List of hacker groups

Last updated December 10, 2024

This is a partial list of notable hacker groups, in alphabetical order:

Anonymous, originating in 2003, Anonymous was created as a group for people who fought for the right to privacy.
Anonymous Sudan, founded in 2023, a hacktivist group that claims to act against anti-Muslim activities, but allegedly is Russian backed and neither linked to Sudan nor Anonymous.
Bangladesh Black Hat Hackers, founded in 2012.
Chaos Computer Club (CCC), founded in 1981, it is Europe's largest association of hackers with 7,700 registered members.
Conti one of the most prolific ransomware groups of 2021, according to the FBI.^[1]
Cozy Bear, a Russian hacker group believed to be associated with one or more intelligence agencies of Russia.
Croatian Revolution Hackers, a now-defunct group of Croatian hackers credited with one of the largest attacks to have occurred in the Balkans.
Cult of the Dead Cow, also known as cDc or cDc Communications, is a computer hacker and DIY media organization founded in 1984 in Lubbock, Texas.
Cyber Partisans, a Belarusian hacktivist group that emerged in 2020, that performed attacks on the Belarusian government and governmental agencies.
DarkSide, a cybercriminal hacking group, believed to be based in Eastern Europe, that targets victims using ransomware and extortion.
DCLeaks, claims to be a group of "American hacktivists (though indicted individuals were found to be in Russia) who respect and appreciate freedom of speech, human rights and government of the people."
Decocidio is an anonymous, autonomous collective of hacktivists who are part of Earth First!, a radical environmental protest organization, and adheres to Climate Justice Action.
Derp, a hacker group that attacked several game sites in late 2013.
Digital DawgPound (DDP) The DDP was founded and named by StankDawg.
Equation Group, suspected to be the offensive operations wing of the U.S. National Security Agency.
Fancy Bear, a Russian cyberespionage group.
Genocide2600, a group that gained notoriety for combating child pornography. Disbanded in 2009.
Ghost Squad Hackers, or by the abbreviation "GSH" is a politically motivated hacking team established in 2015.
Global kOS was a grey hat (leaning black hat) computer hacker group active from 1996 through 2000.
globalHell was a group of hackers, composed of about 60 individuals. The group disbanded in 1999 when 12 members were prosecuted for computer intrusion and 30 for lesser offenses.
Goatse Security (GoatSec) is a loose-knit, nine-person grey hat hacker group that specializes in uncovering security flaws.
Hackweiser is an underground hacking group and hacking magazine founded in 1999.
Hafnium Possibly with Chinese associations, responsible for the 2021 Microsoft Exchange Server data breach.
Hive was a notorious ransomware as a service (RaaS) criminal organization that targeted mainly public institutions.^[2]
Honker Union is a group known for hacktivism, mainly present in Mainland China, whose members launched a series of attacks on websites in the United States, mostly government-related sites.
International Subversives was a group of three hackers including Julian Assange under the name Mendax,^[3]^[4]^[5]^[6]^[7] supposedly taken from Horace's splendide mendax (nobly lying)^[8]^[9]^[10]^[11] and two others, known as "Trax" and "Prime Suspect" who regularly hacked into corporations like Nortel and systems belonging to a "who's who of the U.S. military-industrial complex".^[3]^[8]^[12]
Iranian Cyber Army unofficially confirmed to be connected to government.
Islamic State Hacking Division, a Jihadist hacking group associated with the Islamic State.
IT Army of Ukraine is a volunteer cyberwarfare organisation created amidst the 2022 Russian invasion of Ukraine.
Killnet is a pro-Russian group that attacked several countries' government institutions and attempted to DDoS the 2022 Eurovision Song Contest website.^[13]
L0pht, was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area.
Lapsus$, a black-hat hacker group known for using extortion tactics. active since late 2021, allegedly dumping data from Microsoft, Samsung and Nvidia, and with members arrested in March 2022.
Lazarus Group, with strong links to the North Korean government, involved in the Sony Pictures hack, the Bangladesh Bank robbery and the WannaCry ransomware attack.
Legion of Doom; LOD was a hacker group active in the early 80s and mid-90s. Had noted rivalry with Masters of Deception (MOD).
