Cell PhonesComputersConsumer ElectronicsGraphic Design & Video EditingHome Theater & AudioIndustrial TechnologyInternet

10 Most Powerful (Known) Active Hacking Groups

Updated on October 14, 2016
[All photos are public domain unless specified]
[All photos are public domain unless specified]

Hackers are a diverse group

There are young, prank hackers like Lizard Squad. Lizard Squad infamously used a DDOS attack to take down Playstation and Xbox networks during Christmas (it's a pretty sinister prank to target children like that). Some hackers are older, and often work as "computer security consultants" who advise companies on how to protect themselves. Some hackers are in it for monetary gain, while others are in it for the lulz and the power.

More and more there are state-sponsored groups that have Hollywood-style capabilities. The best known example of this is Stuxnet, an Israeli (as well as probably American) worm that infected Iran nuclear facilities. Stuxnet caused the nuclear centrifuges to go haywire while the control system displays for those centrifuges would read normally. It had the power to create a devastating explosion while monitoring stations appeared normal. The scariest part is that it could be refitted easily for just about any industrial operation.

Since a virus like Stuxnet is much harder to pull off than a DDOS attack, most of the groups on this list are state-sponsored. Disclaimer: I don't have outstanding technical knowledge on the subject, feel free to critique in the comments.

10: Bureau 121

Although most technology in North Korea is extremely outdated, their government still has shown interest in hacking. According to defectors, military hackers live extravagant lives in North Korea. Top students are handpicked from straight out of their "University of Automation" school. The primary wing of this hacking group is known as Bureau 121. It comprises about 1,800 people that work around the world (because internet infrastructure in NK is pretty terrible).

Most of the Bureau's activity has been focused on South Korea. Attacks have ranged from malicious gaming apps targeted at South Korea, hacking the website of the South Korean President, and destroying data of banks and broadcasting companies. Guardians of Peace, the group behind the famous Sony hack might have been a Bureau 121 proxy. That particular hack cost Sony about $15 million.

9. Chaos Computer Club

Chaos Computer Club (CCC) is probably only one of two groups on this list with any sort of moral code. It also is probably the oldest- it was founded by a small group of Germans in 1981.

Today it is a large association of mostly German-speaking hackers. CCC has made a number of hacks where they first consulted legal experts to make sure that what they were doing was legal. Although they almost permanently reside in or around legal grey-area, this willingness to operate within legal bounds has allowed their survival. Not only have they survived, but they've been accepted, recognized, and sometimes glorified by the press. Since it is a large disorganized association of people with exceptional computer security technical knowledge, not everyone has always behaved according to law.

CCC gained notoriety in the 80's when they notified the Deutsche Bundespost of flaws in their online system. Deutsche Bundespost was somewhat of an ideal target for an early hacktivist group, because they actively tried to keep more technologically advanced startups from competing. Deutsche Bundespost's system provider responded by assuring everyone that the system was secure. Of course, CCC still hacked the system and stole DM 134,000. They returned the money the next day.

8. Morpho

Morpho, a.k.a. Wild Neutron, is a well-funded group that has executed dozens of high profile hacks since 2011 on tech, pharmaceutical, and investment companies. They're likely not state-sponsored because their hacks usually steal insider information for monetary gain. They've hit Microsoft, Apple, Facebook, and Twitter via zero-day exploits. Since zero-day exploits are unknown to the software vendor as long as they are undiscovered, they give powerful access to the hacker. This is a contrast to something simple like a DDOS that just overloads server traffic for a period of time.

Morpho is particularly interesting because they are likely a sophisticated small group. Some of their signatures include multi-platform malware, well-documented code, bitcoins to pay hosting providers, and multi-staged command and control networks with encrypted virtual machines. They are English-speaking and are very good at covering their tracks.

7. Syrian Electronic Army

The Syrian Electronic Army (SEA) is a hacker group with Syrian sympathies as well as connections to Iran and Hezbollah. They've show a wide array of attack capabilities. Most famously, they've defaced many major Western news outlets, but they have also managed to locate opposition rebels using malware. Also, if you're a fan of The Onion, you should read the Onion's response to a SEA hack.

