3C-INT logo [Cyber]Crime Characterization for Intelligence FREE PREVIEW
You are exploring the Free preview. To unlock full read-only access to all public profiles and in-app notifications, create a free research account. For analyst / premium plans capabilities (editing, advanced tabs, exports), please contact us

Threat Actor Characterization

Back
You’re viewing the read-only version. Sign in for analyst tools (editors, promote draft, file/relations management, etc.)
Wolves of Turan

Wolves of Turan

ID: 178cca0f19ada4f489ac5fc3d73b047481691
Hacktivist Group Hacktivism
Threat types: Hacktivism
Turkey ARM, GRC, ISR
Updated: 2026-04-03
Created: 2026-03-28
Progress: 87% Completeness: 85% Freshness: 90%
Operation zone: Armenia, Greece, Israel
Aliases Limited alias preview
Turan’ınKurtları
Actor Network Graph
Open Network Graph
Read-only preview for anonymous visitors. Sign in with a free Research account for full workspace.
MITRE ATT&CK®
confidence: medium
Actor Techniques page ATT&CK® Diagram

Wolves of Turan is an emerging pro-Turkic hacktivist cluster publicly associated with propaganda-heavy messaging, alliance signaling, and likely DDoS-style disruption against visible digital services.


Technique Technique name Tactics Evidence
T1498 Network Denial of Service TA0040
  • 2026-03-26 — Public CTI reporting described website accessibility disruptions and telecom-outage claims consistent with denial-of-service style activity. · ref
T1102 Web Service TA0011
  • 2026-03-26 — Public reporting described coordinated propaganda distribution via Telegram, indicating use of web/social services for messaging and campaign coordination. · ref
T1595 Active Scanning TA0043
  • 2026-03-28 — INFERENCE (confidence: medium): an actor targeting visible public services for disruption likely performs basic reconnaissance and service enumeration before attack waves. · ref
T1583 Acquire Infrastructure TA0042
  • 2026-03-28 — INFERENCE (confidence: medium): short-lived disruptive campaigns likely require rented or intermediary infrastructure to generate traffic or coordinate operations. · ref
T1491.001 Internal Defacement TA0040
  • 2026-03-28 — INFERENCE (confidence: low): if Wolves of Turan broadens beyond disruption-only effects, website defacement would align with the actor’s visibility-first posture. · ref
Strategic Intelligence
Limited preview
Last updated: 2026-03-29T02:35:26+00:00
Wolves of Turan — Emerging pro-Turkic hacktivist cluster

Classification: Unclassified / Open Source Intelligence (OSINT) — TLP:WHITE

Category: Hacktivism / Ideology-driven disruptive cluster — Origin: Turkey (assessed, medium confidence)

Author: iQBlack CTI Team


Executive Summary

Wolves of Turan is best assessed as an emerging pro-Turkic hacktivist cluster that surfaced publicly in March 2026 through Telegram-centered propaganda and social amplification. Current public reporting associates the brand with politically charged messaging, public claims of disruptive activity against telecom-related infrastructure, and likely DDoS-style website accessibility attacks rather than mature, stealth-oriented intrusion operations.


The actor should be treated with analytical caution. At present, independent verification of its most visible claims appears limited, and the public evidence base is still shallow. Even so, the cluster already shows several features common to contemporary hacktivist operations: ideology-first framing, public alliance signaling, narrative amplification through social platforms, and a preference for symbolic and high-visibility targets.

Full strategic intelligence is available in Analyst and Premium plans.
Executive Analyst Brief for CISO
Saved Limited preview

Executive Analyst Brief for CISO — Wolves of Turan


Upgrade to access the full executive brief.
Tip: Hover the section title to learn what’s included in Analyst / Premium plans.
Executive brief now
Saved successfully.
Hunting Playbook
Saved Limited preview

Hunting Playbook — Wolves of Turan


Upgrade to access the full hunting playbook.
Tip: Hover the section title to learn what’s included in Analyst / Premium plans.
Hunting Playbook now
Saved successfully.
IOC Appendix
Saved Limited preview
Last updated: 2026-03-29T02:40:39+00:00

IOC Appendix — Wolves of Turan

Classification: Unclassified / Open Source Intelligence (OSINT) — TLP:WHITE

More IOC context for Research. Full appendix for Analyst and Premium plans.
IOC Appendix now
Saved successfully.
OSINT Library
Saved Limited preview
Last saved: 2026-03-29T02:40:55+00:00

OSINT Library — Wolves of Turan


2026-03-26 — ThreatMon End-to-End Intelligence — “Emerging Hacktivist Activity: Wolves of Turan”

Full OSINT references available for Research / Analyst.
OSINT Library now
Saved successfully.
Social Medial & Communication
SOCMINT integrated: 0/2
Address Verification SOCMINT
t.me/Wol**************** Restricted Not integrated
t.me/Wol************ Restricted Not integrated
Notes: preview mode hides sensitive social/contact details.
Reference Images/Associated Evidence Limited
Showing 1–5 of 5 images
Alliance with BD Anonymous Free Preview
Alliance with BD Anonymous
Logo Free Preview
Logo
Alliance with Keymous Team Free Preview
Alliance with Keymous Team
Alliance with KONCO ERROR SYSTEM Free Preview
Alliance with KONCO ERROR SYSTEM
Logo Free Preview
Logo
Showing 4 of 5 images in preview mode. Additional evidence is restricted for Analyst and Premium plans.