back to leftist terrorism in Germany in the 1970s, they would not use the code names of terrorists on the wanted lists but their real names to find them, because this is what they wanted - but I don't know.
How is "this is the name of the formerly anonymous extortionist" doxxing?
Unless there's something not covered in the article, his current address, family members, phone, etc were not listed. That's not doxxing; that's "here's a guy were want to arrest."
Makes you wonder if the investigators discovered this independently, or decided to maybe ask the hackers already involved in defending against them for help...
I'm not deep into the topic, but AFAIK there generally isn't a warm connection between the CCC and the BND in Germany (in the recent years mostly due to the BNDs involvement ins spying on German citizens, but I think there is also deeper history there). If a hacker collaborates with the BND they do run a risk of many of their peers not wanting to collaborate with them anymore.
It also has something to do with the so called "Hackerparagraph" [1] under which whitehat hacking is basically impossible in Germany. Even writing a program that could potentially be used for hacking is a crime. If you followed the law word for word the authors of e.g. curl could be charged under this law.
I think people are getting stuck on the concept of the word doxing here. In anonymous online hacking circles, the idea that you're exposing anyone's OPSEC at all is considered basically doxing. People do it regularly, but it's seen as a clear indication of being an enemy.
Some take a "full disclosure" style and expose all OPSEC failures instantly and transparently, because otherwise people seem to collect OPSEC failures and make it seem to be extortion itself, like saying "hey remember that time you signed off with your real name?" or "I know your clearnet address"
Since when does putting criminals on official wanted lists count as doxxing?!? If they want their information taken down they just have to show up in court.
Some of the comments here (and lately on HN in general) are very concerning to me. Are we really going to pretend that people accused of real crimes shouldn’t be arrested, charged and, if found guilty, have an appropriate sentence? It doesn’t take many more than 2 brain cells rubbing together to see that that won’t end well. Whataboutism, political differences, and even real injustices in my opinion to not make this a reasonable position.
It probably depends on what people think about the laws that define what a "real crime" is.
E.g. in germany it was a real crime to grow some weed. Now it's legal, but even before a lot of reasonable people didn't want someone go to jail over weed.
"Doxxing" is from the 90s and was used to describe a hacker unmasking another hacker so they could be arrested. That's almost exactly the same usage as here.
This outsourcing of one's morals to the state is excessive even by already high western white collar internet standards.
Now, make no mistake, these guys are up to no good and probably should be identified and prosecuted, but to just declare that a bad thing is now good because government is doing it is basically an abdication of one's moral compass. At best this is still a bad thing but a necessary one because all the other options are worse. Like shooting someone in self defense, or putting someone in a cage for doing sufficiently bad things.
Edit: I'll admit I played too loose with ethics vs morality here, but still the point stands.
Certainly, criminals also have a right to privacy. However, the limited publication of personal data of criminals by law enforcement is generally a legally legitimate measure. Doxxing, on the other hand, is generally a process that violates the fundamental right to privacy.
"Identifying a criminal" doesn't imply that it's done by the government, and being done by the government doesn't imply that it's done to a criminal. This comment seems like quite a leap.
ethics and morality are not interchangeable are they?
anyway individuals willingly give to teh state some autonomy in return for the safety of governance... that's the social contract free people have with government
"doxxing" a Russian ransomware group is the kind thing to do. bombing them out of existence is within the remit of the range of ideas a government could resort to...
I agree that “doxxing” is being misused in TFA, but criminals have privacy rights like anyone else. Violating these rights requires specific justification, it’s not automatically ethical.
I mean doxxing is totally incorrect. Let's say for example there was a person on film near a crime scene, even though the police know they weren't directly involved there is no violation of privacy in the US if the police post their picture and ask for them to come forward. Or even later find out their name and look for them publically.
Found his record in Russia's official company registry. This is what he officially does as an entepreneur:
56.10 — Restaurant activities and food delivery services
47.23 — Retail sale of fish, crustaceans, and mollusks in specialized stores
47.25.12 — Retail sale of beer in specialized stores
47.25.2 — Retail sale of soft drinks in specialized stores
47.29.39 — Retail sale of other food products in specialized stores, not included in other groups
68.20 — Lease and management of own or leased real estate
Money is reinvested into selling beer and fish :) Interestingly, he registered all that in 2019, just when the ransoms started.
I find it entertaining that even as part of a Russian hacking gang, the real threat is the Russian tax authorities. Regardless of how you got the money, need to pay the taxes.
Go look at the al Qaeda emails recovered from the raid that killed bin Laden and you'll find all the same stuff. Turns out that the way businesses operate is just a good way to operate human organizations in general, whether their goal is to sell widgets or blow up infidels.
