Menu
Browse

Cyber Threat Actor: 3xp1r3 Cyber Army

Actor Type Location Known Incidents
 Icon
Sensationalist
Bangladesh
1 incident
Profile

3xp1r3 CyberArmy is a hacker collective that operates under the alias 3xp1r3 Cyber Army and has been publicly identified as originating from Bangladesh. The group first came to attention in early 2015 when it claimed responsibility for a website defacement incident. No other aliases or alternative names have been documented in the available sources. The actor’s geographic base is limited to the information that places its operators within Bangladesh.

The only publicly reported activity attributed to 3xp1r3 Cyber Army involves the compromise of a subdomain belonging to the Arizona Army National Guard’s Environmental Division, which is part of the Arizona Department of Emergency and Military Affairs. The defacement occurred on February 2 2015 and replaced the legitimate content with a message that criticized the site’s security posture and asserted the group’s responsibility. This act was intended to highlight perceived weaknesses in the target’s defenses and to gain notoriety through a public claim of credit. No evidence suggests that the operation was motivated by financial gain, espionage, or prolonged disruption beyond the immediate defacement.

The observed tactics, techniques, and procedures consist solely of web defacement; the actors gained unauthorized access to the subdomain, replaced its content with a custom deface page, and subsequently distributed proof of the compromise via mirror sites and screenshots. No malware families, exploit kits, phishing vectors, or specific tooling have been mentioned in the reporting. The group’s methodology appears limited to exploiting a vulnerability that allowed them to modify the website’s files and to publicize the success through defacement archives. No further details about initial access or post‑exploitation behavior are available from the sources.

Attribution to any state sponsor or criminal consortium has not been established in the open‑source material; the group is described only as a Bangladeshi hacker collective without alleged ties to governmental entities or larger criminal networks. The 2015 defacement of the Arizona Army National Guard subdomain remains the sole notable campaign that has been publicly linked to 3xp1r3 Cyber Army, representing a discrete incident rather than a series of operations. The actor’s known footprint is therefore confined to this single event, which illustrates a capability for website alteration and a motive to broadcast perceived security shortcomings.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
1 source