Anonymous Russia

Threat Actor updated 23 days ago (2024-11-29T13:32:47.854Z)
Download STIX
Preview STIX
Anonymous Russia, a malicious software (malware), has been associated with significant cyber-attacks, accounting for more than 30% of such incidents. This malware is affiliated with other hacktivist groups including Killnet, MIRAI, Venom, and has been involved in promoting Passion. Anonymous Russia, alongside pro-Russian groups like NoName057(16) and others, targeted Poland as well as individuals and organizations opposing the Russian invasion of Ukraine. The attacks included defacement and denial-of-service activities, causing substantial disruptions. The group amassed a following of 9,000 members but lagged significantly behind larger patriotic hacktivist groups. Despite this, its influence remained notable within the broader landscape of pro-Russia hacktivist entities such as Turla, XakNet, KillNet, NoName057(16), Anonymous Russia, and Cyber Army of Russia. However, the group experienced internal changes when Killnet announced the appointment of a new head for Anonymous Russia, named Radis, indicating shifts in its leadership structure. In recent developments, the original head of Anonymous Russia, Raty, was apprehended by Belarusian authorities after their identity was exposed by KillMilk, the leader of Killnet. Following this event, the original Telegram channel of Anonymous Russia was completely wiped and replaced by a new channel with the same name. Moreover, it was announced that the group would transform into a DDoS-for-hire entity, offering its services to any interested parties. This change signifies a shift in the group's modus operandi from primarily political motivations to a more commercial focus.
Description last updated: 2024-05-05T01:29:57.817Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Cyber Army of Russia is a possible alias for Anonymous Russia. The Cyber Army of Russia, a threat actor believed to be linked to the notorious Sandworm group, has been active in carrying out malicious cyber activities since 2022. The group, also known as the Cyber Army of Russia Reborn (CARR), has been particularly involved in a series of low-impact distributed
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Russia
Ddos
Telegram
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The KillNet Threat Actor is associated with Anonymous Russia. Killnet is a threat actor or group with potential ties to the Russian government, known for its disruptive cyber-attacks. This group has been linked to several politically motivated attacks, including a significant assault on the Israeli government's website leading to its paralysis. Killnet has alsUnspecified
3
The Killmilk Threat Actor is associated with Anonymous Russia. KillMilk, a threat actor and leader of the hacking group Killnet, has been identified as Nikolai Serafimov, a 30-year-old Russian citizen. KillMilk has been instrumental in consolidating Russian hacktivist groups under Killnet's leadership, amassing a following of 8,000 members on his personal TelegUnspecified
3
Source Document References
Information about the Anonymous Russia Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more