Login
Login

List of hacker groups

{{Short description|none}}

{{more citations needed|date=September 2021}}

This is a partial list of notable hacker groups, in alphabetical order:

  • Anonymous, originating in 2003, Anonymous was created as a group for people who fought for the right to privacy.
  • Anonymous Sudan, founded in 2023, a hacktivist group that claims to act against anti-Muslim activities, but allegedly is Russian backed and neither linked to Sudan nor Anonymous.{{cite web |url=https://www.cloudflare.com/learning/ddos/glossary/anonymous-sudan/ |title=What is Anonymous Sudan? |website=Cloudflare |access-date=2025-04-16}}
  • Bangladesh Black Hat Hackers, founded in 2012.{{cite news |url=https://www.thedailystar.net/backpage/news/bangladeshi-hackers-shut-down-20000-indian-sites-1616851 |title=Bangladeshi hackers shut down 20,000 Indian sites |publisher=The Daily Star |date=2018-06-28 |access-date=2025-04-16}}
  • Chaos Computer Club (CCC), founded in 1981, it is Europe's largest association of hackers with 7,700 registered members.
  • Conti one of the most prolific ransomware groups of 2021, according to the FBI.{{Cite web |last=Pitrelli |first=Monica |date=2022-04-14 |title=Leaked documents show notorious ransomware group has an HR department, performance reviews and an 'employee of the month' |url=https://www.cnbc.com/2022/04/14/conti-ransomware-leak-shows-group-operates-like-normal-tech-company.html |access-date=2023-06-25 |website=CNBC |language=en}}
  • Cozy Bear, a Russian hacker group believed to be associated with one or more intelligence agencies of Russia.{{cite web |url=https://www.crowdstrike.com/adversaries-directory/cozy-bear/ |title=Cozy Bear |publisher=Crowdstrike |access-date=2025-04-16}}{{cite news |url=https://www.politico.eu/article/russia-hackers-cozy-bear-european-diplomats-wine-tasting-events/ |title=Russian state hackers target European diplomats — with fake wine-tasting events |publisher=Politico Europe |date=2024-01-11 |access-date=2025-04-16}}
  • Croatian Revolution Hackers, a now-defunct group of Croatian hackers credited with one of the largest attacks to have occurred in the Balkans.
  • Cult of the Dead Cow, also known as cDc or cDc Communications, is a computer hacker and DIY media organization founded in 1984 in Lubbock, Texas.
  • Cyber Partisans, a Belarusian hacktivist group that emerged in 2020, that performed attacks on the Belarusian government and governmental agencies.
  • DarkSeoul, a cyber attack group believed to be North Korean-backed, known for destroying data and disrupting networks in South Korea from 2011-2013, targeting banks, media outlets, and government agencies using malware and wiper attacks to cause damage.
  • DarkSide, a cybercriminal hacking group, believed to be based in Eastern Europe, that targets victims using ransomware and extortion.
  • DCLeaks, claims to be a group of "American hacktivists (though indicted individuals were found to be in Russia) who respect and appreciate freedom of speech, human rights and government of the people."
  • Decocidio is an anonymous, autonomous collective of hacktivists who are part of Earth First!, a radical environmental protest organization, and adheres to Climate Justice Action.
  • Derp, a hacker group that attacked several game sites in late 2013.
  • Digital DawgPound (DDP) The DDP was founded and named by StankDawg.
  • Equation Group, suspected to be the offensive operations wing of the U.S. National Security Agency.
  • Fancy Bear, a Russian cyberespionage group.
  • Genocide2600, a group that gained notoriety for combating child pornography. Disbanded in 2009.
  • Ghost Squad Hackers, or by the abbreviation "GSH" is a politically motivated hacking team established in 2015.
  • Global kOS was a grey hat (leaning black hat) computer hacker group active from 1996 through 2000.
  • globalHell was a group of hackers, composed of about 60 individuals. The group disbanded in 1999 when 12 members were prosecuted for computer intrusion and 30 for lesser offenses.
  • Goatse Security (GoatSec) is a loose-knit, nine-person grey hat hacker group that specializes in uncovering security flaws.
  • Hackweiser is an underground hacking group and hacking magazine founded in 1999.
  • Hafnium Possibly with Chinese associations, responsible for the 2021 Microsoft Exchange Server data breach.
  • Hive was a notorious ransomware as a service (RaaS) criminal organization that targeted mainly public institutions.{{Cite news |last=Lowell |first=Hugo |date=2023-01-26 |title=US authorities seize servers for Hive ransomware group |language=en-GB |work=The Guardian |url=https://www.theguardian.com/us-news/2023/jan/26/hive-ransomware-servers-seized-us |access-date=2023-06-25 |issn=0261-3077}}
  • Honker Union is a group known for hacktivism, mainly present in Mainland China, whose members launched a series of attacks on websites in the United States, mostly government-related sites.
  • Indian Cyber Force is a hacktivist group that targets entities perceived to be against Indian interests. Notable incidents include cyberattacks against Canada,{{Cite news |last=Robertson |first=Dylan |date=28 September 2023 |title=Cyberattacks hit military, Parliament websites as India-based group targets Canada |url=https://www.cbc.ca/news/politics/cyberattacks-parliament-india-1.6981399 |url-status=live |archive-url=https://web.archive.org/web/20241129182024/https://www.cbc.ca/news/politics/cyberattacks-parliament-india-1.6981399 |archive-date=29 November 2024 |work=cbc.ca}} Maldives,{{Cite web |date=2024-02-25 |title=Maldives' Home Ministry website hacked over 'anti-India actions': Report |url=https://www.businesstoday.in/india/story/maldives-home-ministry-website-hacked-over-anti-india-actions-report-418856-2024-02-25 |access-date=2025-01-25 |website=Business Today |language=en}} Palestine,{{Cite magazine |last=Newman |first=Lily Hay |title=Activist Hackers Are Racing Into the Israel-Hamas War—for Both Sides |url=https://www.wired.com/story/israel-hamas-war-hacktivism/ |access-date=2025-01-25 |magazine=Wired |language=en-US |issn=1059-1028}}{{Cite web |last=Team |first=DNA Web |title=Israel-Palestine conflict: How Indian hackers sunk their cyber fangs into Hamas, Palestinian national bank |url=https://www.dnaindia.com/india/report-israel-palestine-conflict-how-indian-hackers-sunk-their-cyber-fangs-into-hamas-palestinian-national-bank-3063682 |access-date=2025-01-25 |website=DNA India |language=en}} Pakistan.{{Cite web |date=2023-11-15 |title=Hacking Alert: Indian Hackers Claim to Crack Pakistani Police CCTV – Exclusive Inside Look! |url=https://www.timesnownews.com/technology-science/hacking-alert-indian-hackers-claim-to-crack-pakistani-police-cctv-exclusive-inside-look-article-105231993 |url-status=live |archive-url=https://web.archive.org/web/20250124142608/https://www.timesnownews.com/technology-science/hacking-alert-indian-hackers-claim-to-crack-pakistani-police-cctv-exclusive-inside-look-article-105231993 |archive-date=24 January 2025 |access-date=2025-01-25 |website=Times Now |language=en}}
  • International Subversives was a group of three hackers including Julian Assange under the name Mendax,{{cite magazine |last=Khatchadourian |first=Raffi |date=7 June 2010 |title=No secrets: Julian Assange's mission for total transparency |url=https://www.newyorker.com/magazine/2010/06/07/no-secrets |magazine=The New Yorker |access-date=16 March 2014}}{{Cite magazine |date=2010-07-26 |title=The Man Behind Wikileaks: A Julian Assange Cheat Sheet |url=https://www.vanityfair.com/news/2010/07/the-man-behind-wikileaks-a-julian-assange-cheat-sheet |magazine=Vanity Fair |language=en-US |access-date=2022-10-13}}{{Cite magazine |last=Greenberg |first=Andy |title=Breaking Down the Hacking Case Against Julian Assange |url=https://www.wired.com/story/julian-assange-arrest-indictment-hacking-cfaa/ |magazine=Wired |language=en-US |issn=1059-1028 |access-date=2022-10-13}}{{Cite web |date=2011-01-30 |title=Julian Assange: the teen hacker who became insurgent in information war |url=http://www.theguardian.com/media/2011/jan/30/julian-assange-wikileaks-profile |access-date=2022-10-13 |website=the Guardian |language=en}}{{Cite web |title=The most shocking revelations to come from WikiLeaks |url=https://au.news.yahoo.com/on-this-day-the-most-shocking-revelations-to-come-from-wiki-leaks-210023597.html |access-date=2023-02-21 |website=au.news.yahoo.com |date=3 October 2021 |language=en-AU}} supposedly taken from Horace's splendide mendax (nobly lying){{cite book |last1=Dreyfus |first1=Suelette |url=https://books.google.com/books?id=whdGAAAACAAJ |title=Underground: Tales of Hacking, Madness and Obsession on the Electronic Frontier |year=1997 |publisher=Mandarin |isbn=1-86330-595-5}}{{cite web |author=Bustillos, Maria |date=17 June 2013 |title=He Told You So: Julian Assange, the NSA, and Edward Snowden |url=https://psmag.com/news/he-told-you-so-julian-assange-the-nsa-and-edward-snowden-60335 |access-date=16 September 2021 |work=Pacific Standard |quote=Assange's youthful hacker name was Mendax ('lying'), allegedly from Horace's phrase 'splendide mendax,' or 'nobly lying'.}}{{Cite magazine |last=Harrell |first=Eben |date=2010-07-26 |title=Mystery Hacker: Who Is WikiLeaks Founder Julian Assange? |url=https://content.time.com/time/world/article/0,8599,2006496,00.html |magazine=Time |language=en-US |issn=0040-781X |access-date=2023-02-13}}{{Cite web |last=Assange |first=Julian |date=2011-09-21 |title=Julian Assange: 'I am – like all hackers – a little bit autistic' |url=https://www.independent.co.uk/news/uk/home-news/julian-assange-i-am-ndash-like-all-hackers-ndash-a-little-bit-autistic-2358654.html |access-date=2023-02-13 |website=The Independent |language=en}} and two others, known as "Trax" and "Prime Suspect" who regularly hacked into corporations like Nortel and systems belonging to a "who's who of the U.S. military-industrial complex".{{Cite web |title=Julian Assange: The man who exposed the world |url=https://www.macleans.ca/society/technology/a-man-of-many-secrets/ |website=Macleans|date=13 December 2010 }}
  • Iranian Cyber Army unofficially confirmed to be connected to government.
  • Islamic State Hacking Division, a Jihadist hacking group associated with the Islamic State.
  • IT Army of Ukraine is a volunteer cyberwarfare organisation created amidst the 2022 Russian invasion of Ukraine.
  • Killnet is a pro-Russian group that attacked several countries' government institutions and attempted to DDoS the 2022 Eurovision Song Contest website.{{Cite news |title=Russian hackers declare war on 10 countries after failed Eurovision DDoS attack |url=https://www.techcentral.ie/russian-hackers-declare-war-on-10-countries-after-failed-eurovision-ddos-attack/ |date=2022-05-16 |access-date=2022-05-22 |publisher=techcentral.ie}}
  • L0pht, was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area.
  • Lapsus$, a black-hat hacker group known for using extortion tactics. active since late 2021, allegedly dumping data from Microsoft, Samsung and Nvidia, and with members arrested in March 2022.
  • Lazarus Group, with strong links to the North Korean government, involved in the Sony Pictures hack, the Bangladesh Bank robbery and the WannaCry ransomware attack.
  • Legion of Doom; LOD was a hacker group active in the early 80s and mid-90s. Had noted rivalry with Masters of Deception (MOD).
  • Legion Hacktivist Group, a hacking group that hijacked the Indian Yahoo server and hacked online news portals of India.
  • Level Seven was a hacking group during the mid to late 1990s. Eventually dispersing in early 2000 when their nominal leader "vent" was raided by the FBI on February 25, 2000.
  • Lizard Squad, known for their claims of distributed denial-of-service (DDoS) attacks{{cite news | url=https://www.businessinsider.com/lizard-squad-hack-playstation-and-xbox-2014-12?r=US | title=How A Hacker Gang Saved Christmas For Video Game Players Everywhere | work=Business Insider | access-date=25 December 2014}} primarily to disrupt gaming-related services. Currently broken up.
  • Lords of Dharmaraja, an India based security hacking group which threatened in 2012 to release the source code of Symantec's product Norton Antivirus.
  • LulzSec, a group of hackers originating and disbanding in 2011 that claimed to hack "for the lulz".
  • Masters of Deception, MOD's initial membership grew from meetings on Loop-Around Test Lines in the early- to mid-1980s. Had noted rivalry with Legion of Doom (LOD).
  • milw0rm is a group of "hacktivists" best known for penetrating the computers of the Bhabha Atomic Research Centre (BARC) in Mumbai.
  • NCPH is a Chinese hacker group based out of Zigong in Sichuan Province.
  • Noisebridge, a hackerspace located in San Francisco which goes by the early definition of hacking and not security hacking.
