List of hacker groups

This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "List of hacker groups" – news · newspapers · books · scholar · JSTOR (September 2021) (Learn how and when to remove this message)

This is a partial list of notable hacker groups, in alphabetical order:

• Anonymous, originating in 2003, Anonymous was created as a group for people who fought for the right to privacy.
• Anonymous Sudan, a hacktivist group that claims to act against anti-Muslim activities, but allegedly is Russian backed and neither linked to Sudan nor Anonymous.
• Bangladesh Black Hat Hackers, founded in 2012.
• Chaos Computer Club (CCC), founded in 1981, it is Europe's largest association of hackers with 7,700 registered members.
• Conti one of the most prolific ransomware groups of 2021, according to the FBI.^[1]
• Cozy Bear, a Russian hacker group believed to be associated with one or more intelligence agencies of Russia.
• Croatian Revolution Hackers, a now-defunct group of Croatian hackers credited with one of the largest attacks to have occurred in the Balkans.
• Cult of the Dead Cow, also known as cDc or cDc Communications, is a computer hacker and DIY media organization founded in 1984 in Lubbock, Texas.
• Cyber Partisans, a Belarusian hacktivist group that emerged in 2020, that performed attacks on the Belarusian government and governmental agencies.
• DarkSide, a cybercriminal hacking group, believed to be based in Eastern Europe, that targets victims using ransomware and extortion.
• DCLeaks, claims to be a group of "American hacktivists (though indicted individuals were found to be in Russia) who respect and appreciate freedom of speech, human rights and government of the people."
• Decocidio is an anonymous, autonomous collective of hacktivists who are part of Earth First!, a radical environmental protest organization, and adheres to Climate Justice Action.
• Derp, a hacker group that attacked several game sites in late 2013.
• Digital DawgPound (DDP) The DDP was founded and named by StankDawg.
• Equation Group, suspected to be the offensive operations wing of the U.S. National Security Agency.
• Fancy Bear, a Russian cyberespionage group.
• Genocide2600, a group that gained notoriety for combating child pornography. Disbanded in 2009.
• Ghost Squad Hackers, or by the abbreviation "GSH" is a politically motivated hacking team established in 2015.
• Global kOS was a grey hat (leaning black hat) computer hacker group active from 1996 through 2000.
• globalHell was a group of hackers, composed of about 60 individuals. The group disbanded in 1999 when 12 members were prosecuted for computer intrusion and 30 for lesser offenses.
• Goatse Security (GoatSec) is a loose-knit, nine-person grey hat hacker group that specializes in uncovering security flaws.
• Hackweiser is an underground hacking group and hacking magazine founded in 1999.
• Hafnium Possibly with Chinese associations, responsible for the 2021 Microsoft Exchange Server data breach.
• Hive was a notorious ransomware as a service (RaaS) criminal organization that targeted mainly public institutions.^[2]
• Honker Union is a group known for hacktivism, mainly present in Mainland China, whose members launched a series of attacks on websites in the United States, mostly government-related sites.
• Interlock, a ransomware group targeting Windows and FreeBSD operating systems, appeared at the end of September 2024.^[3][4]

