From the Digital Trenches: Exclusive Interview with Z-Pentest

Z-Pentest is a pro-Russian Serbian hacktivist group that has carried out various attacks against NATO countries. This actor specializes in industrial environments and poses a challenge to organizations around the world. 

Rafa Lopez, former CTO of Miólnir, reached out to Z-Pentest thanks to Noname057(16), finding Z-Pentest very receptive, or at least their spokesperson. He discussed with them the possibility of understanding their perspective on the current geopolitical landscape. He also wanted to learn more about their motivation, techniques, and tactics.

The actor was frankly receptive and very cooperative. Below, Rafa Lopez presents the interview as it is, with only some modifications for the translation from English, the language in which the original interview was conducted.

Thanks to Jose Luís and Ainoa Guillén who helped with some very specific questions. 

Rafa López: First of all, thank you for taking the time for this interview. As you know, I’ve spoken with NoName057(16) before. My interest is purely informative and aimed at understanding all perspectives. 

Z-Pentest: We’d like to correct a small error: instead of NoName057, it should be NoName057(16). It’s just numbers, but it’s very important. Thank you for your interest in us! We promise to answer honestly, but with the right amount of humor to ensure no one falls asleep during the process. So make yourself a cup of tea (or something stronger), buckle up—our conversation promises to be more exciting than trying to explain to your grandmother how to use Bluetooth. 

1. What do you think about the current geopolitical situation? It seems that Donald Trump and the US want to end the war in Ukraine, while Europe continues to support Zelensky. 

We’re always on Russia’s side, no need to guess. As for Zelensky’s circus show in the Oval Office, well, he’s better at comedy than military strategy. By the way, we like how Trump mocks the fictional state; at least he has a sense of humor. 

As for Europe’s leaders… Well, they’re a bunch of lost people who don’t understand who or what they’re dealing with. If they think they’re safe, we have to disappoint them: no, they’re not. We’re everywhere. 

Anyone who opposes the Russians is signing a one-way ticket with no return. We don’t care who decided to play with fire; we will always defend our own and destroy everything that stands in our way. Want to try your luck? Well, good luck. You’ll need it. 

________________________________________ 

2. If the US stops sending military aid, does that mean attacks on this country’s infrastructure will also cease? 

Yes, that’s right, some groups have already openly declared this. Other countries should also start using their brains (if they still have any left) and stop throwing money into the black hole called «Ukraine,» where it will be gladly received, distributed, and sent to the right pockets. And the main clown of this circus, Zelensky, is more than happy with such sponsorship—of course, such a show wouldn’t last long without a budget! 

At the same time, every European country has its own problems to solve: prices are rising, migrants are having fun, and people are unhappy, but no—it’s better to send the last coins into the pockets of corrupt officials. Brilliant strategy! 

And if they suddenly wonder, «What are we really supporting?» they can Google the word «Nazism.» Although, knowing their intellect, there’s a risk they’ll simply send a few more billions «for democracy support.» 

________________________________________ 

3. Moving on to attacks, you’ve specialized in the industrial sector, also known as OT (Operational Technology), and it seems you’ve gained access. 

We’re not just a group; we’re a phenomenon that transcends all borders. We have broad specialization and are not limited in our capabilities, unlike those who operate by the book. While others follow old patterns and believe in outdated methods, we adapt, change, and are always one step ahead. 

We’re not restricted by borders because we create them ourselves and break them whenever we want. We can be anywhere, at any level, in any system. Some still naively believe this doesn’t concern them. They’re wrong. 

Some have already realized we’re here. Some suspect it. And some still live in the illusion of security. But the reality is: we’re already in. We observe, we analyze, we wait for the right moment. And when it comes, no one will even have time to blink. 

4. What are your thoughts on security in critical environments? Which country or infrastructure has been the hardest to breach? 

We’ve never There are no situations in which something hasn’t gone according to plan, simply because the plan is always ours. Everything happens easily, without unnecessary effort, as if the world itself were opening its doors to us. And sometimes, there aren’t even any doors. 

Choose just one country? No, that would be unfair to the others. We value everyone—the geography of success knows no boundaries (except for our brothers in Russia and friendly countries). Do you want to think we’re far away? Good luck. In reality, we’re close. 

________________________________________ 

5. In these cases, when critical infrastructure is compromised, such as the energy sector, water treatment plants, or ports, does their current capability allow them to exploit vulnerabilities in industrial environments, specifically in PLCs? Could they even modify programmed values, such as water potability levels? 

Europe isn’t just a hole; it’s a sieve, trying to hold back water while opening more holes. They delude themselves with the illusion of control, discussing «important issues» at summits while their own countries crumble. Instead of solving their own problems, they insist on meddling in places where they weren’t invited. 

