Cyber Threat Actor: KheXan rOot

The threat actor is known by thealias KheXan rOot. This alias appears in public reports exactly as written, without variation.
The actor's location is listed as India in the available source material.
No other geographic affiliations have been publicly disclosed for this individual.

On September 3, 2015, KheXan rOot collaborated with another hacker who uses the handle ConnectingFriend.
The joint operation targeted the website askmebazaar.com.
The attackers successfully compromised the site and extracted data from its user database. The specific outcome of the breach was the public dump of approximately 2,105 user records.

The breach was reported by multiple security news outlets shortly after it occurred.
No technical details regarding malware families, exploit tools, or custom tooling have been disclosed in the reporting of this incident.
Similarly, the initial access vector used to gain entry to the website has not been described in any public source.
Information about any persistence mechanisms or post‑exploitation activities employed by the actors is also absent from the record.

The breach was publicly attributed to the two individuals by their online handles, KheXan rOot and ConnectingFriend.
The reporting did not indicate any state sponsorship or connection to a government‑backed group.
Likewise, no evidence links the actor to a criminal consortium or organized cybercrime syndicate.
Beyond this 2015 event, no additional campaigns or operations have been publicly tied to KheXan rOot.

As a result, the actor's typical targets, preferred sectors, regional focus, or strategic objectives remain undocumented.
The absence of further publicly reported actions limits any assessment of the actor's broader behavior or capabilities.
This profile is therefore confined to the verified facts surrounding the askmebazaar.com breach. The actor has not been referenced in any later public cybersecurity analyses or incident reports.