Menu
Browse

Cyber Threat Actor: Monte Melkonian Cyber Army

Aliases: 2 aliases
Actor Type Location Known Incidents
 Icon
Activist
Armenia
52 incidents
Profile

The Monte Melkonian Cyber Army, also known by the alias MMCA, is an Armenian hacker group whose activities have been linked to the country of Armenia. The group describes its actions as retaliation linked to Armenian independence commemorations and the broader Nagorno‑Karabakh dispute, indicating a nationalist and geopolitical motivation rather than a financial one. It operates as a hacktivist collective that aligns itself with Armenian interests in the regional conflict with Azerbaijan and Turkey.

The actor’s targeting has focused on Azerbaijani government institutions, military and police organizations, financial institutions, and diplomatic missions, including embassies in Bulgaria, the Netherlands, Qatar, Belgium, and Poland. It has also directed attacks against Turkish websites in relation to claims surrounding the 1915 Armenian Genocide. The strategic objectives expressed in its statements include retaliation for perceived provocations, asserting territorial claims over Artsakh and Nakhichevan, and supporting Armenia’s position in the Nagorno‑Karabakh conflict.

Observed tactics, techniques, and procedures involve website defacement accompanied by propagandistic messages, the exfiltration and public release of personal data such as military officers’ names, identification numbers, phone numbers, and banking customer information, and the execution of large‑scale distributed denial‑of‑service attacks, notably a reported 300 GB DDoS against Azerbaijani servers. The group has also used leaked data from deceased officials to validate the authenticity of the information it releases.

Notable operations include the September 2016 breach of Azerbaijani government and financial systems that resulted in data leaks and the defacement of embassy websites and the Ministry of Foreign Affairs’ AIDA portal, the October 2014 defacement of Azerbaijani embassies in Belgium and Poland with an Artsakh‑themed message, the accompanying 300 GB DDoS attack on Azerbaijani infrastructure, and repeated incursions against Turkish online properties tied to genocide remembrance claims. These actions collectively illustrate the group’s pattern of using cyber tactics to advance Armenian nationalist objectives in the context of the Nagorno‑Karabakh dispute.

Incidents
Attributed incidents available to members
52 incidents
Sources
Sources available to members
7 sources