Putting someone on a (most) wanted list is "doxing"?
[Edit] "An international search is underway for Daniil Maksimovich SHCHUKIN on suspicion of numerous counts of gang-related and commercial extortion using ransomware to the detriment of commercial enterprises, public facilities, and institutions."
Yeah, I’m not okay with this. Doxxing is a term with an extremely negative connotation and is often done to people who, bluntly, weren’t hiding or doing anything wrong. The correct term for the same act here is either “accuse” or “unmask”.
So it is doxxing if the doxxed committed wrongdoings from the perspective of... the doxxer? Ideals, morality, alignment, goals and purpose are and have always been a static constant for all humankind. There is no pineapple pizza, it is a lie, for I don't like it, and therefore nobody else ever did either.
2 replies →
So basically it's like Terrorism or Genociding, where if it's against the team you are rooting for, it is that, and if it's not against your in-group it's just War?
I'd rather "doxxing" just mean "de-anonymizing" because that's 1) how I already read it, 2) removes the whole "who is the more moral side in this dispute therefore has the right to make the accusation" problem
If someone wasn't previously known, only an alias or alter-ego, but you then link those together with a real-life identity, that's very much the definition of "doxxing", at least the original definition, maybe it's different today? Positive or negative doesn't really matter, just like "shooting" or "jumping" in itself isn't positive or negative, it's just a verb.
17 replies →
Unfortunately language tends to get diluted. Nowadays in pop culture it means publishing anyone's personal information, usually against their wishes.
This does seem close to the original intent of "doxxing", where information ("dox") is publicized that connects a real-world identity to a previously anonymous online persona. These are hackers in the classic sense who were going out of their way to stay anonymous.
The dilution of the word doxxing has been interesting, though. Some of the recent "doxxing" controversies have been about figures who weren't all that anonymous to begin with. The pop culture meaning has been extended to cover any mention of someone's real identity at all, even if it wasn't a secret.
2 replies →
“When I use a word,” Humpty Dumpty said, in rather a scornful tone, “it means just what I choose it to mean — neither more nor less.”
also it seems the US had already identified him 3 years prior?
I do not understand this logic either. They take GDPR way too serious haha. JK obv.
> Putting someone on a (most) wanted list is "doxing"?
No, if they just put UNKN on the most wanted list, then it wouldn't be doxing. But then they also tie UNKN together with "Daniil Maksimovich Shchukin", and that's the doxxing, regardless or not if it's on a most wanted list.
I think this is not how wanted lists work, here in Germany at least. Do they work this way where you are living? The goal of wanted lists in Germany is to find the person the police is searching for to put them in front of a court if the prosecution can make a case.
Perhaps this goes back to leftist terrorism in Germany in the 1970s, they would not use the code names of terrorists on the wanted lists but their real names to find them, because this is what they wanted - but I don't know.
5 replies →
Back in the day, being doxed meant having your real name, address, phone number, email, etc. posted online for anyone to do what they would.
This seems to be just issuing an arrest warrant.
Uh, you think they should just put "UNKN" on the wanted list instead of the person they believe is UNKN? That's not very helpful...
How is "this is the name of the formerly anonymous extortionist" doxxing?
Unless there's something not covered in the article, his current address, family members, phone, etc were not listed. That's not doxxing; that's "here's a guy were want to arrest."
That wouldn't sound cool. Especially as noone actually gives a fuck about what germany wants.
I feel accepted spelling of the word is 'doxxes'; doxes in my head reads as 'dokeses'.
Also talk about a headline that would mean absolute gibberish just a couple decades ago.
So apparently some CCC-connected hackers already unmasked one of them years ago (as reported in the update, which could have also just linked to the talk here: https://media.ccc.de/v/37c3-12134-hirne_hacken_hackback_edit... )
Makes you wonder if the investigators discovered this independently, or decided to maybe ask the hackers already involved in defending against them for help...
I'm not deep into the topic, but AFAIK there generally isn't a warm connection between the CCC and the BND in Germany (in the recent years mostly due to the BNDs involvement ins spying on German citizens, but I think there is also deeper history there). If a hacker collaborates with the BND they do run a risk of many of their peers not wanting to collaborate with them anymore.
It also has something to do with the so called "Hackerparagraph" [1] under which whitehat hacking is basically impossible in Germany. Even writing a program that could potentially be used for hacking is a crime. If you followed the law word for word the authors of e.g. curl could be charged under this law.
