Menu
Browse

Cyber Threat Actor: Pak Cyber Eaglez

Aliases: 2 aliases
Actor Type Location Known Incidents
 Icon
Activist
Pakistan
2 incidents
Profile

PakCyber Eaglez and Pakiz Cyber Squad are two aliases used by a hacker collective that operates from Pakistan and has been linked to multiple cyber incidents targeting both governmental and private sector entities. The group first came to public attention in early 2014 when it claimed responsibility for a breach of an Australian financial services provider, leaking personal and financial data of hundreds of affiliate users. Later that same year, the collective, under the name Pak Cyber Eaglez, defaced and extracted data from the Azad Kashmir government portal, protesting what it described as government brutality. These activities demonstrate that the actors are capable of conducting website defacements, database exfiltration, and the public distribution of stolen information via Pastebin.

The collective’s targeting pattern includes government departments such as police, finance, health, industry, social welfare, education, and tourism, as well as financial services firms offering insurance, investment, and superannuation products. In the government portal incident, the actors explicitly stated that their action was a protest against alleged government misconduct, indicating a motive rooted in political or social dissent rather than financial gain. In the financial services breach, the actors disclosed usernames, full names, physical and email addresses, phone numbers, plaintext passwords, and select PayPal email addresses, affecting 527 individuals, but no explicit motive was provided in the reporting. Observed tactics, techniques, and procedures involve gaining unauthorized access to online portals, extracting credential databases (sometimes obtaining only password hashes), defacing web pages with political messages, and publishing the stolen data on Pastebin to maximize exposure. No specific malware families, exploit kits, or initial access vectors are described in the available sources.

Attribution to the group is based on self‑identification in the leaked Pastebin posts and news reporting that labels the actors as Pakistani hackers; no public evidence links them to a state sponsor or a larger criminal consortium. The two highlighted campaigns—the 2014 breach of Financial Services Online Australia and the 2014 defacement of the Azad Kashmir government portal—represent the most documented operations attributed to Pak Cyber Eaglez/Pakiz Cyber Squad. These incidents illustrate the group’s ability to affect both regional governmental infrastructure and international commercial entities through data theft and website disruption, while leaving behind a traceable trail of leaked credentials and personal information on public paste sites.

Incidents
Attributed incidents available to members
2 incidents
Sources
Sources available to members
2 sources