Threat Actor Characterization
You’re viewing the read-only version.
Sign in for analyst tools (editors, promote draft, file/relations management, etc.)
Ghost Algeria
ID: 6622a1e25709c2f7a760760c63b67d83
Hacktivist Group
Hacktivism
Threat types: Hacktivism, Intrusion
Progress: 67%
Completeness: 66%
Freshness: 70%
Operation zone: —
Aliases
Limited alias preview
| GhostAlgeria | — | — | — |
Actor Network Graph
Open Network GraphMITRE ATT&CK®
confidence: medium
Ghost Algeria is an Algeria-linked hacktivist brand/marker referenced in FunkLocker/FunkSec ransomware reporting (e.g., ransom-note variants and early payload branding).
| Technique | Technique name | Tactics | Evidence |
|---|---|---|---|
| T1486 | Data Encrypted for Impact | TA0040 |
|
| T1490 | Inhibit System Recovery | TA0040 |
|
| T1078 | Valid Accounts | TA0001 TA0003 TA0004 TA0005 |
|
| T1059 | Command and Scripting Interpreter | TA0002 |
|
| T1021.001 | Remote Desktop Protocol | TA0008 |
|
Executive brief
now
Saved successfully.
Hunting Playbook
now
Saved successfully.
IOC Appendix
now
Saved successfully.
OSINT Library
now
Saved successfully.