Black Listing

Threat Actor updated 7 months ago (2024-05-04T19:51:46.176Z)

Download STIX

Preview STIX

Black Listing, a threat actor group also known as Killnet, emerged in the cybersecurity landscape with malicious intent. This group has been particularly active since late 2022 and early 2023, when they partnered with Deanon Club to conduct Distributed Denial of Service (DDoS) attacks against several darknet markets focused on narcotics. In February, Killnet and Deanon Club escalated their activities by establishing "Black Listing," a DDoS-for-hire extortion group specifically targeting these darknet markets. In March, Killnet further formalized its operations by announcing a DDoS-as-a-service offering dubbed "Black Listing." This development was perceived by Flashpoint as an attempt by the collective to carve out a more formal identity for itself. The service is designed to spot malware, spyware, and injection code within requests by scrutinizing the content and behavior of traffic, essentially functioning as a black-listing firewall. The repeated use of the name "Black Listing" or "Black Skills" signifies Killnet's intention to establish itself as a corporate entity within the cybercrime industry. However, despite its sophisticated naming and operational structure, Black Listing primarily operates as a simple DDoS-as-a-service provider. The threat posed by this group underscores the need for robust cybersecurity measures, particularly for entities operating within the darknet.

Description last updated: 2024-05-04T17:57:36.723Z

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
KillNet is a possible alias for Black Listing. Killnet is a threat actor or group with potential ties to the Russian government, known for its disruptive cyber-attacks. This group has been linked to several politically motivated attacks, including a significant assault on the Israeli government's website leading to its paralysis. Killnet has als	4
Black Skills is a possible alias for Black Listing. Black Skills is a newly established Private Military Hacking Company (PMHC), announced by Killmilk, the leader of the Russian hacktivist collective Killnet, on March 13, 2023. The initiative, launched via Telegram, appears to be an effort by Killnet to establish itself as a corporate entity and furt	2

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Ddos

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the Black Listing Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	2 years ago	‘Black Skills' Is Killnet's Attempt to Form a ‘Private Military Hacking Company' – Global Security Mag Online
DARKReading	2 years ago	Pro-Islam Hacktivists Likely a Front for Russia's Killnet
Flashpoint	2 years ago	Killnet Ostracizes Leader of Anonymous Russia, Adding New Chapter to Pro-Kremlin Hacktivist Drama
CERT-EU	2 years ago	‘Black Skills' Is Killnet's Attempt to Form a ‘Private Military Hacking Company' – Global Security Mag Online
CERT-EU	2 years ago	What is a WAF? (Web Application Firewall)
Flashpoint	2 years ago	‘Black Skills’ Is Killnet’s Attempt to Form a ‘Private Military Hacking Company’