| ID | Votes | Profile Description |
|---|---|---|
| Killmilk | 5 | KillMilk, a threat actor and leader of the hacking group Killnet, has been identified as Nikolai Serafimov, a 30-year-old Russian citizen. KillMilk has been instrumental in consolidating Russian hacktivist groups under Killnet's leadership, amassing a following of 8,000 members on his personal Teleg |
| Black Listing | 3 | Black Listing, a threat actor group also known as Killnet, emerged in the cybersecurity landscape with malicious intent. This group has been particularly active since late 2022 and early 2023, when they partnered with Deanon Club to conduct Distributed Denial of Service (DDoS) attacks against severa |
| XakNet | 3 | XakNet is a notable threat actor, potentially aligned with Russian interests, that has been implicated in various cyber attacks. This group emerged prominently during Russia's conflict with Ukraine and the subsequent ban on Russia from the 2022 FIFA World Cup. The Russian government was suspected of |
| Black Skills | 3 | Black Skills is a newly established Private Military Hacking Company (PMHC), announced by Killmilk, the leader of the Russian hacktivist collective Killnet, on March 13, 2023. The initiative, launched via Telegram, appears to be an effort by Killnet to establish itself as a corporate entity and furt |
| Infinity Forum | 2 | Infinity Forum is a threat actor group associated with Killnet and its allies. Established as a project to raise funds for these groups, it serves a dual purpose: expanding their capabilities and numbers while also facilitating the interaction between novice hacktivists and financially driven cyberc |
| Cyber Army of Russia | 2 | The Cyber Army of Russia, a threat actor group known for its malicious cyber activities, has been identified as the most active entity claiming Distributed Denial of Service (DDoS) attacks against Ukraine. This information was revealed in recent research conducted by ASERT, which also highlighted th |
| Cyberarmyofrussia_reborn | 1 | CyberArmyofRussia_Reborn is a threat actor with suspected links to the GRU, Russia's main intelligence agency. This group has been associated with several high-profile cyberattacks, including those on US and Polish water utilities and a French dam. The group uses its Telegram channel to leak stolen |
| Anonymoussudan | 1 | Anonymoussudan, a threat actor or malicious entity, has been identified as part of a recent wave of cyberattacks targeting Australian university websites. Partnering with the pro-Russian hacker group Killnet, these entities launched HTTP DDoS attacks in late March 2023, as observed by cybersecurity |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| REvil | Unspecified | 3 | REvil is a notorious form of malware, specifically ransomware, that infiltrates systems to disrupt operations and steal data. The ransomware operates on a Ransomware as a Service (RaaS) model, which gained traction in 2020. In this model, REvil, like other first-stage malware such as Dridex and Goot |
| Conti | Unspecified | 3 | Conti is a type of malware, specifically ransomware, known for its ability to disrupt operations, steal personal information, and hold data hostage for ransom. The malicious software infiltrates systems via suspicious downloads, emails, or websites, often unbeknownst to the user. It has been used in |
| Mirai | has used | 1 | Mirai is a type of malware that primarily targets Internet of Things (IoT) devices to form botnets, which are networks of private computers infected with malicious software and controlled as a group without the owners' knowledge. In early 2022, Mirai botnets accounted for over 7 million detections g |
| Tsunami | Unspecified | 1 | The "Tsunami" malware, a malicious software designed to exploit and damage computer systems, has caused significant cybersecurity disruptions globally. This malware, whose variants include xmrigDeamon, Bioset, dns3, xmrigMiner, docker-update, dns, 64[watchdogd], 64bioset, 64tshd, armbioset, armdns, |
| NotPetya | Unspecified | 1 | NotPetya is a notorious malware that was unleashed in 2017, primarily targeting Ukraine but eventually impacting systems worldwide. This malicious software, which initially appeared to be ransomware, was later revealed to be data destructive malware, causing widespread disruption rather than seeking |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Anonymous Sudan | is related to | 6 | Anonymous Sudan, a threat actor group known for its malicious cyber activities, has recently been the subject of increased attention in the cybersecurity industry. This entity, which could consist of a single individual, a private company, or part of a government organization, is responsible for exe |
| Anonymous Russia | Unspecified | 3 | Anonymous Russia, a malicious software (malware), has been associated with significant cyber-attacks, accounting for more than 30% of such incidents. This malware is affiliated with other hacktivist groups including Killnet, MIRAI, Venom, and has been involved in promoting Passion. Anonymous Russia, |
| NoName057 | Unspecified | 2 | NoName057 is a threat actor group known for its pro-Russian stance and execution of cyber-attacks with political motivations. In August 2023, the group made headlines when it launched Distributed Denial of Service (DDoS) attacks against multiple Czech banks and the Czech stock exchange. These attack |
