Dark Web Profile: Hunt3r Kill3rs – SOCRadar® Cyber Intelligence Inc.

Keypoints

• Hunt3r Kill3rs is a recently surfaced group with claims of ICS/OT breaches and other IT/network intrusions, but evidence of impact remains unclear.
• The group claims infiltrating ICS, including Siemens and Unitronics devices, though verifiable disruption is not established.
• They allege breaches of communication networks, such as Cisco IP phone systems, with pending verification on actual impact.
• Claims include web application vulnerability exploitation (SQL injection on WordPress-based e-commerce sites), with uncertain real-world effects beyond defacement in some cases.
• Geopolitical targets cited include Israel, Germany (Mobotix), Ukraine, and the United States, often in collaboration with Народная Кибер Армия; evidence is inconclusive.
• Iranian threat actors are noted as frequently collaborating with Russian actors in pro-Russian hacktivist spaces, suggesting possible information sharing.
• Recommendations emphasize vigilant monitoring, rigorous forensics, and strengthened information sharing while avoiding overreaction to unverified claims.