The SEA is unique because of its varied tone and style. For example, it tweeted from AP's account that Obama had been injured in explosions at the White House. This one simple tweet sparked a dramatic temporary fall in the DOW Jones Index. On the lighter side, they've tweeted from BBC Weather that "Saudi weather station down due to head on-collision with camel". Their familiarity with English colloquialism and humor raises questions about the SEA's identity, but the NYT has stated that the SEA is probably Iranian.

6. Anonymous

Anonymous is probably the most recognizable hacker group to at least the American general public. They originated in 2003 on 4chan, and have grown to be a significant force on the internet. Anonymous draws some power from being extremely decentralized, and they therefore can keep operations running even if someone is arrested (as many have been). Most of their hacks historically have been of the liberal hacktivist variety, although others have been extremely serious or extremely light-hearted in nature.

Some of their more focused campaigns have been the Occupy Movement, anti-child pornography, and anti-Church of Scientology (some of which involved physical presence as well as an internet one). Although they have certain collective symbols, such as Guy Fawkes masks and taglines, there is no single person giving commands. If a person becomes too narcissistic and starts to use his or her own name for things, that person will be chastised and encouraged to leave. Anonymous is an idea, and it is an idea with unprecedented staying power.

Halftime: Least Useful Hack Ever

5. Tarh Andishan/Ajax

Understandably, Iran was not pleased with Stuxnet. It jeopardized the country's nuclear power (and if you're more cynically-inclined, also nuclear bomb) ambitions. Iran decided it was best to aggressively upgrade their cyber capabilities. They did this in at least two ways: create an independent state-sponsored group, Tarh Andishan, and consult and hire existing Iranian hackivist groups (like Ajax).

Ajax was better known for website defacement, but after Stuxnet it's likely they were consulted for patriotic espionage (pioneered by the Chinese). Ajax is most famous for "Operation Saffron Rose" in which they attempted to gain information on U.S. defense industry officials with advanced phishing attacks.

Tarh Andishan is actually a little scarier for the average civilian because they've gained access to airport gate control systems in South Korea, Saudi Arabia, and Pakistan. Such access would allow them to spoof security credentials in an airport. They've also hacked industrial targets like oil, gas, and telecommunications companies.

4. Dragonfly

Another likely state-sponsored group, this time out of Eastern Europe and Russia, is Dragonfly. Dragonfly is likely state-sponsored due to its targets: electric grids, energy industry, and other control systems in U.S. and Europe. They're designated as an APT (Advanced Persistent Threat).

Their most common attacks are spear-phishing and watering hole attacks. This is not unusual for APT groups. They've also demonstrated capabilities to embed trojans in legitimate software for industrial control systems. This is very reminiscent Stuxnet. When Stuxnet was first found, it was recognized to be universal for many industries. It might be that we are starting to see Stuxnet-like worm capabilities for organizations other than the United States and Israel.

3. APT28

APT28 (named by FireEye) is unsurprisingly an Advanced Persistent Threat group. They're Russian, and might share funding sources with Dragonfly (although I don't know so I didn't group them together). All of their targets are targets that the Russian government is interested in, they speak Russian, and they've been traced back to a government sponsor in Moscow.

APT28 uses pretty well known hacking methods, and uses them successfully and often. They've hacked NATO, Polish government websites, Georgia ministries, and OSCE. They're unique in that they've been caught framing the Cyber Caliphate (ISIS) for their attacks. Just like other organizations on this list, they operate in areas with no extradition treaty to the U.S. - so they are immune to legal repercussions.

Elderwood Group and 20 other Chinese APTs

Elderwood Group, Axiom, Unit 61398, Comment Crew, Putter Panda, Hidden Lynx, and many more. China pioneered the state-sponsored hacking group, and they've continued to perfect the practice. Often it is difficult to tell whether the Chinese government is pulling the strings, funding, or even has affiliation with a group. I'm trying not to be ominous, but the list of hacks and zero-day exploits of these groups are rather long.

One of the more famous attacks came in 2010 under the name "Operation Aurora". We in part know about Operation Aurora because Google came forward and announced it had been hacked. Common targets included defense industries, human rights campaigns, and supply-chain firms. Elderwood group is a blanket term for all the groups involved. Sub-groups include Hidden Lynx (targeted defense industry and Japanese users), Linfo (manufacturing firms), Sakurel (aerospace companies), and Vidgrab (Uyghur dissidents). Such a coordinated, advanced, well-funded attack had to be orchestrated by the Chinese government. It is unclear what precautions will be taken to protect against increasingly sophisticated and persistent attacks in the future.

If that wasn't enough, the Chinese have vast troves of personal secrets of United States government employees.

1. Tailored Access Operations, NSA

If it weren't for Edward Snowden, we probably wouldn't know about Tailored Access Operations (TAO). TAO has some of the best capabilities in the world, and has collected about all the American telephone data you can imagine. Once revealed, more and more details have come out about them.

We now know they have 600 employees in the main NSA complex in Fort Mead, Maryland. There are also branches in Hawaii, Georgia, Texas, and Denver. They have sophisticated unique abilities that are difficult to even dream up. One of those capabilities is QUANTUMSQUIRREL, which allows them to appear on the internet anywhere as anyone. They've also compromised very common computer systems often with physical access or cooperation with network or hardware companies. They are known to force companies to insert vulnerabilities into their own systems for TAO to exploit.

Just about all the details of the organization are Orwellian. Take, for example, WARRIOR PRIDE. It's IPhone and Android software that can turn on a phone remotely, turn the microphone of the phone on and listen, track using geolocation, and its own tamper-proofing and stealth programming. That's just one that we know about.

Are you scared of hackers?

See results

Comments

    0 of 8192 characters used
    Post Comment

    • adevwriting profile image

      Arun Dev 22 months ago from United Countries of the World

      Hacking is really a very serious issue.

    • Chantelle Porter profile image

      Chantelle Porter 22 months ago from Chicago

      I know absolutely nothing about hacking but I found this a fascinating article. Really well put together. This one's a share.

    • loche profile image

      anshuman katoch 22 months ago from shimla

      a fascinating read. I was under the impression that anonymous were the bigest hacking organization in the world but apparently its the US government :)

    • Kristen Howe profile image

      Kristen Howe 20 months ago from Northeast Ohio

      A real interesting hub on hacking groups around the world.

    • Discordzrocks profile image

      Gavin Heinz 14 months ago from Austin TX

      I got hacked trying to get free Undertale, and guess who, a hacker.

    • profile image

      Colleen C 4 months ago

      yes a real interesting read !

    • profile image

      Human 4 months ago

      Most of these people hack to spread the truth

    • profile image

      MYTHMASK 2 months ago

      I have a friend that has the lizard squad on his side so no one can hack me with my protection by the way I'm a hacker atleast good enough to go on the squads anonymous and the lizard squad.

    • profile image

      williamtheconquerer 4 weeks ago

      this wasn't awfully helpful , might need to sort your grammar blake

    • profile image

      Mohammed 3 weeks ago

      Sir i want to learn about hacking. I loved subject it. So plz add your whatsapp group.. Plz.... My whatsapp number:8547693065 Plz add me fast

    • profile image

      Pratyushpandey 3 weeks ago

      I want to increase view and subscribe of my YouTube channel could you help me....

    • profile image

      Wend1go 3 weeks ago

      hoping to see my name or one of my colleagues... disappointing

    • profile image

      Himanshu tirkey 5 days ago

      Sir i want to learn about hacking. I loved subject it. So plz add your whatsapp group.. Plz.... My whatsapp number:9111854528Plz add me fast

    • profile image

      bigmac supreme 4 days ago

      why do these idiot authors still misuse the word "hacker"? A "hacker" is someone who only wants to see and not use the information they gathered. A "cracker" is someone who has malicious intent in mind when they decide to attack or steal. People need to start learning the difference of these two types of cyber criminals. This list has a mixture of both types of people. We need to stop the ignorance and sensationalizing of the media when using incorrect information.

    • profile image

      saravanan 24 hours ago

      how to join hacker group

    • profile image

      H4ck1ng1npr0gr3ss 13 hours ago

      people think hacking is a realy serious issue but it is quite fun i have recently joined a hacking group my group recently hacked disney and have one of there new movies and were going to release it on the 25 of may maybe a bit earlier then that after all im only a kid btw there might be a couple bugs on this site in a couple hours after i posted this ;P

    Click to Rate This Article