Cyber Threat Actor: Anti Mortadin!@
| Actor Type | Location | Known Incidents |
Activist
|
Pakistan
|
1 incident |
|---|
Profile
The threat actor known by the alias Anti Mortadin!@ operates from Pakistan and has been identified as a hacktivist group that expresses support for the Taliban. The actor’s public statements indicate a political motivation, claiming actions are taken as a victory for the Taliban and as retaliation against perceived Indian cyber aggression. Targeting has focused on government and telecommunications sectors, with attacks directed at Pakistani police websites and Indian telecom infrastructure. The actor’s stated objectives appear to be disruption and messaging rather than financial gain or espionage, as evidenced by defacement messages and claims of payback for earlier intrusions.
In terms of tactics, the actor has employed website defacement and intrusion into intranet portals, as demonstrated by the alteration of the Rawalpindi police site with pro‑Taliban imagery and the breach of BSNL’s Haryana intranet portal. No specific malware families, initial access vectors, or tooling details are described in the available sources, so the profile is limited to these observed techniques. Attribution to a broader state sponsor or criminal consortium is not established; the actor is publicly linked to Taliban‑sympathetic hacktivists operating from Pakistan. Notable operations include the May 2014 defacement of rawalpindipolice.gov.pk and the simultaneous compromise of the BSNL regional intranet, both accompanied by messages that framed the actions as retaliation and support for militant causes. These incidents illustrate the actor’s pattern of using high‑visibility defacements to convey political statements and to signal capability in cross‑border hacktivist confrontations.
