3C-INT | [Cyber]Crime Characterization for Intelligence

22C

ID: e1f46b8cbf7c9c514048ed97dacf7a6b93073

Hacktivist Group DDoS Crew Hacktivism

Threat types: Intrusion, DDoS

Russia

Updated: 2026-04-07

Created: 2025-10-20

Progress: 58% Completeness: 44% Freshness: 90%

Operation zone: —

Aliases Limited alias preview

No aliases registered.

Associated Threat Relationships

Limited preview

Related profiles 5
Related files 0

Related profiles

ID	Threat	Origin	Type	Categories
5220f70b399cf82f36d3fc3114e0535a	Horus Team	Russia	ally-of	Hacktivist Group
8e42712d8e2d0d7d6090bd2c3b4c94b794908	PalachPro	Russia	co-actor	Cybercrime
ba0e9ae91ba1b9b5b915d1d4b147736311264	SKILLNET	Russia	ally-of	Hacktivist Group
a51ebeeee9fccf528ada17b7db5c10fd	SoubearArmy	Russia	ally-of	Hacktivist Group
131885bdee7830a7b8da4526fc33b96895956	UserSec	Russia	affiliated	Hacktivist Group

Related files

No related files found.

Actor Network Graph

Open Network Graph

Read-only preview for anonymous visitors. Sign in with a free Research account for full workspace.

MITRE ATT&CK®

confidence: low-medium

Actor Techniques page ATT&CK® Diagram

22C — Russia-aligned hacktivist label with DDoS-first posture and claim-heavy narratives; notable for unverified high-visibility claims (e.g., ChatGPT outage, Jan 2025) amplified via Telegram.

Technique	Technique name	Tactics	Evidence
T1498	Network Denial of Service	TA0040	2024–2025 — Pattern of DDoS-centric campaigning within pro-Russia coalitions (ecosystem reporting). · ref
T1585	Establish Accounts	TA0042	2024–2025 — Telegram accounts/channels used for branding, tasking, and claims. · ref
T1102	Web Service	TA0011	2024–2025 — Web-service (Telegram) as operations broadcast medium across the DDoS ecosystem. · ref
T1190	Exploit Public-Facing Application	TA0001	2025-01-23 — 22C claimed involvement in a global ChatGPT outage—claim not corroborated by technical artifacts. · ref

Strategic Intelligence

Limited preview

Last updated: 2025-10-21T02:21:36+00:00

Preliminary Strategic Intelligence

22C — Russia-Aligned Hacktivist Label (Claims-Heavy, DDoS-First)

CLASSIFICATION: Unclassified / Open Source

Executive Summary

22C appears in the pro-Russia hacktivist constellation as a claims-heavy brand with DDoS-first posture and sporadic assertions of higher-impact “hacks.” Public reporting ties 22C to cause-based waves and one high-visibility claim (alleging involvement in a ChatGPT global outage, January 2025) that lacks corroborating technical artifacts—treat such statements as propaganda until verified. Confidence: low–medium (media relays of Telegram claims; limited primary telemetry).

Identity. Pro-Russia narrative alignment; Telegram for ops/claims; often co-mentioned alongside UserSec/NoName ecosystems. INFERENCE (medium) from ecosystem coverage.

Objectives. Visibility via DDoS claims and opportunistic exploitation narratives, tied to news cycles. INFERENCE (medium).

Full strategic intelligence is available in Analyst and Premium plans.

Executive Analyst Brief for CISO

Empty Limited preview

No content yet.

Tip: Hover the section title to learn what’s included in Analyst / Premium plans.

Saved successfully.

Hunting Playbook

Empty Limited preview

No content yet.

Tip: Hover the section title to learn what’s included in Analyst / Premium plans.

Saved successfully.

IOC Appendix

Empty Limited preview

No content yet.

Saved successfully.

OSINT Library

Empty Limited preview

No content yet.

Saved successfully.

Social Medial & Communication

SOCMINT integrated: 0/1

Telegram 1 0

Address	Verification	SOCMINT
`t.me/RU2****`	Restricted	Not integrated

Notes: preview mode hides sensitive social/contact details.

Reference Images/Associated Evidence Limited

No images found for this threat.

Threat Actor Characterization

22C

Associated Threat Relationships

Related profiles

Related files

Actor Network Graph

MITRE ATT&CK®

Strategic Intelligence

Executive Summary

Executive Analyst Brief for CISO

Hunting Playbook

IOC Appendix

OSINT Library

Social Medial & Communication

Reference Images/Associated Evidence Limited