Menu
Browse

Cyber Threat Actor: sgtbilko420

Aliases: 2 aliases
Actor Type Location Known Incidents
 Icon
Activist
United States of America
7 incidents
Profile

The threat actor is known by the aliases Amped Attacks and sgtbilko420, with publicly available information indicating a likely base of operations in the United States of America. These identifiers appear consistently across social media posts and reporting related to the actor’s activities. No additional names or variations have been documented in the sources provided.

The actor’s observed targets include websites and online platforms associated with racist ideologies, such as Ku Klux Klan affiliates, the Westboro Baptist Church, an Islamic State‑linked site, and the online presence of a former Canadian prime minister. The sectors affected are primarily extremist propaganda and related media, with geographic focus on North America but impact felt wherever the hosted services are accessed. The stated strategic objective is to disrupt these services in order to advance a goal of ending racism, as expressed in the actor’s own communications; no financial gain or espionage motive is attributed to the actor’s actions.

Technical details referenced in the reporting describe the use of distributed denial‑of‑service attacks that overwhelm targets with traffic generated from a network of infected computers, commonly referred to as a botnet. No specific malware families, exploit kits, or initial access vectors are mentioned in the material, and the actor’s tooling style is limited to traffic‑flooding techniques rather than intrusion or data theft tools. The actor has not been linked to any particular malware suite or advanced persistent threat framework.

Attribution assessments indicate the actor operates independently, explicitly denying affiliation with Anonymous or any other established hacker collective, and no state sponsorship or criminal consortium links have been publicly established. The most notable campaign occurred in mid‑September 2015, when the actor claimed responsibility for disabling approximately twenty extremist‑related sites through sustained DDoS pressure, warned of further Halloween‑timed actions, and offered a monetary reward for anyone able to reveal their identity, a bounty that remained unclaimed despite public challenges. This episode represents the primary publicly reported operation associated with the actor.

Incidents
Attributed incidents available to members
7 incidents
Sources
Sources available to members
1 source