• International Subversives was a group of three hackers including Julian Assange under the name Mendax,^{[5][6][7][8][9]} supposedly taken from Horace's splendide mendax (nobly lying)^{[10][11][12][13]} and two others, known as "Trax" and "Prime Suspect" who regularly hacked into corporations like Nortel and systems belonging to a "who's who of the U.S. military-industrial complex".^[5][10][14]
• Iranian Cyber Army unofficially confirmed to be connected to government.
• Islamic State Hacking Division, a Jihadist hacking group associated with the Islamic State.
• IT Army of Ukraine is a volunteer cyberwarfare organisation created amidst the 2022 Russian invasion of Ukraine.
• Killnet is a pro-Russian group that attacked several countries' government institutions and attempted to DDoS the 2022 Eurovision Song Contest website.^[15]
• L0pht, was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area.
• Lapsus$, a black-hat hacker group known for using extortion tactics. active since late 2021, allegedly dumping data from Microsoft, Samsung and Nvidia, and with members arrested in March 2022.
• Lazarus Group, with strong links to the North Korean government, involved in the Sony Pictures hack, the Bangladesh Bank robbery and the WannaCry ransomware attack.
• Legion of Doom; LOD was a hacker group active in the early 80s and mid-90s. Had noted rivalry with Masters of Deception (MOD).
• Legion Hacktivist Group, a hacking group that hijacked the Indian Yahoo server and hacked online news portals of India.
• Level Seven was a hacking group during the mid to late 1990s. Eventually dispersing in early 2000 when their nominal leader "vent" was raided by the FBI on February 25, 2000.
• Lizard Squad, known for their claims of distributed denial-of-service (DDoS) attacks^[16] primarily to disrupt gaming-related services. Currently broken up.
• Lords of Dharmaraja, an India based security hacking group which threatened in 2012 to release the source code of Symantec's product Norton Antivirus.
• LulzSec, a group of hackers originating and disbanding in 2011 that claimed to hack "for the lulz".
• Masters of Deception, MOD's initial membership grew from meetings on Loop-Around Test Lines in the early- to mid-1980s. Had noted rivalry with Legion of Doom (LOD).
• Mazafaka, financially motivated group and crime forum.
• milw0rm is a group of "hacktivists" best known for penetrating the computers of the Bhabha Atomic Research Centre (BARC) in Mumbai.
• NCPH is a Chinese hacker group based out of Zigong in Sichuan Province.
• Noisebridge, a hackerspace located in San Francisco which goes by the early definition of hacking and not security hacking.
• Noname057(16) a Russian speaking hacker group, attacks aligned with Russia's invasion in Ukraine
• OurMine, a hacker group of unknown origin that has compromised various websites and Twitter accounts as a way of advertising their "professional services".
• P.H.I.R.M., an early hacking group that was founded in the early 1980s.
• Phone Losers of America, an internet prank call community founded in 1994 as a phone phreaking and hacking group.
• Play, a ransomware extortion group, experts believe them to be from Russia.
• Powerful Greek Army, is a Greek group of black-hat computer hackers founded in 2016.
• RedHack is a socialist hacker group based in Turkey, founded in 1997. They usually launch attacks against the Turkish government's websites and leak secret documents of the Turkish government.
• r00t, a hacker group formed in the early 90s, originally as a parody of other notable hacking groups of the time.
• Rhysida group behind the 2023 British Library cyberattack and the Insomniac games dump using ransomware-as-a-service.
• Rocket Kitten or the Rocket Kitten Group is a hacker group thought to be linked to the Iranian government. Formed in 2010 by the hacker personas "Cair3x" and "HUrr!c4nE!".
• Sandworm, also known as Unit 74455, a Russian cyber military unit of the GRU.
• The Shadow Brokers (TSB), originating in summer 2016. They published several leaks containing hacking tools, including several zero-day exploits of the National Security Agency (NSA).
• ShinyHunters is a Hacker Group that is said to be responsible for numerous data breaches in 2020 and 2021.
• TeaMp0isoN is a group of black-hat computer hackers established in mid-2009.
• Telecomix, a hacktivist group mainly known for circumventing internet censorship during multiple political events.
• TeslaTeam is a group of black-hat computer hackers from Serbia established in 2010.
• TESO was a hacker group originating in Austria that was active primarily from 1998 to 2004.
• The Unknowns is a group of white-hat hackers that exploited many high-profiled websites and became very active in 2012 when the group was founded and disbanded.
• Turla one of the most sophisticated groups supporting the Russian government.
• UGNazi, a hacking group led by JoshTheGod, was founded in 2011. They are best known for several attacks on US government sites,^[17] leaking WHMC's database,^[18] DDoS attacks, and exposing personal information of celebrities and other high-profile figures on exposed.su.
• Vice Society, a Russian-speaking hacker group known for attacks on healthcare and education organizations
• Wizard Spider Russian / Ukrainian hacker group, suspected of being behind the Ireland Health Service Executive cyberattack, sometimes called Trickbot per the malware.
• Yemen Cyber Army, a pro-Yemeni hacker group that has claimed responsibility for the defacement of the London-based pro-Saudi Al-Hayat website in April 2015, as well as the exfiltration of data from the Saudi Arabia's Ministry of Foreign Affairs in May subsequently listed on WikiLeaks.
• YIPL/TAP - Youth International Party Line or Technological Assistance Program, was an early phone phreak organization and publication created in the 1970s by activists Abbie Hoffman.
• Xbox Underground, an international group responsible for hacking game developers, including Microsoft.
• UNC1151, believed to be based in Belarus.

• List of hackers
• List of fictional hackers
• List of computer criminals
• Information security
• Computer security conference