SiegedSec

Last updated
SiegedSec
Nickname"Gay Furry Hackers"
FormationApril 2022;2 years ago (2022-04)
DissolvedJuly 2024;0 months ago (2024-07)
Type Cybercrime gang
Purpose Hacktivism
Region
International
Methods Hacking
Membership
"vio", "Kry", "Kit"
Official language
English
Leader"vio"

SiegedSec, short for Sieged Security and commonly self-referred to as the "Gay Furry Hackers", [1] [2] was a black-hat criminal hacktivist group that was formed in early 2022, that committed a number of high profile cyber attacks, including attacks on NATO, [3] [4] [5] The Idaho National Laboratory, [1] [2] and Real America's Voice. [6] [7] On July 10, 2024, the group announced that they would be disbanding after attacking The Heritage Foundation. [8]

Contents

Description

SiegedSec was led by an individual under the alias "vio". [9] Short for "Sieged Security", [10] [11] [12] SiegedSec's Telegram channel was first created in April 2022, [13] and they commonly referred to themselves as "gay furry hackers". [14] [15] On multiple occasions, the group targeted right-wing movements through breaching data, including The Heritage Foundation, [16] [17] Real America's Voice, [18] as well as various U.S. states that have pursued legislative decisions against gender-affirming care. [19]

Notable attacks

#OpTransRights movements

In June 2023, SiegedSec targeted several United States government entities to protest anti–gender-affirming-care bills. The hackers released a variety of data including data from the Government of Fort Worth Texas, The Nebraska Supreme Court, and South Carolina police files. [19]

In April and May 2024, SiegedSec began their second trans rights operation, #OpTransRights2. The hackers successfully targeted and leaked data from Real America's Voice [6] [7] and River Valley Church. [29]

Investigations

Following the Idaho National Laboratory attack, it was announced that the FBI as well as the Cybersecurity and Infrastructure Security Agency had been contacted to help investigate the incident. [30]

Related Research Articles

<span class="mw-page-title-main">Hacktivism</span> Computer-based activities as a means of protest

Internet activism, hacktivism, or hactivism, is the use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change. With roots in hacker culture and hacker ethics, its ends are often related to free speech, human rights, or freedom of information movements.

<span class="mw-page-title-main">Timeline of Internet conflicts</span>

The Internet has a long history of turbulent relations, major maliciously designed disruptions, and other conflicts. This is a list of known and documented Internet, Usenet, virtual community and World Wide Web related conflicts, and of conflicts that touch on both offline and online worlds with possibly wider reaching implications.

<span class="mw-page-title-main">Anonymous (hacker group)</span> Decentralized hacktivist group

Anonymous is a decentralized international activist and hacktivist collective and movement primarily known for its various cyberattacks against several governments, government institutions and government agencies, corporations and the Church of Scientology.

A supply chain attack is a cyber-attack that seeks to damage an organization by targeting less secure elements in the supply chain. A supply chain attack can occur in any industry, from the financial sector, oil industry, to a government sector. A supply chain attack can happen in software or hardware. Cybercriminals typically tamper with the manufacturing or distribution of a product by installing malware or hardware-based spying components. Symantec's 2019 Internet Security Threat Report states that supply chain attacks increased by 78 percent in 2018.

Cyberwarfare by Russia includes denial of service attacks, hacker attacks, dissemination of disinformation and propaganda, participation of state-sponsored teams in political blogs, internet surveillance using SORM technology, persecution of cyber-dissidents and other active measures. According to investigative journalist Andrei Soldatov, some of these activities were coordinated by the Russian signals intelligence, which was part of the FSB and formerly a part of the 16th KGB department. An analysis by the Defense Intelligence Agency in 2017 outlines Russia's view of "Information Countermeasures" or IPb as "strategically decisive and critically important to control its domestic populace and influence adversary states", dividing 'Information Countermeasures' into two categories of "Informational-Technical" and "Informational-Psychological" groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to "attempts to change people's behavior or beliefs in favor of Russian governmental objectives."

Cyberwarfare by China is the aggregate of all combative activities in the cyberspace which are taken by organs of the People's Republic of China, including affiliated advanced persistent threat (APT) groups, against other countries.

<span class="mw-page-title-main">LulzSec</span> Hacker group

LulzSec was a black hat computer hacking group that claimed responsibility for several high profile attacks, including the compromise of user accounts from PlayStation Network in 2011. The group also claimed responsibility for taking the CIA website offline. Some security professionals have commented that LulzSec has drawn attention to insecure systems and the dangers of password reuse. It has gained attention due to its high profile targets and the sarcastic messages it has posted in the aftermath of its attacks. One of the founders of LulzSec was computer security specialist Hector Monsegur, who used the online moniker Sabu. He later helped law enforcement track down other members of the organization as part of a plea deal. At least four associates of LulzSec were arrested in March 2012 as part of this investigation. Prior, British authorities had announced the arrests of two teenagers they alleged were LulzSec members, going by the pseudonyms T-flow and Topiary.

