Colombian government websites are under assault by a suspected hacktivist group called SiegedSec, which claims to have leaked 6GB of data, including emails, confidential documents, and ID cards, a threat intelligence analyst says.
FalconFeedsio posted notifications on Twitter today and on May 27th regarding the campaign, citing SiegedSec as saying the latest cyberattack marked “our third and final Operation Colombia attack.”
“In this attack, we’re releasing databases of government websites, and we have carried out attacks on power supply controllers and fuelling systems,” FalconFeedsio quoted SiegedSec as saying.
FalconFeedsio says the suspected hacktivist group claims to have leaked 6GB of data, “including databases, backend files, emails, confidential documents, and identification cards” from the jcc.gov.co and hlp.gov.co websites.
Both these portals appeared to be fully active at the time of writing, as were some, though not all, of the other Colombian websites named by FalconFeedsio as having been subjected to the SiegedSec campaign.
According to threat actor analyst Dark Owl, SiegedSec is a hacktivist group that emerged around the time of the Russian invasion of Ukraine last February under the leadership of the mysterious YourAnonWolf.
However, whether or not SiegedSec is entirely partisan in nature remains a mystery: while it appears to target victims indiscriminately, it does not appear to be motivated by money and is not thought to have made any ransom demands from its targets.
In February this year, cybersecurity analyst SocRadar claimed that SiegedSec “shows no preference for the industries or locations of its victims.”
It added: “They have successfully targeted companies across numerous industries all around the world, including healthcare, information technology, insurance, legal, and finance.”
In the space of a single year, SiegedSec has reportedly compromised around 30 companies, stealing data and leaking emails.
But SocRadar further added: “They have leaked stolen data on various forums but have not used ransomware or attempted to sell it.”
SiegedSec is possibly more anarchist in its motives than anything else.
Its final message, as tweeted by FalconFeedsio, reads: “We hope both you and the Colombian government enjoyed our series of attacks. Although we will move on from this operation, we still stand by org0n [sic] and will support from the sidelines when we’re able. We’ll return to our regular malicious hacking now.”
Who or what “org0n” is also remained unclear at the time of writing.
More from Cybernews:
Subscribe to our newsletter