Darknet Parliament

Threat Actor Profile Updated 24 days ago
Download STIX
Preview STIX
Darknet Parliament is a threat actor collective formed by pro-Russian hacktivist groups Killnet, Anonymous Sudan, and the resurged REvil. This alliance was publicly announced on June 16th, as seen in a post on the Killnet Telegram channel. The formation of Darknet Parliament appears to be a response to the SWIFT international banking system's decision to cut off Russian banks following its illegal invasion of Ukraine. Their stated objective is to execute "massive" cyber attacks on Western financial systems, specifically targeting European and US banks, the US Federal Reserve System, and particularly aiming to paralyze the Society for Worldwide Interbank Financial Telecommunication (SWIFT). A successful Distributed Denial of Service (DDoS) attack on SWIFT could have global ramifications given its pivotal role in conducting worldwide financial transactions. There are speculations that Anonymous Sudan may have ties to Russia, reinforced by their recent announcement about forming the Darknet Parliament with other pro-Russian groups. These connections became more apparent when Anonymous Sudan declared its collaboration with KillNet and REvil to form the Darknet Parliament and orchestrate cyber attacks on European and U.S. financial institutions. It's worth noting that while there is potential for significant disruption, cybersecurity researchers have not observed any novel DDoS attacks or disruptions targeting their customers, despite mitigating approximately 10,000 Darknet Parliament actions on websites protected by Cloudflare. The activities of Darknet Parliament represent an escalation in cyber threats, with a focus on disrupting financial systems. The group's intention to launch a DDoS attack on SWIFT underscores this shift towards more ambitious targets. Moreover, Cloudflare's Q2 2023 report indicates a concerning trend, with attacks exceeding 3 hours having increased by 103% quarter-on-quarter. As such, the emergence of the Darknet Parliament underlines the need for robust cybersecurity measures within the financial sector and beyond, particularly in light of the evolving threat landscape.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Darknet Parliament Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
10 months ago
Newly Sophisticated DDoS Attacks Surged in Q223
CERT-EU
a year ago
Microsoft confirms June Outlook and OneDrive outages were caused by DDoS attacks | Engadget
CERT-EU
a year ago
Threat Actors Claim International Finance Corporation (IFC) Attack
CERT-EU
6 months ago
How DDoS attacks are taking down even the largest tech companies
CERT-EU
10 months ago
Cloudflare reports 'alarming surge' in DDoS sophistication, escalation in recent months
CERT-EU
10 months ago
An ‘Alarming Escalation’ of Sophistication in DDoS Attacks, Cloudflare Says
CERT-EU
a year ago
Microsoft Blames Massive DDoS Attack for Azure, Outlook, and OneDrive Disruptions