Kaspersky stated that Twelve uses publicly available tools for cyber attacks against Russia, focusing on crippling networks without demanding ransom, resulting in severe damage.
Twelve has been active since April 2023, leveraging hack-and-leak tactics, and displaying a clear hacktivist agenda to disrupt operations rather than pursue financial gains.
While connected to the ransomware group DARKSTAR, Twelve's hacktivism differs by avoiding traditional extortion methods, showcasing the complexity of modern cyber threats.
Initial access is gained through authenticated accounts, and some attacks utilize contractor tools to infiltrate customer systems, exemplifying multifaceted intrusions in cybersecurity.
Collection
[
|
...
]