[threat-actors] Add RipperSec

2024-11-22 14:57:18 +00:00 · 2024-11-01 10:43:26 -07:00 · 2024-11-01 10:43:26 -07:00 · e464c0c5c2
commit e464c0c5c2
parent 2b94de3f18
1 changed files with 13 additions and 0 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -17027,6 +17027,19 @@
      },
      "uuid": "ae17fcf4-1335-4dec-9976-e26d2e5f7290",
      "value": "Shahid Hemmat"
+    },
+    {
+      "description": "RipperSec is a pro-Palestinian, likely Malaysian hacktivist group created in June 2023, known for conducting DDoS attacks, data breaches, and defacements primarily targeting government and educational websites, as well as organizations perceived to support Israel. The group has claimed 196 DDoS attacks, with a significant portion directed at Israel, and utilizes a tool called MegaMedusa for their operations. RipperSec operates on Telegram, where it has amassed over 2,000 members, and collaborates with various like-minded hacktivist groups. Their attack strategy relies heavily on community involvement rather than sophisticated infrastructure.",
+      "meta": {
+        "country": "MY",
+        "refs": [
+          "https://blog.checkpoint.com/security/hacktivists-call-for-release-of-telegram-founder-with-freedurov-ddos-campaign/",
+          "https://www.radware.com/blog/security/2024/08/megamedusa-rippersec-public-web-ddos-attack-tool/",
+          "https://www.cyjax.com/the-hacktivist-response-to-uk-foreign-policy/"
+        ]
+      },
+      "uuid": "70d09d1f-15fb-4003-bd9a-b52250d9d57e",
+      "value": "RipperSec"
    }
  ],
  "version": 318