Legion Hacktivist Group, a hacking group that hijacked the Indian Yahoo server and hacked online news portals of India.
Level Seven was a hacking group during the mid to late 1990s. Eventually dispersing in early 2000 when their nominal leader "vent" was raided by the FBI on February 25, 2000.
Lizard Squad, known for their claims of distributed denial-of-service (DDoS) attacks^[14] primarily to disrupt gaming-related services. Currently broken up.
Lords of Dharmaraja, an India based security hacking group which threatened in 2012 to release the source code of Symantec's product Norton Antivirus.
LulzSec, a group of hackers originating and disbanding in 2011 that claimed to hack "for the lulz".
Masters of Deception, MOD's initial membership grew from meetings on Loop-Around Test Lines in the early- to mid-1980s. Had noted rivalry with Legion of Doom (LOD).
Mazafaka, financially motivated group and crime forum.
milw0rm is a group of "hacktivists" best known for penetrating the computers of the Bhabha Atomic Research Centre (BARC) in Mumbai.
NCPH is a Chinese hacker group based out of Zigong in Sichuan Province.
Noisebridge, a hackerspace located in San Francisco which goes by the early definition of hacking and not security hacking.
Noname057(16) a Russian speaking hacker group, attacks aligned with Russia's invasion in Ukraine
OurMine, a hacker group of unknown origin that has compromised various websites and Twitter accounts as a way of advertising their "professional services".
P.H.I.R.M., an early hacking group that was founded in the early 1980s.
Phone Losers of America, an internet prank call community founded in 1994 as a phone phreaking and hacking group.
Play, a ransomware extortion group, experts believe them to be from Russia.
Powerful Greek Army, is a Greek group of black-hat computer hackers founded in 2016.
RedHack is a socialist hacker group based in Turkey, founded in 1997. They usually launch attacks against the Turkish government's websites and leak secret documents of the Turkish government.
Rhysida group behind the 2023 British Library cyberattack and the Insomniac games dump using ransomware-as-a-service.
Rocket Kitten or the Rocket Kitten Group is a hacker group thought to be linked to the Iranian government. Formed in 2010 by the hacker personas "Cair3x" and "HUrr!c4nE!".
Sandworm, also known as Unit 74455, a Russian cyber military unit of the GRU.
The Shadow Brokers (TSB), originating in summer 2016. They published several leaks containing hacking tools, including several zero-day exploits of the National Security Agency (NSA).
ShinyHunters is a Hacker Group that is said to be responsible for numerous data breaches in 2020 and 2021.
TeaMp0isoN is a group of black-hat computer hackers established in mid-2009.
Telecomix, a hacktivist group mainly known for circumventing internet censorship during multiple political events.
TeslaTeam is a group of black-hat computer hackers from Serbia established in 2010.
TESO was a hacker group originating in Austria that was active primarily from 1998 to 2004.
The Unknowns is a group of white-hat hackers that exploited many high-profiled websites and became very active in 2012 when the group was founded and disbanded.
Turla one of the most sophisticated groups supporting the Russian government.
UGNazi, a hacking group led by JoshTheGod, was founded in 2011. They are best known for several attacks on US government sites,^[15] leaking WHMC's database,^[16] DDoS attacks, and exposing personal information of celebrities and other high-profile figures on exposed.su.
Vice Society, a Russian-speaking hacker group known for attacks on healthcare and education organizations
Wizard Spider Russian / Ukrainian hacker group, suspected of being behind the Ireland Health Service Executive cyberattack, sometimes called Trickbot per the malware.
Yemen Cyber Army, a pro-Yemeni hacker group that has claimed responsibility for the defacement of the London-based pro-Saudi Al-Hayat website in April 2015, as well as the exfiltration of data from the Saudi Arabia's Ministry of Foreign Affairs in May subsequently listed on WikiLeaks.
YIPL/TAP - Youth International Party Line or Technological Assistance Program, was an early phone phreak organization and publication created in the 1970s by activists Abbie Hoffman.
Xbox Underground, an international group responsible for hacking game developers, including Microsoft.
UNC1151, believed to be based in Belarus.

