One Article Review
| Source |  Cyble |
|---|---|
| Identifiant | 8645138 |
| Date de publication | 2025-01-31 07:50:23 (vue: 2025-01-31 08:08:04) |
| Titre | Dark Web Activity January 2025: A New Hacktivist Group Emerges |
| Texte | >
Overview
Cyble dark web researchers investigated more than 250 dark web claims by threat actors in January 2025, with more than a quarter of those targeting U.S.-based organizations.
Of threat actors (TAs) on the dark web targeting U.S. organizations during the month, 15 were ransomware groups claiming successful attacks or selling data from those attacks.
Ransomware group claims accounted for about 40% of the Cyble investigations. Most of the investigations examined threat actors claiming to be selling data stolen from organizations, or selling access to those organizations\' networks.
Several investigations focused on cyberattacks orchestrated by hacktivist groups – including a new Russian threat group identified here for the first time.
\'Sector 16\' Teams Up With Russian Hacktivists Z-Pentest
New on the scene is a group calling itself “Sector 16,” which teamed with Z-Pentest – a threat group profiled by Cyble last month – in an attack on a Supervisory Control and Data Acquisition (SCADA) system managing oil pumps and storage tanks in Texas. The groups shared a video showcasing the system interface, revealing real-time data on tank levels, pump pressures, casing pressures, and alarm management features.
Both groups put their logos on the video, suggesting a close alliance between the two (image below).
Sector 16 also claimed responsibility for unauthorized access to the control systems of a U.S. oil and gas production facility, releasing a video purportedly demonstrating their access to the facility\'s operational data and systems. The video reveals control interfaces associated with the monitoring and management of critical infrastructure. Displayed systems include shutdown management, production monitoring, tank level readings, gas lift operations, and Lease Automatic Custody Transfer (LACT) data, all critical components in the facility\'s operations. Additionally, they were also able to access valve control interfaces, pressure monitoring, and flow measurement data, highlighting the potential extent of access.
Russian hacktivist groups have posted several videos of their members tampering with critical infrastructure control panels in recent months, perhaps more to establish credibility or threaten than to inflict actual damage, although in one case, Z-Pentest claimed to disrupt a U.S. o |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | $16 000 115 2025 2025: 250 a threat able about access accounted acquisition active activity actor actor offering actors actual additionally admin advertised africa agencies akira alarm all alliance along also although among another any arbitrary are army associated attack attacks automatic automotive backups bank based been before belonging below best between bianlian bigger blackbasta both breach breaches builds cactus calling can case casing casino certificates chip cl0p claim claimed claiming claims cleo close code colleges command commands communications companies company components compromised conclusion contractors control corporation could credibility critical custody cyber cyberattacks cybersecurity cyble damage dark data ddos december defense demonstrating denial detecting development displayed disrupt distributed docker during early emerges endpoint equipment escalate establish estate european examined execute extent facilitates facility fbi features first flow focused fog food from gained gas github government group groups hacktivist hacktivists had hamza has have healthcare here highlighting identified illicitly image important inc include included included: including inflict information infrastructure insider interface interfaces internal investigated investigations islamic isp itself january keys lact large last leaks lease least level levels leveraged leveraging lift limit local lockbit logistics logos lynx major maker management managing manufacturer may measurement medusa members mft military monitoring month months monti more most much multiple network networks new number numerous observed occur offered official oil one operational operations orchestrated organization organizations other overview panels parts pentest perhaps platform platforms plumbing police port portal possess posted potential practices pressure pressures previously private pro production profiled proof public pump pumps purportedly put qilin quarter range ransomhub ransomware readings real recent reduce releasing repos requests researchers responsibility retail revealing reveals rhysida risk robbery root router russian safepay scada scene sector sectors segmentation selling series servers service several shared shell showcasing shutdown sim some source span state states stolen storage subdomain subscribers successful such suggesting suggests supervisory swap swapping system systems tamper tampering tank tanks targeted targeting targets tas team teamed teams telecom telecommunications texas than those threat threaten time tool transfer transportation trust two unauthorized undisclosed united universities utility valve velvet victims video videos vulnerabilities vulnerability water ways web website well which who wide zero “sector |
| Tags | Ransomware Tool Threat Legislation Medical |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.