Menu
Browse

Cyber Threat Actor: DR@CUL@

Actor Type Location Known Incidents
 Icon
Activist
Indonesia
1 incident
Profile

DR@CUL@ is a threat actor publicly associated with Indonesia, operating under this singular known alias. The group gained visibility through a 2014 campaign targeting AVG Technologies, an international cybersecurity vendor. In this operation, DR@CUL@ collaborated with hackers from Pakistan to compromise at least 19 subdomains associated with AVG’s global infrastructure. The attackers defaced multiple websites, including regional AVG distributor portals in South America and the official blog of AVG Japan. This incident demonstrated a focus on undermining the digital assets of security-focused organizations, though the specific strategic objective remains undocumented in public reporting.

The actor’s tactics in the AVG breach centered on website defacements and subdomain takeovers, indicating exploitation of vulnerabilities in AVG’s web infrastructure. No malware families, specialized tooling, or initial access vectors were detailed in source documentation. The operation mirrored prior attacks against AVG, suggesting possible recurring targeting of the company’s systems. Public sources do not attribute DR@CUL@ to state-sponsored activity or formal criminal alliances, though the collaboration with Pakistani actors implies transient operational partnerships. The geographic concentration of the group’s activities appears linked to Southeast Asian and South Asian cyber operations, with no further campaigns publicly attributed beyond the 2014 incident.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
0 sources