Siegedsec

Threat Actor updated 23 days ago (2024-11-29T13:55:47.455Z)
Download STIX
Preview STIX
SiegedSec, a threat actor group with both hacktivist and crimeware tendencies, has been involved in several significant cyberattacks. As part of an alliance known as The Five Families, which includes another prominent hacktivist group, GhostSec, SiegedSec has targeted various entities around the globe. The group is known for its politically motivated actions, often responding to events or decisions they perceive as unjust. In May 2024, SiegedSec gained unauthorized access to satellite receivers in Colombia, purportedly in response to the arrest of a hacker by Colombian authorities. Later that year, on July 2nd, the group claimed responsibility for a major breach against the Heritage Foundation. In this attack, SiegedSec allegedly obtained passwords and other user information for every user of a Heritage Foundation database. They also claimed possession of over 200 gigabytes of additional data, which they described as "mostly useless" and had no intention of releasing. Recently, NATO has begun investigating a new cyberattack claimed by SiegedSec. This follows another notable incident where the group targeted the Idaho National Laboratory (INL), demonstrating their capability to infiltrate high-security environments. These incidents underline the significant cybersecurity threat posed by SiegedSec, necessitating continued vigilance and robust security measures from potential targets.
Description last updated: 2024-11-15T16:00:53.604Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Threatsec is a possible alias for Siegedsec. ThreatSec is a prominent threat actor, or hacking team, known for its malicious cyber activities. It's part of a larger network that includes other hacktivist groups such as GhostSec, Stormous, Blackforums, and SiegedSec, collectively referred to as the modern-day Five Families group. This coalition
2
KittenSec is a possible alias for Siegedsec. KittenSec, a self-proclaimed hacktivist group, has emerged as a significant threat actor in the cybersecurity landscape. The group claims to "pwn anything we see" with the stated goal of exposing corruption. Their activities have been linked to a range of cyber-attacks and infiltrations across diffe
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Telegram
Hacktivist
Denial of Se...
Atlassian
Israeli
Ics
Israel
Ransomware
Nato
Cybercrime
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Ghostsec Malware is associated with Siegedsec. GhostSec is a malware program that has been involved in significant cybercrime activities. Notably, this malicious software is designed to exploit and damage computer systems, infiltrating through suspicious downloads, emails, or websites without the user's knowledge. Once inside, GhostSec can stealUnspecified
3
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The Anonymous Sudan Threat Actor is associated with Siegedsec. Anonymous Sudan is a threat actor that has been involved in executing numerous Distributed Denial of Service (DDoS) attacks against various entities worldwide between January 2023 and March 2024. The group consistently used social media platforms, notably Telegram, to claim responsibility for their Unspecified
2
The KillNet Threat Actor is associated with Siegedsec. Killnet is a threat actor or group with potential ties to the Russian government, known for its disruptive cyber-attacks. This group has been linked to several politically motivated attacks, including a significant assault on the Israeli government's website leading to its paralysis. Killnet has alsUnspecified
2
Source Document References
Information about the Siegedsec Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Securelist
a month ago
Securelist
a month ago
Securityaffairs
4 months ago
Securityaffairs
5 months ago
Malwarebytes
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
7 months ago
Securelist
7 months ago
Securityaffairs
8 months ago
Securityaffairs
8 months ago
Securityaffairs
8 months ago
Securityaffairs
8 months ago
Securityaffairs
9 months ago
Securityaffairs
9 months ago