| Deanon Club | Unspecified | 2 | Deanon Club, a threat actor group, emerged as a significant entity in the cybersecurity landscape through its collaborations with Killnet, another threat actor group. The two groups have been involved in multiple malicious activities, including distributed denial-of-service (DDoS) attacks on several |
| Siegedsec | Unspecified | 2 | SiegedSec, a threat actor group in the cybersecurity landscape, has been implicated in several high-profile cyber attacks. The group is known for its politically motivated actions and has recently claimed responsibility for an attack on the North Atlantic Treaty Organization (NATO). This recent even |
| Noname057(16) | Unspecified | 1 | NoName057(16), a threat actor group, has been increasingly active in executing attacks with malicious intent, primarily targeting government websites in Estonia, Lithuania, and Poland. The group's activities have become more news-driven, indicating a strategic shift in their operations. In compariso |
| Nikolai Serafimov | Unspecified | 1 | None |
| Fancy Bear | Unspecified | 1 | Fancy Bear is a sophisticated Russian-based threat actor, also known as Sofacy or APT 28, that has been active since the mid-2000s. Fancy Bear is responsible for targeted intrusion campaigns against the Aerospace, Defense, Energy, Government and Media sectors. At the DNC, both Cozy Bear and Fancy Be |
| Sandworm | Unspecified | 1 | Sandworm, a threat actor linked to Russia, has been implicated in numerous high-profile cyber attacks. This group's activities have primarily targeted Ukraine, compromising the country's critical infrastructure and telecommunications providers. The Sandworm group is known for its fileless attack met |
| APT28 | Unspecified | 1 | APT28, also known as Fancy Bear, is a threat actor linked to Russia and has been involved in numerous cyber espionage campaigns. The group is notorious for its sophisticated tactics, techniques, and procedures (TTPs). Recently, NATO and the EU formally condemned APT28's activities, acknowledging the |
| Darknet Parliament | Unspecified | 1 | Darknet Parliament is a threat actor collective formed by pro-Russian hacktivist groups Killnet, Anonymous Sudan, and the resurged REvil. This alliance was publicly announced on June 16th, as seen in a post on the Killnet Telegram channel. The formation of Darknet Parliament appears to be a response |
| Xaknet Team | Unspecified | 1 | XakNet Team is a notable threat actor that has emerged amidst the escalation of conflict in Ukraine. This group, along with other self-proclaimed hacktivist groups such as CyberArmyofRussia_Reborn and Infoccentr, have surfaced since the beginning of the war, engaging in malicious cyber activities. X |
| Ddosia | Unspecified | 1 | Ddosia, a project launched by the pro-Russian hacktivist group NoName057(16), is a significant threat actor that has been facilitating continuous DDoS attacks on government and private organization websites. Initiated in July 2022, the Ddosia project mirrors similar initiatives like the pro-Ukrainia |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| iLeakage | Unspecified | 1 | iLeakage is a notable software vulnerability that impacts Apple devices, specifically through the Safari web browser. This flaw in software design or implementation allows attackers to exploit Safari and illicitly acquire data from users' devices. The iLeakage attack technique has raised significant |
| Anonymous Sudan's Killnet | Unspecified | 1 | None |
| Killnet's Anonymous Sudan | Unspecified | 1 | None |
| Source | CreatedAt | Title |
|---|---|---|
| ESET | a month ago | Hacktivism is evolving – and that could be bad news for organizations everywhere |
| RIA - Information System Authority | 2 months ago | Trends and Challenges in Cyber Security – Q1 2022 |
| Securityaffairs | 2 months ago | Pro-Russia hackers targeted Kosovo government websites |
| DARKReading | 3 months ago | 87% of DDoS Attacks Targeted Windows OS Devices in 2023 |
| InfoSecurity-magazine | 3 months ago | RSAC: Threat Actors Weaponize Hacktivism for Financial Gain |
| InfoSecurity-magazine | 3 months ago | Hackers Target New NATO Member Sweden with Surge of DDoS Attacks |
| DARKReading | 4 months ago | How Nation-State DDoS Attacks Impact Us All |
| InfoSecurity-magazine | 4 months ago | US Government Releases New DDoS Attack Guidance for Public Sector |
| CERT-EU | 4 months ago | French Government Suffers Severe Cyber Attacks |
| CERT-EU | 5 months ago | Cyber Attack on France government websites - Cybersecurity Insiders |
| CERT-EU | 5 months ago | Operational Technology Threats - ReliaQuest |
| Securityaffairs | 5 months ago | National intelligence agency of Moldova warns of Russia attacks ahead of the presidential election |
| CERT-EU | 5 months ago | Down, Not Out: Russian Hacktivists Claiming DDoS Disruptions |
| BankInfoSecurity | 5 months ago | Down, Not Out: Russian Hacktivists Claiming DDoS Disruptions |
| BankInfoSecurity | 6 months ago | Swiss Government Reports Nuisance-Level DDoS Disruptions |
| CERT-EU | 6 months ago | How Ukraine built a volunteer IT army from scratch | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting |
| CERT-EU | 6 months ago | British Cosmetics Retailer Lush Investigating Cyber Attack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
| DARKReading | 7 months ago | Who Is Behind Pro-Ukrainian Cyberattacks on Iran? |
| CERT-EU | 7 months ago | Low cost, high reward: The hackers holding Australia to ransom |
| CERT-EU | 7 months ago | How Russia’s NoName057(16) could be a new model for hacking groups | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting |