Hacker Groups and Their Tools

28 September 2021

In recent years, hacking attacks have become even more sophisticated. Where once one person could be involved in an attack, now, with advances in technology and the rise of cyber security specialists, it is difficult to pull off major hacks alone. Today, attackers apply more powerful resources and different tools to the assaults. Distinguishing between a malicious bot request and a legitimate one is becoming increasingly difficult. The algorithms are becoming more complex. The initiators of the attacks use vast distributed networks, so it's hard to identify them, much less put them in a separate grouping. Nevertheless, there are hacker teams that are well known to cybercrime units from different countries.

The Legendary Anonymous

This decentralized online collective is said to have formed in 2003. Team members have no specific political affiliation and oppose censorship and government controls that interfere with the promotion of free speech. Throughout its existence, Anonymous has opposed terrorists, drug dealers, and child pornographers. The members of the group, hidden under the mask of the famous hero of the utopia novel Guy Fawkes, have repeatedly expressed support for the scandalous Occupy Wall Street and WikiLeaks movements. The complete anonymity of the group members did not keep them out of trouble with the law. They have repeatedly become heroes of the criminal chronicle, accused of hacking computers and cyber-harassment.

hacker groups

Anonymous' tactics are impressive DDoS attacks and numerous offline pranks. Hacktivists can cleverly replace any website landing page with their messages and graphics. Anonymous has gained a lot of popularity because of its commitment to certain principles and norms. In 2012, Time magazine listed the group as one of the 100 most important phenomena on the planet. This is not surprising because Anonymous was behind the high-profile cyberattacks on Visa, MasterCard, and PayPal in 2010, the PlayStation sabotage, and the harassment of government websites in Egypt and Tunisia in 2011. In 2020, following the death of George Floyd, Anonymous accused Minneapolis police of a horrific record of violence and corruption. Since then, the city's websites, including the police, are often out of access.

BlackMatter Ransomware

Companies around the world are plagued by so-called ransomware, which has repeatedly made headlines. Many have heard of hacker groups such as DarkSide or REvil, who are credited with attacking the Colonial Pipeline infrastructure this spring, as well as attacks on the systems of the world's largest meat producer JBS. But there is speculation that they have ceased to exist or are in deep hibernation, and a new affiliate program is claiming their place: ransomware-as-a-service (RaaS), called BlackMatter. The group has only recently been formed. The hackers specialize in finding people who are willing to provide access to corporate networks for a handsome fee to run their malware there. BlackMatter has a healthy appetite. They are interested only in companies with annual revenues above $100 million, for information about which they offer "initial access brokers" from $3,000 to $100,000.

ART31 aka Hurricane Panda aka Zirconium

The hacker group ART31 has several names. The team has been attributed numerous targeted attacks on government agencies in various countries. Microsoft Company accused the group of attacking participants in the 2020 U.S. presidential election. Then, from March to September 2020, about one thousand attacks on American voters were recorded. In addition, the hackers attacked the accounts of international and political organizations, as well as educational institutions. Some experts link the group to Chinese intelligence services. The attackers have been using APT (Advanced Persistent Threat) attacks since 2010. During that time, the group has attacked government websites in Norway, Finland, and Germany. Beginning this year, the APT31 team began to use a new method of hacking and infecting gadgets, sending phishing emails with a link to a fake domain.

Lizard Squad - Youth is No Obstacle

The Lizard Squad members were between 15 and 17 years old when they were arrested, thanks to the information provided by another team of hackers. It must be said that the Lizards themselves are to blame for this outcome because they liked to brag about their pranks on social networks so much. These are DDoS attacks on the game servers of League of Legends and Call of Duty, the disclosure of confidential information of Sony, or the open support of the DPRK regime and ISIS. Some users believe that Lizard Squad deliberately made a lot of noise around themselves. With their DDoS attacks on PlayStation Network and rival Xbox Live, the hackers claimed that more protection was needed. At the time, the Lizards could have successfully attacked the NASDAQ and brought down the economy, but that was not their goal. The important thing was that the issue of protecting gaming services was finally taken seriously. As a result, Sony and Microsoft had to improve the protection.

Syrian Electronic Army

This hacker group openly demonstrates its views on the world order and wages cyber warfare against the leading opponents of Bashar al-Assad's regime. The US, Qatar, and Saudi Arabia, which can be called the main inspirers of the "Arab Spring", were initially the main target of the hackers. SEA tries to attack well-known news sites that have a reputation as a reliable source of information, to publish fake data, passing it off as real. For example, in 2013, hackers published a tweet from the official Associated Press account mentioning the bombing of the White House and the injury of former US President Barack Obama, after which stock markets collapsed. In addition, the SEA continues to organize phishing and DoS attacks on Syrian rebel websites and Western online resources that criticize the policies of the current Syrian government.