3C-INT logo [Cyber]Crime Characterization for Intelligence FREE PREVIEW
You are exploring the Free preview. To unlock full read-only access to all public profiles and in-app notifications, create a free research account. For analyst / premium plans capabilities (editing, advanced tabs, exports), please contact us

Threat Actor Characterization

Back
You’re viewing the read-only version. Sign in for analyst tools (editors, promote draft, file/relations management, etc.)
Team System DZ

Team System DZ

ID: fb621df16aebfebcc1c84d62bfa875e7
Hacktivist Group Collective CyberTerrorism Defacement Crew Hacktivism
Threat types: Pro-ISIS, Cyberterrorism, DDoS, Defacement, Propaganda
Algeria BLZ, DOM, FRA, DEU, IRN, ISR, ITA, NLD, NGA, PER, ROU, ARE, USA
Updated: 2026-03-09
Created: 2025-10-17
Progress: 85% Completeness: 92% Freshness: 70%
Operation zone: Belize, Dominican Republic, France, Germany, Iran, Israel, Italy, Netherlands, Nigeria, Peru, Romania, United Arab Emirates, United States
Aliases Limited alias preview
Team System DZ TeamSystemDZ T**** ٹی*********
Showing 2 of 4 aliases in free preview.
Actor Network Graph
Open Network Graph
Read-only preview for anonymous visitors. Sign in with a free Research account for full workspace.
MITRE ATT&CK®
confidence: medium-high
Actor Techniques page ATT&CK® Diagram

Team System DZ is described in OSINT as a low-sophistication defacement actor aligned in reporting with pro-ISIS/Daesh propaganda messaging. Activity is primarily opportunistic compromise of public-facing websites (often weak/outdated CMS or credentials) followed by homepage defacement and claim amplification.


Technique Technique name Tactics Evidence
T1595 Active Scanning TA0043
  • 2017-06-26 — INFERENCE (confidence: medium): opportunistic discovery of weak public-facing sites is implied by repeated defacement waves and broad target set. · ref
T1110 Brute Force TA0006
  • 2017-06-26 — Brute-force against WordPress is referenced as a plausible method in analysis context. · ref
T1190 Exploit Public-Facing Application TA0001
  • 2017 — INFERENCE (confidence: medium): exploitation of technical vulnerabilities in outdated web stacks is consistent with descriptions of unsophisticated methods and target selection. · ref
T1491.002 External Defacement TA0040
  • 2017-06-29 — Website defacements attributed to Team System DZ are the primary reported activity. · ref
T1585 Establish Accounts TA0042
  • 2019-04-22 — Supporter hacking brands use public artifacts and social amplification to create an appearance of cyber-power; Team System DZ is discussed as part of this ecosystem. · ref
Strategic Intelligence
Limited preview
Last updated: 2026-03-09T05:26:01+00:00
Team System DZ — Pro-ISIS Defacement Crew (Algeria-linked)

Classification: Unclassified / Open Source Intelligence (OSINT) — TLP:WHITE

Full strategic intelligence is available in Analyst and Premium plans.
Executive Analyst Brief for CISO
Saved Limited preview

Executive Analyst Brief for Decision Makers — Team System DZ

Classification: Unclassified / OSINT — TLP:WHITE

Upgrade to access the full executive brief.
Tip: Hover the section title to learn what’s included in Analyst / Premium plans.
Executive brief now
Saved successfully.
Hunting Playbook
Saved Limited preview

Hunting Playbook — Team System DZ (Defacement-focused)

Purpose: Detect and disrupt opportunistic web compromise leading to propaganda defacement, with emphasis on WordPress/CMS brute force, exploit probing, unauthorized content changes, and post-defacement persistence (webshells). This actor class is “low sophistication, high optics,” so the decisive advantage is hygiene + fast integrity detection + rapid rollback.

Upgrade to access the full hunting playbook.
Tip: Hover the section title to learn what’s included in Analyst / Premium plans.
Hunting Playbook now
Saved successfully.
IOC Appendix
Saved Limited preview
Last updated: 2026-03-09T05:29:45+00:00

IOC Appendix — Team System DZ

Classification: Unclassified / OSINT — TLP:WHITE

More IOC context for Research. Full appendix for Analyst and Premium plans.
IOC Appendix now
Saved successfully.
OSINT Library
Saved Limited preview
Last saved: 2026-03-09T05:30:31+00:00

OSINT Library — Team System DZ


2015-01-29 — The Guardian — “London-based charity hacked by pro-Isis group”

Full OSINT references available for Research / Analyst.
OSINT Library now
Saved successfully.
Social Medial & Communication
SOCMINT integrated: 0/2
Address Verification SOCMINT
www.facebook.com/tea********** Restricted Not integrated
Address Verification SOCMINT
te**********@gmail.com Restricted Not integrated
Notes: preview mode hides sensitive social/contact details.
Reference Images/Associated Evidence Limited
Showing 1–2 of 2 images
Hacked website - Propaganda Free Preview
Hacked website - Propaganda
Hacked website - Propaganda Free Preview
Hacked website - Propaganda