3C-INT logo [Cyber]Crime Characterization for Intelligence FREE PREVIEW
You are exploring the Free preview. To unlock full read-only access to all public profiles and in-app notifications, create a free research account. For analyst / premium plans capabilities (editing, advanced tabs, exports), please contact us

Threat Actor Characterization

Back
You’re viewing the read-only version. Sign in for analyst tools (editors, promote draft, file/relations management, etc.)
Shadow Cyber Security

Shadow Cyber Security

ID: 1d7ebd872d46738a4ad9398968b7a11e36500
Hacktivist Group Hacktivism
Threat types: Hacktivism
Unknown ISR, USA
Updated: 2026-03-14
Created: 2026-02-19
Progress: 81% Completeness: 85% Freshness: 70%
Operation zone: Israel, United States
Aliases Limited alias preview
Cyber Security Shadow³³
Actor Network Graph
Open Network Graph
Read-only preview for anonymous visitors. Sign in with a free Research account for full workspace.
MITRE ATT&CK®
confidence: medium
Actor Techniques page ATT&CK® Diagram

Shadow Cyber Security is referenced in OSINT primarily as an alliance partner of Keymous+ (Aug 2025) with a stated focus on intelligence sharing. Standalone offensive operations are not well documented in the reviewed sources. ATT&CK mapping is therefore conservative and focuses on coordination/propaganda and reconnaissance support; direct disruption techniques should not be attributed to Shadow Cyber Security without direct evidence.


Technique Technique name Tactics Evidence
T1585.001 Social Media Accounts TA0042
  • 2025-10-01 — Alliance relationships and intelligence sharing are referenced in OSINT profiling; such alliances are commonly coordinated and amplified via social platforms. · ref
  • 2025-08-02 — Public monitoring account reports alliance announcement between Keymous+ and Shadow Cyber Security (amplification signal). · ref
T1595 Active Scanning TA0043
  • 2025-10-01 — INFERENCE (confidence: medium): stated 'intelligence sharing' role implies reconnaissance/collection activities supporting partner targeting; specific methods not disclosed in reviewed sources. · ref
Strategic Intelligence
Limited preview
Last updated: 2026-02-23T03:18:00+00:00

Shadow Cyber Security — North Africa‑Context Hacktivist Brand (Alliance Partner of Keymous+; Intel‑Sharing Focus)

Classification: TLP: WHITE — Open Source Intelligence (OSINT)

Category: Cyber / Hacktivism — Alliance support role; intelligence sharing; influence / information warfare adjacency

Assessed home base: Unclear; OSINT places activity context in North Africa via alliance positioning



Executive Summary

Shadow Cyber Security is a hacktivist-branded entity referenced in OSINT primarily through its relationship with Keymous+, a prominent North African hacktivist collective. A 2025 Orange Cyberdefense profile of Keymous+ describes Shadow Cyber Security as having formed a formal alliance with Keymous+ in August 2025, with a primary focus on intelligence sharing. The same reporting frames the relationship as mutually supportive in North African contexts and tied to regional influence and information warfare motivations.

Beyond alliance references, open sources reviewed for this deliverable provide limited independent detail on Shadow Cyber Security’s standalone operations, targets, or technical tooling. Accordingly, this profile treats Shadow Cyber Security as an ecosystem node: a brand whose main evidenced role is alliance-level support (intel sharing and mutual enablement) rather than a fully documented, independently profiled operator.

Confidence is high that Shadow Cyber Security is publicly recognized as an alliance partner of Keymous+ with an “intelligence sharing” role. Confidence is low–medium regarding specific offensive capabilities or independent operations, due to a lack of consistent technical artifacts and third-party validation in open reporting reviewed here.

Full strategic intelligence is available in Analyst and Premium plans.
Executive Analyst Brief for CISO
Saved Limited preview

Executive Analyst Brief for Decision Makers — Shadow Cyber Security


Upgrade to access the full executive brief.
Tip: Hover the section title to learn what’s included in Analyst / Premium plans.
Executive brief now
Saved successfully.
Hunting Playbook
Saved Limited preview

Hunting Playbook — Shadow Cyber Security (Alliance Enablement / Intel‑Sharing Node)


Upgrade to access the full hunting playbook.
Tip: Hover the section title to learn what’s included in Analyst / Premium plans.
Hunting Playbook now
Saved successfully.
IOC Appendix
Saved Limited preview
Last updated: 2026-02-23T03:19:01+00:00

IOC Appendix (TLP:WHITE) — Shadow Cyber Security

Note: Reviewed OSINT does not provide stable, high-fidelity technical indicators (e.g., malware hashes, dedicated C2 domains) attributable to Shadow Cyber Security. This appendix therefore focuses on behavioral indicators and correlation cues relevant to an alliance enablement node.

More IOC context for Research. Full appendix for Analyst and Premium plans.
IOC Appendix now
Saved successfully.
OSINT Library
Saved Limited preview
Last saved: 2026-02-23T03:19:14+00:00

OSINT Library — Shadow Cyber Security


2025-10-01 — Orange Cyberdefense (PDF) — “Keymous+ Group — Cyber Intelligence Bureau (mentions Shadow Cyber Security alliance, Aug 2025)”

Full OSINT references available for Research / Analyst.
OSINT Library now
Saved successfully.
Social Medial & Communication
SOCMINT integrated: 0/1
Address Verification SOCMINT
t.me/Sha********** Restricted Not integrated
Notes: preview mode hides sensitive social/contact details.
Reference Images/Associated Evidence Limited
Showing 1–1 of 1 images
Logo Free Preview
Logo