Security News
The Sandworm hacking group associated with Russian military intelligence has been hiding attacks and operations behind multiple online personas posing as hacktivist groups. Sandworm - a.k.a. BlackEnergy, Seashell Blizzard, Voodoo Bear, has been active since at least 2009, with multiple governments attributing its operations to Unit 74455, the Main Centre for Special Technologies within the Main Directorate of the General Staff of the Armed Forces of the Russian Federation, better known as the Main Intelligence Directorate.
The Solntsepek group has taken credit for the attack. They're linked to the Russian military, so it's unclear whether the attack was government directed or freelance.
Hacktivists reportedly disrupted services at about 70 percent of Iran's gas stations in a politically motivated cyberattack. Iran's oil minister Javad Owji confirmed on Monday the IT systems of the nation's petrol stations had been attacked as Iranian media told of long queues at the pumps and traffic jams - particularly in Tehran - as folks tried and failed to fill up.
INL is a nuclear research center run by the U.S. Department of Energy that employs 5,700 specialists in atomic energy, integrated energy, and national security. The INL complex extends over an 890-square-mile area, encompassing 50 experimental nuclear reactors, including the first ones in history to produce usable amounts of electricity and the first power plant designed for nuclear submarines.
A pro-Hamas hacktivist group has been observed using a new Linux-based wiper malware dubbed BiBi-Linux Wiper, targeting Israeli entities amidst the ongoing Israeli-Hamas war. "This malware is an...
Hacktivism efforts have proliferated rapidly in the Middle East following the official announcement of a war between Palestine and Israel. At least 15 known cybercriminal, ransomware, and hacktivist groups have announced their active participation in disruptive attacks targeting institutions in Israel and Palestine, as well as their supporters.
Entities using the name and iconography of Anonymous claim to have conducted cyberprotests against the Japanese government for actions related to the release of wastewater from the Fukushima Daini Nuclear Power Plant. In an operation dubbed "Tango Down", The Anonymous Italia Collective claims to have attacked 21 government and other websites associated with the decision to release wastewater from the Fukushima facility, which in 2011 infamously experienced damage to three reactor cores after an earthquake and tsunami disabled safety systems.
Israeli cyber-intelligence firm KELA notes that although hacktivism appears to be about causing service disruption through DDoS attacks or reputation damage via data leaks, the modus operandi of these threat groups encompasses a broader scope of activities, including common cybercrime tactics. Starting with the pro-Russia group Killnet, KELA says the hacktivists promoted a botnet for hire in November 2021, but their monetization methods expanded significantly in 2023.
NATO is investigating claims by miscreants that they broke into the military alliance's unclassified information-sharing and collaboration IT environment, stole information belonging to 31 nations, and leaked 845 MB of compressed data. On July 23, SiegedSec, a crew that describes itself as "Gay furry hackers" and typically targets governments in politically motivated stunts, shared what was said to be stolen NATO documents via the gang's Telegram channel.
The project was launched by a pro-Russian hacktivist group known as "NoName057(16)" last summer, quickly reaching 400 active members and 13,000 users on its Telegram channel. In a new report released today, Sekoia analysts say that the DDoSia platform has grown significantly over the year, reaching 10,000 active members contributing firepower to the project's DDoS attacks and 45,000 subscribers on its main Telegram channel.