Related Research Articles

Internet activism, hacktivism, or hactivism, is the use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change. With roots in hacker culture and hacker ethics, its ends are often related to free speech, human rights, or freedom of information movements.

The Internet has a long history of turbulent relations, major maliciously designed disruptions, and other conflicts. This is a list of known and documented Internet, Usenet, virtual community and World Wide Web related conflicts, and of conflicts that touch on both offline and online worlds with possibly wider reaching implications.

<span class="mw-page-title-main">Jeremy Hammond</span> American political activist and hacker

Jeremy Alexander Hammond, also known by his online moniker sup_g, is an American anarchist activist and former computer hacker from Chicago. He founded the computer security training website HackThisSite in 2003. He was first imprisoned over the Protest Warrior hack in 2005 and was later convicted of computer fraud in 2013 for hacking the private intelligence firm Stratfor and releasing data to WikiLeaks, and sentenced to 10 years in prison.

Anonymous is a decentralized international activist and hacktivist collective and movement primarily known for its various cyberattacks against several governments, government institutions and government agencies, corporations and the Church of Scientology.

Operation Payback was a coordinated, decentralized group of attacks on high-profile opponents of Internet piracy by Internet activists using the "Anonymous" moniker. Operation Payback started as retaliation to distributed denial of service (DDoS) attacks on torrent sites; piracy proponents then decided to launch DDoS attacks on piracy opponents. The initial reaction snowballed into a wave of attacks on major pro-copyright and anti-piracy organizations, law firms, and individuals. The Motion Picture Association of America, the Pirate Party UK and United States Pirate Party criticised the attacks.

The Jester is a self-identified grey hat hacktivist. He claims to be responsible for attacks on WikiLeaks and Islamist websites. He claims to be acting out of American patriotism.

LulzSec is a grey hat computer hacking group that claimed responsibility for several high profile attacks, including the compromise of user accounts from PlayStation Network in 2011. The group also claimed responsibility for taking the CIA website offline. Some security professionals have commented that LulzSec has drawn attention to insecure systems and the dangers of password reuse. It has gained attention due to its high profile targets and the sarcastic messages it has posted in the aftermath of its attacks. One of the founders of LulzSec was computer security specialist Hector Monsegur, who used the online moniker Sabu. He later helped law enforcement track down other members of the organization as part of a plea deal. At least four associates of LulzSec were arrested in March 2012 as part of this investigation. Prior, British authorities had announced the arrests of two teenagers they alleged were LulzSec members, going by the pseudonyms T-flow and Topiary.

Teamp0ison was a computer security research group consisting of 3 to 5 core members. The group gained notoriety in 2011/2012 for its blackhat hacking activities, which included attacks on the United Nations, NASA, NATO, Facebook, Minecraft Pocket Edition Forums, and several other large corporations and government entities. TeaMp0isoN disbanded in 2012 following the arrests of some of its core members, "TriCk", and "MLT".

Hector Xavier Monsegur, known also by the online pseudonym Sabu, is an American computer hacker and co-founder of the hacking group LulzSec. Monsegur became an informant for the FBI, working with the agency for over ten months to aid them in identifying the other hackers from LulzSec and related groups while facing a sentence of 124 years in prison. LulzSec intervened in the affairs of organizations such as News Corporation, Stratfor, UK and American law enforcement bodies and Irish political party Fine Gael.

Anonymous is a decentralised virtual community. They are commonly referred to as an internet-based collective of hacktivists whose goals, like its organization, are decentralized. Anonymous seeks mass awareness and revolution against what the organization perceives as corrupt entities, while attempting to maintain anonymity. Anonymous has had a hacktivist impact. This is a timeline of activities reported to be carried out by the group.

<span class="mw-page-title-main">NullCrew</span>

NullCrew was a hacktivist group founded in 2012 that took responsibility for multiple high-profile computer attacks against corporations, educational institutions, and government agencies.

