Cyber Army of Russia

Threat Actor Profile Updated 2 days ago
Download STIX
Preview STIX
The Cyber Army of Russia is a threat actor that has been particularly active in launching Distributed Denial of Service (DDoS) attacks against Ukraine. They are part of an array of pro-Russia hacktivist groups, including Turla, XakNet, KillNet, NoName057(16), and Anonymous Russia, that remain operational as of the latest reports. Other groups, such as Solntsepek and InfoCentr, have also been identified by Microsoft as regular interactors with Seashell Blizzard, a Russian state-sponsored threat actor linked to the GRU, Russia's military intelligence agency. The Cyber Army of Russia has been less active outside of Ukraine, targeting other countries only sporadically. In a significant development, Ukraine’s security service (SBU) announced the arrest of an alleged member of the Cyber Army of Russia. This marks a notable breakthrough in countering the group's activities. The news was initially reported by The Record Media and further confirmed through SBU's official Telegram channel. This arrest highlights the ongoing efforts by Ukraine to disrupt the operations of this pro-Russia hacker group. Research by Mandiant has linked both XakNet and the Cyber Army of Russia to Russian security services, suggesting these groups serve as fronts to disseminate information obtained illicitly by state-backed entities. These threat actors often make their attacks public by leaking stolen files and technical documentation on Telegram channels controlled by "independent volunteers," such as CyberArmyofRussia_Reborn. Despite the arrest, the continued activity of these groups indicates the persistent cyber threats posed by pro-Russian entities.
What's your take? (Question 1 of 4)
97dbd9d7-d40f-4f29-a28e-0e3981ac963a Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Anonymous Russia
2
Anonymous Russia, a malicious software (malware), has been associated with significant cyber-attacks, accounting for more than 30% of such incidents. This malware is affiliated with other hacktivist groups including Killnet, MIRAI, Venom, and has been involved in promoting Passion. Anonymous Russia,
XakNet
2
XakNet is a notable threat actor, potentially aligned with Russian interests, that has been implicated in various cyber attacks. This group emerged prominently during Russia's conflict with Ukraine and the subsequent ban on Russia from the 2022 FIFA World Cup. The Russian government was suspected of
KillNet
2
Killnet is a threat actor group, potentially aligned with the Russian government, that has been involved in various malicious cyber activities. The group is suspected to be a part of a broader network of nationalistic Russian "hacktivist" groups and ransomware operators, possibly encouraged by the R
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Russia
Telegram
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Cyber Army of Russia Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
Securityaffairs
4 months ago
Ukraine’s SBU arrested a member of Pro-Russia hackers group 'Cyber Army of Russia'
CERT-EU
8 months ago
At least 23 Russian hacker groups targeted Ukraine in 2023, Ukraine’s cyber defense says
CERT-EU
9 months ago
What's in a NoName? Researchers see a lone-wolf DDoS group | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
BankInfoSecurity
8 months ago
Ukraine Cyber Defenders Prepare for Winter
DARKReading
4 months ago
Microsoft Threat Report: How Russia’s War on Ukraine Is Impacting the Global Cybersecurity Community
CERT-EU
8 months ago
Israel govt websites hit by DDoS Cyber Attack - Cybersecurity Insiders
CERT-EU
a year ago
Hacktivism Unveiled, April 2023 Insights Into the Footprints of Hacktivists
BankInfoSecurity
4 months ago
Breach Roundup: CIA Hacking Tool Leaker Gets 40 Years
Flashpoint
a year ago
For Money and Attention: Killnet Apparently Reorganizes Again
CERT-EU
8 months ago
Ukraine Cyber Defenders Prepare for Winter