Cyber Threat Actor: HackNeT
| Actor Type | Location | Known Incidents |
Activist
|
Russia
|
2 incidents |
|---|
Profile
HackNeT is an alias used by a pro‑Russian hacker group that operates from Russia, as indicated in open‑source reporting. The actor has claimed responsibility for several cyber operations that align with Russian geopolitical interests. HackNeT’s public persona is primarily associated with disruptive actions rather than covert espionage. No public disclosures link HackNeT to malware development or traditional intrusion toolkits. The group’s activity has been observed in the context of politically motivated online campaigns.
On 5 June 2024 HackNeT launched a distributed denial‑of‑service campaign against Dutch political websites during the European Parliament elections. The attack traffic peaked at approximately 115 million requests per hour, equivalent to about 73 000 requests per second. Cloudflare telemetry showed the barrage was focused on at least three politically affiliated domains. Two of those domains received the highest volume of requests and were hit over two consecutive days. The resulting flood rendered the targeted services temporarily unavailable to users attempting to access election‑related information. The disruption coincided with the start of voting, affecting access to the targeted platforms. HackNeT publicly claimed responsibility for the operation through its usual communication channels. No evidence has been presented indicating the use of specific malware families or exploit kits in this incident. No further technical details about the group’s tooling or infrastructure have been disclosed in public reports. To date, the June 2024 Dutch election‑related DDoS incident is the most extensively documented operation attributed to HackNeT in open sources.