Ryan Ackroyd, a.k.a.Kayla and also lolspoon, is a former black hat hacker who was one of the six core members of the computer hacking group "LulzSec" during its 50-day spree of attacks from 6 May 2011 until 26 June 2011. Throughout the time, Ackroyd posed as a female hacker named "Kayla" and was responsible for the penetration of multiple military and government domains and many high profile intrusions into the networks of Gawker in December 2010, HBGaryFederal in 2011, PBS, Sony, Infragard Atlanta, Fox Entertainment and others. He eventually served 30 months in prison for his hacking activities.

On October 21, 2016, three consecutive distributed denial-of-service attacks were launched against the Domain Name System (DNS) provider Dyn. The attack caused major Internet platforms and services to be unavailable to large swathes of users in Europe and North America. The groups Anonymous and New World Hackers claimed responsibility for the attack, but scant evidence was provided.

Hack Forums is an Internet forum dedicated to discussions related to hacker culture and computer security. The website ranks as the number one website in the "Hacking" category in terms of web-traffic by the analysis company Alexa Internet. The website has been widely reported as facilitating online criminal activity, such as the case of Zachary Shames, who was arrested for selling keylogging software on Hack Forums in 2013 which was used to steal personal information.

Distributed Denial of Secrets, abbreviated DDoSecrets, is a nonprofit whistleblower site founded in 2018 for news leaks. The site is a frequent source for other news outlets and has worked on investigations including Cyprus Confidential with other media organizations. In December 2023, the organization said it had published over 100 million files from 59 countries.

Emma Best is an American investigative reporter and whistleblower. They gained national attention for their work with WikiLeaks and activist Julian Assange. Best is known for prolific filing of Freedom of Information Act (FOIA) requests on behalf of MuckRock and co-founding the whistleblower site Distributed Denial of Secrets (DDoSecrets).

The IT Army of Ukraine is a volunteer cyberwarfare organisation created at the end of February 2022 to fight against digital intrusion of Ukrainian information and cyberspace after the beginning of the Russian invasion of Ukraine on February 24, 2022. The group also conducts offensive cyberwarfare operations, and Chief of Head of State Special Communications Service of Ukraine Victor Zhora said its enlisted hackers would only attack military targets.

Anonymous, a decentralized international activist and hacktivist collective, has conducted numerous cyber-operations against Russia since February 2022 when the Russian invasion of Ukraine began.

SiegedSec, short for Sieged Security and commonly self-described as the "Gay Furry Hackers", was a black-hat Cyberterrorist group, that was formed in early 2022, that committed a number of high profile cyber attacks, including attacks on NATO, Idaho National Laboratory, and Real America's Voice. On July 10, 2024, after attacking The Heritage Foundation, the group announced that they would be disbanding in an effort to avoid closer scrutiny.

References

↑ Pitrelli, Monica (2022-04-14). "Leaked documents show notorious ransomware group has an HR department, performance reviews and an 'employee of the month'". CNBC. Retrieved 2023-06-25.
↑ Lowell, Hugo (2023-01-26). "US authorities seize servers for Hive ransomware group". The Guardian. ISSN 0261-3077 . Retrieved 2023-06-25.
1 2 Khatchadourian, Raffi (7 June 2010). "No secrets: Julian Assange's mission for total transparency". The New Yorker . Retrieved 16 March 2014.
↑ "The Man Behind Wikileaks: A Julian Assange Cheat Sheet". Vanity Fair. 2010-07-26. Retrieved 2022-10-13.
↑ Greenberg, Andy. "Breaking Down the Hacking Case Against Julian Assange". Wired. ISSN 1059-1028 . Retrieved 2022-10-13.
↑ "Julian Assange: the teen hacker who became insurgent in information war". the Guardian. 2011-01-30. Retrieved 2022-10-13.
↑ "The most shocking revelations to come from WikiLeaks". au.news.yahoo.com. 3 October 2021. Retrieved 2023-02-21.
1 2 Dreyfus, Suelette (1997). Underground: Tales of Hacking, Madness and Obsession on the Electronic Frontier. Mandarin. ISBN 1-86330-595-5.
↑ Bustillos, Maria (17 June 2013). "He Told You So: Julian Assange, the NSA, and Edward Snowden". Pacific Standard . Retrieved 16 September 2021. Assange's youthful hacker name was Mendax ('lying'), allegedly from Horace's phrase 'splendide mendax,' or 'nobly lying'.
↑ Harrell, Eben (2010-07-26). "Mystery Hacker: Who Is WikiLeaks Founder Julian Assange?". Time. ISSN 0040-781X . Retrieved 2023-02-13.
↑ Assange, Julian (2011-09-21). "Julian Assange: 'I am – like all hackers – a little bit autistic'". The Independent. Retrieved 2023-02-13.
↑ "Julian Assange: The man who exposed the world". Macleans.
↑ "Russian hackers declare war on 10 countries after failed Eurovision DDoS attack". techcentral.ie. 2022-05-16. Retrieved 2022-05-22.
↑ "How A Hacker Gang Saved Christmas For Video Game Players Everywhere". Business Insider. Retrieved 25 December 2014.
↑ "Manhattan U.S. Attorney and FBI Assistant Director in Charge Announce 24 Arrests in Eight Countries as Part of International Cyber Crime Takedown". fbi.gov. June 26, 2012. Retrieved 11 September 2018.
↑ Greenberg, Andy (May 22, 2012). "Hackers Impersonate Web Billing Firm's Staff To Spill 500,000 Users' Passwords And Credit Cards". Forbes. Retrieved 11 September 2018.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Pitrelli, Monica (2022-04-14). "Leaked documents show notorious ransomware group has an HR department, performance reviews and an 'employee of the month'". CNBC. Retrieved 2023-06-25.