A cyberattack occurs when there is an unauthorized action against computer infrastructure that compromises the confidentiality, integrity, or availability of its content.

CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services.

The 2018 SingHealth data breach was a data breach incident initiated by unidentified state actors, which happened between 27 June and 4 July 2018. During that period, personal particulars of 1.5 million SingHealth patients and records of outpatient dispensed medicines belonging to 160,000 patients were stolen. Names, National Registration Identity Card (NRIC) numbers, addresses, dates of birth, race, and gender of patients who visited specialist outpatient clinics and polyclinics between 1 May 2015 and 4 July 2018 were maliciously accessed and copied. Information relating to patient diagnosis, test results and doctors' notes were unaffected. Information on Prime Minister Lee Hsien Loong was specifically targeted.

<span class="mw-page-title-main">Russo-Ukrainian cyberwarfare</span> Informatic component of the confrontation between Russia and Ukraine

Cyberwarfare is a component of the confrontation between Russia and Ukraine since the Revolution of Dignity in 2013-2014. While the first attacks on information systems of private enterprises and state institutions of Ukraine were recorded during mass protests in 2013, Russian cyberweapon Uroburos had been around since 2005. Russian cyberwarfare continued with the 2015 Ukraine power grid hack at Christmas 2015 and again in 2016, paralysis of the State Treasury of Ukraine in December 2016, a Mass hacker supply-chain attack in June 2017 and attacks on Ukrainian government websites in January 2022.

<span class="mw-page-title-main">2020 United States federal government data breach</span> US federal government data breach

In 2020, a major cyberattack suspected to have been committed by a group backed by the Russian government penetrated thousands of organizations globally including multiple parts of the United States federal government, leading to a series of data breaches. The cyberattack and data breach were reported to be among the worst cyber-espionage incidents ever suffered by the U.S., due to the sensitivity and high profile of the targets and the long duration in which the hackers had access. Within days of its discovery, at least 200 organizations around the world had been reported to be affected by the attack, and some of these may also have suffered data breaches. Affected organizations worldwide included NATO, the U.K. government, the European Parliament, Microsoft and others.

<span class="mw-page-title-main">2022 Ukraine cyberattacks</span> Attack on Ukrainian government and websites

During the prelude to the Russian invasion of Ukraine and the Russian invasion of Ukraine, multiple cyberattacks against Ukraine were recorded, as well as some attacks on Russia. The first major cyberattack took place on 14 January 2022, and took down more than a dozen of Ukraine's government websites. According to Ukrainian officials, around 70 government websites, including the Ministry of Foreign Affairs, the Cabinet of Ministers, and the National and Defense Council (NSDC), were attacked. Most of the sites were restored within hours of the attack. On 15 February, another cyberattack took down multiple government and bank services.

Lapsus$, stylised as LAPSUS$ and classified by Microsoft as Strawberry Tempest, is an international extortion-focused hacker group known for its various cyberattacks against companies and government agencies. The group was active in several countries, and has had its members arrested in Brazil and the UK in 2022. According to City of London Police at least two of the members were teenagers.

The 23andMe data leak was a data breach at personal genomics company 23andMe reported in October 2023. The cyberattack gathered profile and ethnicity information from millions of users. The affected customers were reported as primarily Ashkenazi Jews but also including hundreds of thousands of ethnically Chinese users. The hacker(s) stole information customers had chosen to share with their DNA matches, which could include name, profile photo, birth year, location, family surnames, grandparents' birthplaces, ethnicity estimates, mitochondrial DNA haplogroup, Y-chromosome DNA haplogroup, link to external family tree, and any text content a customer had optionally included in their "About" section. On October 6, 2023, the company confirmed that the hacker(s) had illicitly accessed data on approximately 6.9 million users.

On the morning of June 8, 2024, Kadokawa's website and the Japanese video-sharing platform Niconico, suffered a ransomware cyberattack by a Russian-linked hacker group called BlackSuit who claimed responsibility for the attack.

