Menu
Browse

Cyber Threat Actor: @injekt_

Actor Type Location Known Incidents
 Icon
Activist
1 incident
Profile

The threat actor known as @injekt_ operates alongside collaborators such as @ChrichirTheGod, targeting educational institutions in Australia and the United States. Public reporting indicates their involvement in multiple SQL injection (SQLi) attacks against universities and vocational training providers between March 2015 and earlier. These operations focused on breaching databases containing sensitive student information, payment records, and institutional communications.

Their confirmed campaigns include compromising FIT College in Australia, where they accessed over 5,000 student records and 6,000 payment records containing names, email and postal addresses, bank account details, and full credit card information with CVV codes. Simultaneously, they breached South West TAFE (Australia) and the University of Oklahoma (U.S.), leveraging SQLi vulnerabilities to infiltrate servers. The actor demonstrated a pattern of publicly notifying victims via Twitter and Pastebin when institutions failed to respond to initial breach disclosures. At the University of Oklahoma, they specifically accessed private office communications dating from February 2015 onward, though they claimed not to have exfiltrated student records despite having the capability to do so.

The actor’s operational security practices included avoiding full data downloads while proving access through database listings and selective screenshots. Their public communications criticized victim organizations for inadequate security measures, particularly highlighting unaddressed vulnerabilities. No financial demands, malware usage, or state-sponsored affiliations were documented in these incidents. The collaboration with @ChrichirTheGod appears limited to specific operations rather than a formalized group structure. Educational institutions remained their primary targets during the documented timeframe, with geographic focus on English-speaking countries.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
2 sources