[2] Lowell, Hugo (2023-01-26). "US authorities seize servers for Hive ransomware group". The Guardian. ISSN 0261-3077 . Retrieved 2023-06-25.

[Khatchadourian-3] 1 2 Khatchadourian, Raffi (7 June 2010). "No secrets: Julian Assange's mission for total transparency". The New Yorker . Retrieved 16 March 2014.

[:2-4] "The Man Behind Wikileaks: A Julian Assange Cheat Sheet". Vanity Fair. 2010-07-26. Retrieved 2022-10-13.

[:6-5] Greenberg, Andy. "Breaking Down the Hacking Case Against Julian Assange". Wired. ISSN 1059-1028 . Retrieved 2022-10-13.

[:7-6] "Julian Assange: the teen hacker who became insurgent in information war". the Guardian. 2011-01-30. Retrieved 2022-10-13.

[:31-7] "The most shocking revelations to come from WikiLeaks". au.news.yahoo.com. 3 October 2021. Retrieved 2023-02-21.

[Underground-8] 1 2 Dreyfus, Suelette (1997). Underground: Tales of Hacking, Madness and Obsession on the Electronic Frontier. Mandarin. ISBN 1-86330-595-5.

[9] Bustillos, Maria (17 June 2013). "He Told You So: Julian Assange, the NSA, and Edward Snowden". Pacific Standard . Retrieved 16 September 2021. Assange's youthful hacker name was Mendax ('lying'), allegedly from Horace's phrase 'splendide mendax,' or 'nobly lying'.

[:20-10] Harrell, Eben (2010-07-26). "Mystery Hacker: Who Is WikiLeaks Founder Julian Assange?". Time. ISSN 0040-781X . Retrieved 2023-02-13.

[:21-11] Assange, Julian (2011-09-21). "Julian Assange: 'I am – like all hackers – a little bit autistic'". The Independent. Retrieved 2023-02-13.

[12] "Julian Assange: The man who exposed the world". Macleans.

[13] "Russian hackers declare war on 10 countries after failed Eurovision DDoS attack". techcentral.ie. 2022-05-16. Retrieved 2022-05-22.

[14] "How A Hacker Gang Saved Christmas For Video Game Players Everywhere". Business Insider. Retrieved 25 December 2014.

[15] "Manhattan U.S. Attorney and FBI Assistant Director in Charge Announce 24 Arrests in Eight Countries as Part of International Cyber Crime Takedown". fbi.gov. June 26, 2012. Retrieved 11 September 2018.

[16] Greenberg, Andy (May 22, 2012). "Hackers Impersonate Web Billing Firm's Staff To Spill 500,000 Users' Passwords And Credit Cards". Forbes. Retrieved 11 September 2018.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

List of hacker groups

See also

Related Research Articles

References