  • Noname057(16) a Russian speaking hacker group, attacks aligned with Russia's invasion in Ukraine
  • OurMine, a hacker group of unknown origin that has compromised various websites and Twitter accounts as a way of advertising their "professional services".
  • P.H.I.R.M., an early hacking group that was founded in the early 1980s.
  • Phone Losers of America, an internet prank call community founded in 1994 as a phone phreaking and hacking group.
  • Play, a ransomware extortion group, experts believe them to be from Russia.
  • Powerful Greek Army, is a Greek group of black-hat computer hackers founded in 2016.
  • RedHack is a socialist hacker group based in Turkey, founded in 1997. They usually launch attacks against the Turkish government's websites and leak secret documents of the Turkish government.
  • Rhysida group behind the 2023 British Library cyberattack and the Insomniac games dump using ransomware-as-a-service.
  • Rocket Kitten or the Rocket Kitten Group is a hacker group thought to be linked to the Iranian government. Formed in 2010 by the hacker personas "Cair3x" and "HUrr!c4nE!".
  • Sandworm, also known as Unit 74455, a Russian cyber military unit of the GRU.
  • The Shadow Brokers (TSB), originating in summer 2016. They published several leaks containing hacking tools, including several zero-day exploits of the National Security Agency (NSA).
  • ShinyHunters is a Hacker Group that is said to be responsible for numerous data breaches in 2020 and 2021.
  • SiegedSec, founded in 2022, a hacktivist group known for its anti-government and LGBTQ+-supportive stance, often targeting U.S. government agencies, law enforcement, and right-wing institutions.
  • TeaMp0isoN is a group of black-hat computer hackers established in mid-2009.
  • Telecomix, a hacktivist group mainly known for circumventing internet censorship during multiple political events.
  • TeslaTeam is a group of black-hat computer hackers from Serbia established in 2010.
  • TESO was a hacker group originating in Austria that was active primarily from 1998 to 2004.
  • The Unknowns is a group of white-hat hackers that exploited many high-profiled websites and became very active in 2012 when the group was founded and disbanded.
  • Turla one of the most sophisticated groups supporting the Russian government.
  • UGNazi, a hacking group led by JoshTheGod, was founded in 2011. They are best known for several attacks on US government sites,{{Cite web|url=https://archives.fbi.gov/archives/newyork/press-releases/2012/manhattan-u.s.-attorney-and-fbi-assistant-director-in-charge-announce-24-arrests-in-eight-countries-as-part-of-international-cyber-crime-takedown|title=Manhattan U.S. Attorney and FBI Assistant Director in Charge Announce 24 Arrests in Eight Countries as Part of International Cyber Crime Takedown|date=June 26, 2012|website=fbi.gov|access-date=11 September 2018}} leaking WHMC's database,{{Cite web|url=https://www.forbes.com/sites/andygreenberg/2012/05/22/hackers-impersonate-web-billing-firms-staff-to-spill-500000-users-passwords-and-credit-cards/#6ca771cbae64|title=Hackers Impersonate Web Billing Firm's Staff To Spill 500,000 Users' Passwords And Credit Cards|last=Greenberg|first=Andy|date=May 22, 2012|website=Forbes|access-date=11 September 2018}} DDoS attacks, and exposing personal information of celebrities and other high-profile figures on exposed.su.
  • Vice Society, a Russian-speaking hacker group known for attacks on healthcare and education organizations
  • Wizard Spider Russian / Ukrainian hacker group, suspected of being behind the Ireland Health Service Executive cyberattack, sometimes called Trickbot per the malware.
  • Yemen Cyber Army, a pro-Yemeni hacker group that has claimed responsibility for the defacement of the London-based pro-Saudi Al-Hayat website in April 2015, as well as the exfiltration of data from the Saudi Arabia's Ministry of Foreign Affairs in May subsequently listed on WikiLeaks.
  • YIPL/TAP - Youth International Party Line or Technological Assistance Program, was an early phone phreak organization and publication created in the 1970s by activists Abbie Hoffman.
  • Xbox Underground, an international group responsible for hacking game developers, including Microsoft.
  • UNC1151, believed to be based in Belarus.

See also

References

{{reflist}}

*

hacker groups