1: https://de.wikipedia.org/wiki/Vorbereiten_des_Aussp%C3%A4hen... [de]
Maybe the special agents watched the talk in their free time
I think people are getting stuck on the concept of the word doxing here. In anonymous online hacking circles, the idea that you're exposing anyone's OPSEC at all is considered basically doxing. People do it regularly, but it's seen as a clear indication of being an enemy.
Some take a "full disclosure" style and expose all OPSEC failures instantly and transparently, because otherwise people seem to collect OPSEC failures and make it seem to be extortion itself, like saying "hey remember that time you signed off with your real name?" or "I know your clearnet address"
Spiegel recently did a video on them: https://www.youtube.com/watch?v=HuwRrqM6H1M
Since when does putting criminals on official wanted lists count as doxxing?!? If they want their information taken down they just have to show up in court.
Some of the comments here (and lately on HN in general) are very concerning to me. Are we really going to pretend that people accused of real crimes shouldn’t be arrested, charged and, if found guilty, have an appropriate sentence? It doesn’t take many more than 2 brain cells rubbing together to see that that won’t end well. Whataboutism, political differences, and even real injustices in my opinion to not make this a reasonable position.
It probably depends on what people think about the laws that define what a "real crime" is.
E.g. in germany it was a real crime to grow some weed. Now it's legal, but even before a lot of reasonable people didn't want someone go to jail over weed.
Feels odd for an infosec blog to use 'doxxing' this way. Doxxing is generally considered to be unethical exposure of personal information.
Identifying a criminal is ethical.
"Doxxing" is from the 90s and was used to describe a hacker unmasking another hacker so they could be arrested. That's almost exactly the same usage as here.
Semantic shift happens over time. A 2026 article is supposed to communicate to 2026, not 1996, readers.
1 reply →
I can't find it in the jargon file: http://catb.org/jargon/html/D.html
1 reply →
I think they obviously just took it as 'exposure of personal information' period.
[dead]
>Identifying a criminal is ethical.
This outsourcing of one's morals to the state is excessive even by already high western white collar internet standards.
Now, make no mistake, these guys are up to no good and probably should be identified and prosecuted, but to just declare that a bad thing is now good because government is doing it is basically an abdication of one's moral compass. At best this is still a bad thing but a necessary one because all the other options are worse. Like shooting someone in self defense, or putting someone in a cage for doing sufficiently bad things.
Edit: I'll admit I played too loose with ethics vs morality here, but still the point stands.
Certainly, criminals also have a right to privacy. However, the limited publication of personal data of criminals by law enforcement is generally a legally legitimate measure. Doxxing, on the other hand, is generally a process that violates the fundamental right to privacy.
14 replies →
not the state, but the law
1 reply →
"Identifying a criminal" doesn't imply that it's done by the government, and being done by the government doesn't imply that it's done to a criminal. This comment seems like quite a leap.
4 replies →
Innocent until proven guilty (in a court of law)?
ethics and morality are not interchangeable are they?
anyway individuals willingly give to teh state some autonomy in return for the safety of governance... that's the social contract free people have with government
"doxxing" a Russian ransomware group is the kind thing to do. bombing them out of existence is within the remit of the range of ideas a government could resort to...
2 replies →
> Identifying a criminal is ethical.
I agree that “doxxing” is being misused in TFA, but criminals have privacy rights like anyone else. Violating these rights requires specific justification, it’s not automatically ethical.
They put the person on a wanted list.
1 reply →
I mean doxxing is totally incorrect. Let's say for example there was a person on film near a crime scene, even though the police know they weren't directly involved there is no violation of privacy in the US if the police post their picture and ask for them to come forward. Or even later find out their name and look for them publically.
[dead]
[flagged]
This reads less like “hacking” and more like an optimized business.
Clear specialization, outsourcing, and reinvestment — very similar to how startups scale.
Found his record in Russia's official company registry. This is what he officially does as an entepreneur:
Money is reinvested into selling beer and fish :) Interestingly, he registered all that in 2019, just when the ransoms started.
Classic money laundering.
I find it entertaining that even as part of a Russian hacking gang, the real threat is the Russian tax authorities. Regardless of how you got the money, need to pay the taxes.
1 reply →
> 56.10 — Restaurant activities and food delivery services
That one is a classic for russian criminals and warlords.
1 reply →
Ah yes a business like the mafia
The parent commenter has apparently never heard of organized crime.
Go look at the al Qaeda emails recovered from the raid that killed bin Laden and you'll find all the same stuff. Turns out that the way businesses operate is just a good way to operate human organizations in general, whether their goal is to sell widgets or blow up infidels.