Menu
Browse

Cyber Threat Actor: Logan Lamb

Actor Type Location Known Incidents
 Icon
Hacker
United States of America
1 incident
Profile

The threatactor is known by the alias Logan Lamb and is located in the United States of America. No additional aliases or affiliations are publicly documented in the source material. The actor’s identity remains tied to this single alias in the available reporting.

The only publicly reported activity linked to Logan Lamb involves a server operated by the Center for Election Systems at Kennesaw State University in Georgia. This server supported the programming of election machines for the state of Georgia. The incident occurred on December 2, 2014, when the system exhibited multiple security failures. The source does not specify a clear motive such as financial gain, espionage, or disruption for the observed actions.

Observed tactics included the exploitation of the Shellshock and Drupalgeddon vulnerabilities that were present on the server. An unauthorized user account was created under the pretense of patching Shellshock, which later facilitated suspicious activity. Files related to election data were deleted, and command logs were altered to conceal actions. No specific malware families or custom tooling are mentioned in the reporting.

The December 2014 compromise of the Georgia election server serves as the sole documented operation attributed to Logan Lamb. After the discovery, the server was wiped following legal proceedings, which limited further forensic analysis. This event represents the only publicly cited campaign associated with the actor.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
0 sources