FreeCivilian emerged in January 2022, initially claiming access to significant data before launching a leak website in late February 2022, coinciding with the 2022 Russian invasion of Ukraine. This group is assessed with moderate confidence to be a nation-state actor, potentially linked to Belarusian or Russian government entities such as UNC1151 or GRU, rather than an independent cybercriminal entity. Its primary motivation is disruptive and politically driven, aiming to destabilize Ukrainian government operations through data leaks and website defacements, distinguishing it from typical ransomware groups that prioritize financial gain. FreeCivilian notably attempted to monetize stolen data on dark web forums but, upon failure, released it for free, a behavior inconsistent with pure financial extortion and indicative of state-sponsored hacktivism.

Paises afectados

Sectores atacados

URLs nuevas detectadas en IntelTracker