Unlike them, we work precisely, quickly, and without unnecessary speeches. We don’t seek to harm civilians. But if the situation requires difficult decisions, we will do whatever is necessary. And we don’t care who complains to the UN, posts angry messages, or records emotional appeals afterward. 

We don’t worry about the consequences. The consequences should fear us. We show up where «we shouldn’t be» and leave behind only one question: «How did they do it?» The answer is simple: while others were making plans, we were already acting. 

________________________________________ 

6. Would it be possible to introduce malware into PLCs and use them for attacks? Do you have any proof of concept to prove this? 

This sector uses proprietary formulas, such as the development of vaccines, perfumes, Coca-Cola recipes, etc., which are programmed and stored within the PLC logic. Is it possible to extract these formulas and sell them on the black market? Has it already happened? 

Yes, anything is possible, but malware isn’t our focus right now, so we have no concrete evidence. We don’t walk around with a USB drive showing logs to prove our involvement—we simply don’t need it. 

Want proof? Check out X (Twitter), everything is exposed there: news, analysis, speculation—internet detectives work for us. We don’t even have to intervene; they do all the work and then report it to the entire world. 

As for the black market—we don’t sell anything there, but if we ever decide to, the opportunity is always present. It’s simply not in our interest right now. We have other, more important tasks. 

If you still have doubts, look at X. Everything was said there a long time ago. In the meantime, we focus on what we really know how to do. 

7. Let’s talk about government defense. Different defense systems—submarines, frigates, aircraft, tanks, and buildings—use industrial automation and control systems. Why have there been no known attacks against these systems? Do you consider them potential cyber targets? 

We, like all rational people, don’t want a nuclear war. We don’t need to create a global apocalypse—that’s too boring and predictable. But if someone wants to play the «Who’s Smarter?» game, we’re always ready to fuel the fire. 

By the way, you’ve probably read the news that British submarines are powered by software created by Russians and Belarusians. Now imagine this scenario: a British admiral sits proudly at his post, presses the buttons, and suddenly a message appears on the screen: «Activation possible only after a call to Moscow.» 

So think for yourselves: are we there or not? For us, of course, there’s no question. But for the British, they’ll have to squeeze those three functioning neurons to find out. 

And if they suddenly think they’re safe—well, let them keep thinking that way, they’re used to it. The important thing is that, at some point, their submarines don’t accidentally end up going in the wrong direction… 

________________________________________ 

8. Are there already military targets compromised with industrial control devices that haven’t yet been revealed? 

Yes, of course there are. But we don’t shout it out loud, unlike those who openly declare their security and then wonder why everything suddenly went wrong. We remain silent because silence is our best weapon. 

We break in through any loophole, be it a vulnerability in the system, a weak link in security, or simply a stupid password. As long as someone They think everything is under control; we’re already inside, studying, analyzing, waiting. 

We take our time, unlike those who act without thinking and try to predict our moves. The best time to attack is when the victim is convinced no one will touch them. 

And when that moment arrives… well, the show begins. 

________________________________________ 

9. They are part of a large alliance of groups. Within this alliance, are there other teams with similar capabilities, or do they have specific roles to prevent duplicate attacks on the same target? 

Our alliance isn’t just a group of people united by common interests; it’s an elite team where each person does exactly what they do best. We don’t have a «loose» structure where everyone does everything. We’ve divided roles according to specialization, and that’s what makes us so effective. Everyone knows what they’re responsible for and performs their work at the highest level. 

Let’s just say we don’t have «jacks of all trades and masters of none» running around. Every team member is an expert in their field, and we know exactly who does what. If someone on the team encounters something outside their expertise, they don’t sit around trying to solve it alone. No, we help each other. It’s like in soccer: if a forward can’t score, the defender or goalkeeper is always ready to cover for them. 

If someone faces a problem they can’t solve, we’re always ready to step in and help. We support each other because we understand that as long as we stand together, our strength has no limits. 

10. Regarding Spain, it has been reported that several industrial sites have been breached and even factory values ​​altered. We all know that these environments are complex and operate with multiple protocols. Have you found significant vulnerabilities that have been easily exploited? 

Yes, we go everywhere, and that’s not just empty words. We’re not going to waste time on long explanations because the proof is already out there, and it can be found on our channel. But, in case anyone forgot, yes, we’re everywhere. Not just in cyberspace, but also in places where no one would expect us—safe zones aren’t as impenetrable as they once were. 

Spain… Well, it seemed like the perfect target for budding hackers. With minimal protection and vulnerabilities so predictable, they practically invited us in. It’s like chess: when your opponent leaves a piece exposed, you just wait your turn to move. We came in, did our job, and left. Everything went smoothly. 

The Spanish, it seems, thought their cybersecurity was like a garden fence that would crumble at the slightest gust of wind. Of course, we’re happy to help them realize that. 