References

  1. 1 2 Rich Stanton (2023-11-23). "Self-described gay furry hackers breach one of the biggest nuclear labs in the US, and demand it begin researching 'IRL catgirls'". PC Gamer. Retrieved 2024-05-01.
  2. 1 2 "Self-proclaimed 'gay furry hackers' breach nuclear lab". Engadget. 2023-11-22. Retrieved 2024-05-01.
  3. 1 2 Lyons, Jessica. "NATO investigates hacktivist group's stolen data claims". www.theregister.com. Retrieved 2024-05-01.
  4. 1 2 "NATO investigates alleged data theft by SiegedSec hackers". BleepingComputer. Retrieved 2024-05-01.
  5. 1 2 Vicens, A. J. (2023-07-26). "NATO investigating apparent breach of unclassified information sharing platform". CyberScoop. Retrieved 2024-05-01.
  6. 1 2 Thalen, Mikael (2024-04-16). "Furry hackers far-right campaign sets sights on Charlie Kirk, Steve Bannon". The Daily Dot. Retrieved 2024-05-01.
  7. 1 2 Factora, James (19 April 2024). "Gay Furry Hacker Group SiegedSec Breached a Far-Right Media Outlet and Wreaked Havoc". Them. Condé Nast. Retrieved 12 July 2024.
  8. Thalen, Mikael (July 10, 2024). "Read the furious texts the Heritage Foundation sent furry hacking collective SiegedSec after breach". The Daily Dot . Retrieved July 10, 2024.
  9. 1 2 Cross, Alison (July 5, 2023). "UConn targeted in cyberattack allegedly by hacker in group known for targeting government agencies". Hartford Courant . Retrieved July 10, 2024.
  10. Anthony, Abigail (July 11, 2024). "Claws Out: 'Gay Furry Hackers' Target Heritage Foundation". National Review . Retrieved July 11, 2024.
  11. 1 2 Yeo, Amanda (November 24, 2023). "'Gay furry hackers' breach nuclear lab, demand it create catgirls". Mashable . Retrieved July 11, 2024.
  12. Spindler, Emily (November 24, 2023). "Gay Furry Hackers Break Into Nuclear Lab Data, Want Catgirls". Kotaku Australia . Retrieved July 11, 2024.
  13. Vicens, A. J. (July 9, 2024). "Hacktivists release two gigabytes of Heritage Foundation data". CyberScoop. Retrieved July 10, 2024.
  14. Cahill, Sebastian (July 14, 2023). "Gay furry hackers are targeting US states for passing anti-trans legislation". Business Insider . Retrieved July 10, 2024.
  15. 1 2 Musgrave, Shawn (July 9, 2024). ""Gay Furry Hackers" Claim Credit for Hacking Heritage Foundation Over Project 2025". The Intercept . Retrieved July 10, 2024.
  16. Hansford, Amelia (July 10, 2024). "'Gay furry hackers' steal 200GB of data in huge anti-Project 2025 cyber attack". PinkNews . Retrieved July 10, 2024.
  17. Liu, Nicholas (July 10, 2024). ""Gay furry hackers" claim credit for Heritage Foundation cyberattack". Salon.com . Retrieved July 10, 2024.
  18. Factora, James (April 19, 2024). "Gay Furry Hacker Group SiegedSec Breached a Far-Right Media Outlet and Wreaked Havoc". Them . Retrieved July 10, 2024.
  19. 1 2 Wilson, Jason (June 29, 2023). "'Gay furries' group hacks agencies in US states attacking gender-affirming care". The Guardian . Retrieved July 10, 2024.
  20. Hart, Kaitlyn (November 20, 2023). "Idaho National Laboratory experiences massive data breach; employee information leaked online". East Idaho News . Retrieved July 11, 2024.
  21. "Data Breach Resources".
  22. Greig, Jonathan (2024-04-16). "NATO 'actively addressing' alleged cyberattack affecting some websites". The Record. Retrieved 2024-05-09.
  23. Lyons, Jessica (October 4, 2023). "'Gay furry hackers' brag of second NATO break-in, steal and leak more data". The Register . Retrieved July 11, 2024.
  24. Vicens, A. J. (October 3, 2023). "NATO investigating breach, leak of internal documents". CyberScoop. Retrieved July 11, 2024.
  25. "Alleged SiegedSec attack against NATO under investigation". SC Magazine . October 4, 2023. Retrieved July 11, 2024.
  26. Thalen, Mikael (2023-10-30). "NATO 'actively addressing' alleged cyberattack affecting some websites". The Daily Dot. Retrieved 2024-05-09.
  27. Abrams, Lawrence (2023-02-16). "Atlassian data leak caused by stolen employee credentials". Bleeping Computer. Retrieved 2024-05-09.
  28. Musgrave, Shawn (July 10, 2024). ""Gay Furry Hackers" Feud With Heritage Foundation Exec". The Intercept . Retrieved July 11, 2024.
  29. Thalen, Mikael (2024-04-01). "Furry hackers spend stolen church funds on inflatable sea lions after pastor calls out Biden". The Daily Dot. Retrieved 2024-06-18.
  30. Greig, Jonathan (November 22, 2023). "Federal agencies investigating data breach at nuclear research lab". The Record by Recorded Future . Retrieved July 10, 2024.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.