Menu
Browse

Cyber Threat Actor: TeaM NETWORK9

Aliases: 3 aliases
Actor Type Location Known Incidents
 Icon
Activist
India
5 incidents
Profile

The threat actor is known by the aliases Team Unknown, TeaM NETWORK9 and Team Hind Hackers. Open‑source references link the group to India as its base of operations. The actor first came to attention in June 2015 when a collective using the name Team Unknown claimed to have accessed OlaCabs’ internal database. Later activity in January 2024 saw the same or related collectives operating under the TeaM NETWORK9 moniker.

In the OlaCabs incident the actor asserted that it had obtained credit‑card transaction histories, unused voucher codes and user behaviour data from a staging environment. The group described the breach as resulting from a weakly configured development server and claimed it had notified the company without receiving a response. In January 2024 the actor, identifying itself as TeaM NETWORK9 and describing its members as 'Bharatiya hackers', defaced multiple Maldivian government websites including those of the President's Office, Foreign Ministry, Tourism Ministry and Juvenile Court. The defacement messages cited inflammatory remarks by Maldivian officials as motivation and warned of further cyber disruptions unless the statements ceased.

The actor’s described tactics in the OlaCabs case involved exploiting a weakly configured development/staging server to reach a MySQL database and extract data; no malware families or specific tools were mentioned in the reporting. In the website defacement operations the actor used web‑site defacement techniques to replace content with political messages and burned flag imagery, a method that does not require custom malware. Public sources do not attribute the actor to any state sponsor or criminal consortium, describing it instead as an independent hacking collective. Representative campaigns cited in the open‑source record are the June 2015 OlaCabs data‑access claim, the January 2024 Maldivian government website defacement wave and the September 2015 retaliatory defacement of Pakistani government and educational sites conducted alongside Mallu Cyber Soldiers and Hell Shield Hackers.

Incidents
Attributed incidents available to members
5 incidents
Sources
Sources available to members
1 source