3C-INT logo [Cyber]Crime Characterization for Intelligence FREE PREVIEW
You are exploring the Free preview. To unlock full read-only access to all public profiles and in-app notifications, create a free research account. For analyst / premium plans capabilities (editing, advanced tabs, exports), please contact us

Threat Actor Characterization

Back
You’re viewing the read-only version. Sign in for analyst tools (editors, promote draft, file/relations management, etc.)
pReCipiCe

pReCipiCe

ID: 96d17e83bd752dc07558f82fded89d7190059
Hacktivist Group Defacement Crew Hacktivism
Threat types: Defacement
Turkey TUR
Updated: 2026-04-21
Created: 2025-10-14
Progress: 73% Completeness: 61% Freshness: 100%
Operation zone: Turkey
Aliases Limited alias preview
pReCipiCex
Actor Network Graph
Open Network Graph
Read-only preview for anonymous visitors. Sign in with a free Research account for full workspace.
MITRE ATT&CK®
confidence: low
Actor Techniques page ATT&CK® Diagram

pReCipiCe (aka pReCipiCex) — alleged member/affiliate of RedHack. Due to insufficient public artifacts tying the handle to distinct operations, this entry inherits the group's activity footprint (defacements, leaks, DDoS) as indirect complicity. Unverified emails observed in OSINT: [email protected], [email protected].


Technique Technique name Tactics Evidence
T1491.002 External Defacement TA0040
  • 2012-02-28 — INFERENCE: indirect complicity via RedHack membership/affiliation; group defaced/altered police-facing resources and published content following the Ankara Police/POLNET incident. · ref
  • 2015-03-12 — INFERENCE: indirect complicity; RedHack defacement of the Istanbul Police Association site with a tribute message. · ref
T1190 Exploit Public-Facing Application TA0001
  • 2013-06-28 — INFERENCE: indirect complicity; SecurityWeek reports exploitation/authentication weaknesses at the Istanbul Special Provincial Administration portal consistent with public-facing app exploitation. · ref
  • 2014-01-11 — INFERENCE: indirect complicity; XSS on the Parliament/TBMM site used to inject messages, plus same-day compromises of other entities. · ref
T1565.001 Stored Data Manipulation TA0040
  • 2013-07-01 — INFERENCE: indirect complicity; debt write-off/forgiveness reported on Istanbul administration portals after intrusion (stored data manipulation). · ref
  • 2014-11-16 — INFERENCE: indirect complicity; reported bill cancellations in the Soma electricity distribution system following access. · ref
T1498 Network Denial of Service TA0040
  • 2012-04-27 — INFERENCE: indirect complicity; regulator acknowledged a DDoS that slowed TTNet (impact disputed). · ref
T1078 Valid Accounts TA0001 TA0003 TA0004 TA0005
  • 2016-12-07 — INFERENCE: indirect complicity; RedHack-attributed access to Energy Minister Berat Albayrak’s email accounts prior to mass publication. · ref
  • 2016-12-07 — INFERENCE: indirect complicity; civil-society reporting summarizes the large email trove and subsequent mirroring/blocks. · ref
T1041 Exfiltration Over C2 Channel TA0010
  • 2016-12-06 — INFERENCE: indirect complicity; publication/mirroring of large volumes of emails/documents following mailbox access. · ref
Strategic Intelligence
Limited preview
Last updated: 2025-10-14T20:41:35+00:00
pReCipiCe — Alleged RedHack Member

CLASSIFICATION: Unclassified / Open Source

Full strategic intelligence is available in Analyst and Premium plans.
Executive Analyst Brief for CISO
Empty Limited preview
No content yet.
Tip: Hover the section title to learn what’s included in Analyst / Premium plans.
Executive brief now
Saved successfully.
Hunting Playbook
Empty Limited preview
No content yet.
Tip: Hover the section title to learn what’s included in Analyst / Premium plans.
Hunting Playbook now
Saved successfully.
IOC Appendix
Empty Limited preview
No content yet.
IOC Appendix now
Saved successfully.
OSINT Library
Empty Limited preview
No content yet.
OSINT Library now
Saved successfully.
Social Medial & Communication
SOCMINT integrated: 0/2
Address Verification SOCMINT
pr********@hotmail.com Restricted Not integrated
pr********@msn.com Restricted Not integrated
Notes: preview mode hides sensitive social/contact details.
Reference Images/Associated Evidence Limited
No images found for this threat.