Menu
Browse

Cyber Threat Actor: ViktorLustig

Aliases: 2 aliases
Actor Type Location Known Incidents
 Icon
Criminal
Russia
1 incident
Profile

ViktorLustig, also known as Lustig, is a threat actor whose known location is reported as Russia. The actor came to public attention in August 2022 when a database belonging to the University of Kashmir was offered for sale on a hacking forum. The advertisement listed the personal information of over one million students and employees for a price of $250. By posting the data on both dark web and clear net versions of the forum, the actor increased the potential audience for the stolen material. The act of selling the dataset indicates a primarily financial motivation rather than espionage or disruption. The targeting of an educational institution in the Kashmir region suggests a focus on the education sector within India.

Open source reporting does not detail any specific malware families, initial access vectors, or tooling associated with ViktorLustig, so no TTP themes can be confirmed from the available material. Likewise, no public attribution links the actor to a state sponsor, criminal consortium, or other organized group. The University of Kashmir incident remains the only publicly reported operation linked to the alias, representing a single campaign in which the actor monetized stolen academic and employment records. Because the dataset was advertised for a low price and made accessible across multiple forum versions, the operation highlights a straightforward approach to monetization. No further campaigns or related activity have been documented in the sources provided.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
1 source