Menu
Browse

Cyber Threat Actor: cybervor

Aliases: 2 aliases
Actor Type Location Known Incidents
 Icon
Criminal
China
3 incidents
Profile

The threat actor known as cybervor (also using the alias @cyberv0r) has been publicly linked to multiple cyber incidents targeting organizations in the United States. This actor compromised entities across different sectors, including private companies and educational institutions. Publicly reported operations indicate a focus on US-based targets such as technology firm Topcon, website operator Allosambre.com, and Miami University. The group’s strategic objectives combined ideological motivations with organizational or personal gain, as explicitly cited in incident summaries. Their activities consistently aimed at compromising data confidentiality through unauthorized access and exfiltration rather than causing system disruption or integrity damage.

Cybervor’s tactics involved exploiting vulnerabilities in victim infrastructure to access application servers and end hosts, enabling data theft. The actor publicly claimed responsibility for the 2015 breach of Miami University, leaking credentials, and was attributed by third-party sources to the 2016 attacks against Topcon and Allosambre.com. These operations demonstrated a pattern of extracting sensitive information without affecting system availability. Public reporting identifies Russia as the group’s origin, with no evidence suggesting state affiliation or criminal consortium ties beyond the actor’s independent operations. The repeated focus on data exfiltration from US entities highlights consistent targeting priorities aligned with the actor’s dual ideological and gain-driven objectives.

Incidents
Attributed incidents available to members
3 incidents
Sources
Sources available to members
0 sources