Threatsec

Threat Actor Profile Updated 3 months ago
Download STIX
Preview STIX
ThreatSec is a prominent threat actor, or hacking team, known for its malicious cyber activities. It's part of a larger network that includes other hacktivist groups such as GhostSec, Stormous, Blackforums, and SiegedSec, collectively referred to as the modern-day Five Families group. This coalition engages in a range of cybercriminal activities, including denial-of-service (DoS) attacks, ransomware attacks, and extensive hacking campaigns. The group also has connections with newer entities like KittenSec, which acknowledges its ties with ThreatSec and others. In November 2023, ThreatSec made headlines when it claimed to have gained full control over the IP routing for more than 5,000 servers in the Gaza region. This represented a significant escalation in the group's activities and demonstrated its advanced capabilities. Among the group's notable targets was Alfanet, an internet service provider based in the Gaza Strip. ThreatSec's attack on Alfanet resulted in the shutdown of literally every server owned by the ISP, thereby causing widespread disruption. The attack on Alfanet was independently verified by Doug Madory from monitoring firm Kentik, who confirmed the inaccessibility of Alfanet's services following ThreatSec's claim. Some services remained offline even after the initial report, underlining the severity and impact of the attack. While ThreatSec is known for its anti-oppression stance, its actions have significant consequences, often resulting in widespread service disruptions and potential security risks. As such, it remains a subject of intense focus within cybersecurity circles.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Siegedsec
2
SiegedSec, a threat actor group in the cybersecurity landscape, has been implicated in several high-profile cyber attacks. The group is known for its politically motivated actions and has recently claimed responsibility for an attack on the North Atlantic Treaty Organization (NATO). This recent even
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Denial of Se...
Israel
Cyberscoop
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
GhostsecUnspecified
2
GhostSec is a malicious software (malware) identified as a significant cybersecurity threat. This harmful program, designed to exploit and damage computers or devices, infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once embedded, it can steal pe
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
KittenSecUnspecified
1
KittenSec, a self-proclaimed hacktivist group, has emerged as a significant threat actor in the cybersecurity landscape. The group claims to "pwn anything we see" with the stated goal of exposing corruption. Their activities have been linked to a range of cyber-attacks and infiltrations across diffe
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Threatsec Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
5 months ago
Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries
CERT-EU
5 months ago
Operational Technology Threats - ReliaQuest
Securityaffairs
5 months ago
Watch out, GhostSec and Stourmous groups jointly conducting ransomware attacks
CERT-EU
5 months ago
Watch out, GhostSec and Stourmous groups jointly conducting ransomware attacks | #ransomware | #cybercrime | National Cyber Security Consulting
CERT-EU
5 months ago
GhostSec Evolves With Website Compromise Tools
DARKReading
9 months ago
Hackers For Hire Hit Both Sides in Israel-Hamas Conflict
CERT-EU
9 months ago
Activist Hackers Are Racing Into the Israel-Hamas War—for Both Sides
CERT-EU
9 months ago
Activist Hackers Target Government Websites Amid Escalating Israel-Hamas War
CERT-EU
9 months ago
The Israel–Hamas Conflict: Implications for the Cyber Threat Landscape - ReliaQuest
Securityaffairs
9 months ago
Both pro-Israeli and pro-Palestinian hacktivists have joined the fight and are targeting SCADA and ICS systems.
CERT-EU
9 months ago
A Growing Cyberwar in the Widening Israeli-Hamas Conflict
CERT-EU
9 months ago
Hacktivism erupts in Middle East as Israel declares war
CERT-EU
a year ago
Organizations in NATO countries claimed to be compromised by hacktivist operation
CERT-EU
a year ago
Hacking group KittenSec claims to 'pwn anything we see' to expose corruption
CERT-EU
a year ago
Hacking group KittenSec claims to 'pwn anything we see' to expose corruption