Menu
Browse

Cyber Threat Actor: Nepal Cyber Army

Actor Type Location Known Incidents
 Icon
Activist
Nepal
1 incident
Profile

The threat actor knownas the Nepal Cyber Army, also observed using the alias Avian, operates from within Nepal. Publicly available reporting identifies the group as a loosely organized collective that has claimed responsibility for website defacements targeting Nepali governmental entities. The actor’s known activity is limited to a single documented incident in which it asserted control over a government web property and claimed broader network access. No public sources attribute the Nepal Cyber Army to a state sponsor, criminal syndicate, or ideological movement beyond its self‑described nationalist messaging. Consequently, any assessment of its size, funding, or technical sophistication must remain unspecified due to lack of corroborating evidence. The available information permits only a factual description of the alias, geographic nexus, and the one confirmed operation.

On August 17, 2015, the Nepal Cyber Army, together with the alias Avian, defaced the official website of the Kathmandu Valley Town Development Committee. The defacement page displayed a warning message directed at Nepali politicians, asserting that the group had also gained access to the server of the Department of Transportation. The message threatened to publish the bank details of prominent leaders—Puspa Kamal Dahal, Baburam Bhattrai, Hishila Yami, and Sujata Koirala—unless those individuals ceased organizing strikes. By linking the threat of financial exposure to a demand for political concession, the actors demonstrated a coercive objective aimed at disrupting protest activities. The incident illustrates the actor’s reliance on website defacement as a primary tactic to convey pressure and to signal claimed infiltration of additional government systems. No accompanying malware, exploit code, or specific initial‑access vector was disclosed in the public report, so the technical means used remain unspecified. The operation stands as the sole publicly cited campaign for the Nepal Cyber Army, providing the only concrete example of its targeting of governmental institutions in Nepal. Consequently, the actor’s known focus is confined to Nepali governmental web assets and the strategic aim of leveraging disclosed data to influence political behavior. No further operations, affiliations, or tooling details have been verified in open sources, precluding any extension of the profile beyond these facts. This summary therefore reflects strictly the evidenced attributes of the Nepal Cyber Army without extrapolation or speculation.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
1 source