We even supported our colleagues at NoName057(16) in their DDoS attacks, just to cheer them up a bit and add some fun to their day. Who said you can’t do two things at once? We, for example, can conduct cyberwarfare and be good colleagues at the same time. ________________________________________ 

11. Do you use simple initial access techniques like phishing to steal credentials, or do you deploy advanced malware like infostealers to obtain credentials, as well as wipers to destroy internal systems? 

We use all available tools, from the simplest to the most complex. But that doesn’t mean we run after every new tool that appears. No, our strategy is to combine resources intelligently, using the most appropriate for each situation. 

Approaching things without thinking, hitting with a hammer as if all problems could be solved with a single blow—that’s not who we are. We know that sometimes, to access a system, you have to act like a surgeon—delicately and precisely, using the tool that will give the best result in each case. 

So yes, if necessary, we use both a scalpel and a hammer. The important thing is that it’s effective, not just to make noise. 

________________________________________ 

12. You are part of several international alliances, including pro-Palestinian and anti-NATO groups. What motivation unites groups that, at first glance, appear to have such different agendas? 

What unites us? Yes, it’s a simple question. Let’s start with the most obvious: have you ever seen NATO do anything good? Honestly, we can’t think of any examples. This group is more like a group of schoolchildren fighting over who’s the boss of the class, but who are really just annoying everyone else. 

NATO, with its endless military operations and attempts to demonstrate its «power» to everyone, has proven once again that the louder you shout, the less useful you are. It’s more like an out-of-tune concert, where everyone plays their instrument in their own way, and in the end, it hurts your ears. 

And no one knows why they’re there. 

But what truly unites us is genuine support for our brothers and sisters. It doesn’t matter what passport they have or where they come from. If someone is with us, we are always on their side. We believe that humanity is more important than political games. And when you see NATO playing «who’s boss» again, but all it does is cause harm, you just want to tell them: «Guys, don’t you think it’s time to take a break and stop acting like idiots?» 

We support those who believe in real values, not in games with flags and guns. Because real power lies in the people, not in political blocs that only build walls and play who has the most power. 

________________________________________ 

13. You have been linked to state-sponsored actors who provide you with financial support. As a result, governments within the NATO consider you cybercriminals and terrorists. What do you have to say about these reports and their sources of funding? Are they incorrect? 

Every time we hear about being sponsored by a government, we laugh so hard we snort coffee. We’re not dependent on any country’s budget! We have an international crew, and if they made a movie about us, it would be a real box office hit. We’re like a big family, where everyone truly lives in harmony (well, except for those who always eat the last slice of pizza). 

But if someone decides to support us, say, with a cup of coffee or something stronger—we won’t say no! 

Of course, we manage perfectly well without it, but sometimes a cup of coffee wouldn’t hurt, and something stronger would be perfect for thinking better about how to make the world even more interesting. If anyone feels the need to chip in a few coins for a couple of cocktails, please do so—we’re always open to generous donations. 

________________________________________ 

14. In other groups, it has been shown that some members actually operate within the targeted countries. If so, do you have alliances with other groups or members within these nations? 

We have an international team, and while we can’t reveal all the details for security reasons, I can confidently say we’re almost everywhere. We know how to find like-minded people in the most unexpected places and carefully «integrate» them into our network, all while keeping this process out of sight of prying eyes. 

Each of us is part of something bigger, and when we see potential, we don’t just observe—we act. We take those who share our vision, who are ready to collaborate, and take them under our powerful wing. So if we’re not there yet, don’t worry, we’ll get there. In a world where information and connections are everything, we’re always one step ahead. 

________________________________________ 

15. Finally, I’ve noticed you have a strong focus on Spain. Is this due to your political stance, your lack of defensive capabilities, or some other motivation? 

Yes, it’s quite simple. Spain, despite its own problems, decided to support the Zelensky regime and his fictional country. Spain is already overwhelmed with its own crises: economic, political, and even royal family dramas. But instead of fixing its own house, it’s giving away its last bit of money to support a war against our brothers and sisters in Russia. Sounds like a great plan, right? 

If Spain were a person, it would be the typical «neighbor» who, despite their debts and empty fridge, still decides to help others. First, they ask you for some salt, and then they go on vacation with you. It’s amazing how this works, isn’t it? 

And the Ukraine thing—well, it’s like the Spanish supporting flamenco, but dancing on ice that’s about to break. At first, everything seems nice, but if you look closely, you see it’s all just a show with no solid foundation. So perhaps, before supporting these «projects,» Spain should focus on solving its own internal problems. 

________________________________________ 

16. Thank you for taking the time to answer these questions. As with NoName, this interview will be broadcast live and published in national and international media. 

Thank you for the opportunity to answer your questions. We appreciate you taking the time for this interview and hope our conversation is helpful and interesting for your audience.