Since Russia’s invasion of Ukraine and the accompanying, historic global cyber war, numerous new offensive cyber cells have appeared. While some of the groups employ the combined power of vast offensive cyber operations to successfully carry out more malicious cybercrime or simply egotistical goals for personal wealth, others employ it to overthrow the government and commercial enterprises throughout Russia.
A new cyber cell operating under the moniker SiegedSec and using variations of the phrase “sieging their victim’s security” surfaced days prior to the invasion. The group, led by a well-known hacktivist going by the handle YourAnonWolf, has quickly increased in lethality by publicizing more victims in recent months.
Since the websites’ launch in late February 2022, DarkOwl investigators have witnessed SiegedSec provide evidence of the defacement and/or compromise of at least 11 websites, with the defacements comprising rather crude and immature language and imagery.
The gang claimed to have successfully defaced over 100 domains in April. They provided proof in the form of a hosting chat thread, which revealed that the defacements had been fixed and the account passwords changed, but the group gave the appearance that they still had access to the domains.
Analysts from DarkOwl also discovered thousands of compromised LinkedIn profiles that mentioned SiegedSec.
Rather than only sharing the data leak on Telegram, they now post in breach forums. It is uncertain how much damage SiegedSec’s hacks have caused, and many of them have gone unreported in the media. However, by using the exposed data provided on their Telegram channel and on deep web sites like Breached, other threat actors may easily access businesses, people, and networks by abusing the disclosed private business and personal information.
