Menu
Browse

Cyber Threat Actor: New World Hackers

Aliases: 2 aliases
Actor Type Location Known Incidents
 Icon
Activist
United States of America
11 incidents
Profile

New World Hackers, also known by the alias NWH, is a hacktivist group that has publicly identified itself as operating from the United States of America and maintains an affiliation with the broader Anonymous collective, having participated in operations such as OpDomesticTerrorism and OpAfrica. The group has also been linked to the individual hacker known as Kapustkiy, who has described his actions as being carried out in affiliation with New World Hackers. This affiliation places the actor within a loosely organized hacktivist milieu that conducts operations motivated by perceived social and political grievances rather than financial gain.

The group’s targeting patterns, as described in the supplied sources, include government and municipal websites in the United States—such as city websites in Charlottesville, Denver, and Salt Lake City—as well as police department sites, airport portals, and banking institutions like First Utah Bank and the Bank of Denver. Internationally, the actor has claimed responsibility for breaches of a Venezuelan government website and the Russian Consular Department in the Netherlands, and has threatened future actions against extremist media outlets. In addition to governmental targets, New World Hackers has repeatedly aimed at high‑profile celebrity and entertainment platforms, including the website of Olympic swimmer Michael Phelps and the Xbox Live gaming service, and has conducted data‑exfiltration operations against a South African university, leaking exam papers, personal data of students and alumni, and internal administrative credentials. The stated objectives behind these actions, as expressed in the group’s own statements, are to protest perceived injustices such as police brutality, political repression, and alleged systemic failures, to expose security vulnerabilities, and to demand accountability from authorities or institutions they view as complicit.

The tactics, techniques, and procedures referenced in the material primarily involve distributed denial‑of‑service attacks carried out with a tool dubbed BangStresser, which was used against the Michael Phelps site, Xbox Live, and various municipal targets. The actor has also employed web‑application exploits, notably a Local File Inclusion vulnerability to compromise the Venezuelan government site and alleged SQL‑injection attempts on other unspecified sites. Data theft operations have involved exfiltrating databases and publishing the information on paste sites such as Pastebin, while website defacement was reported in the South African university breach. The group’s public statements have framed these actions as demonstrations of power or as tests of capability, with occasional references to future campaigns against extremist channels, though those specific operations are not documented as having been executed in the provided sources. All of the above details are drawn exclusively from the supplied incident descriptions and associated articles.

Incidents
Attributed incidents available to members
11 incidents
Sources
Sources available to members
5 sources