Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Matrix Botnet

BO_Team (BO Team) – Threat Actor

January 25, 2025
Reading Time: 3 mins read
in Threat Actors
BO_Team (BO Team) – Threat Actor

BO_Team

Other Names

BO Team

Location

Ukraine

Date of initial activity

2023

Suspected Attribution 

Hacktivists

Motivation

Hacktivism

Software

Servers
Networks

Overview

BO Team is a pro-Ukraine hacktivist group that has gained significant attention for its high-profile cyberattacks against Russian targets. Emerging in the wake of the ongoing conflict between Russia and Ukraine, BO Team has positioned itself as a formidable force in the realm of cyber warfare. Unlike typical hacktivist groups, which often focus on website defacements or data leaks, BO Team has demonstrated a capability and willingness to inflict severe operational damage on critical infrastructure, particularly those tied to Russia’s military and governmental operations. One of the most notable incidents attributed to BO Team involved a devastating attack on the Far Eastern Scientific Research Center of Space Hydrometeorology “Planet” in Russia. The group reportedly compromised over 280 servers within the facility, wiping approximately 2 petabytes of critical meteorological and satellite data. This data was integral to the operations of multiple Russian state entities, including the General Staff and the Ministry of Defense. The attack not only resulted in significant data loss but also caused extensive physical damage to the research center’s infrastructure, including its air conditioning, humidification, and emergency power systems.

Common Targets 

Public Administration – Russia

Attack vectors

Software Vulnerabilities Phishing Credential Based Attacks

How they work

One of the key elements of BO Team’s operations is their use of highly coordinated and complex attacks on network infrastructures. In the case of the Far Eastern Scientific Research Center of Space Hydrometeorology “Planet,” BO Team successfully infiltrated the facility’s network by compromising 280 servers. This likely involved a combination of techniques such as spear-phishing, exploiting unpatched vulnerabilities, and leveraging stolen credentials to gain initial access. Once inside the network, BO Team would have conducted extensive reconnaissance to map out the system architecture and identify critical nodes that, if disrupted, would cause maximum damage. A significant aspect of BO Team’s technical operations is their ability to conduct large-scale data destruction. In the attack on the Russian research center, the group managed to wipe approximately 2 petabytes of data, which included essential meteorological and satellite information used by the Russian military. This level of data destruction suggests the use of advanced wiping tools designed to overwrite data on a massive scale, making recovery virtually impossible. Such tools likely employed secure delete protocols that go beyond simple file deletion, ensuring that the data is irretrievably erased from the affected storage devices. In addition to data destruction, BO Team has demonstrated a capacity for disrupting physical systems connected to the targeted network. During their attack on the “Planet” facility, the group reportedly compromised the building’s air conditioning, humidification, and emergency power regulation systems. This indicates that BO Team is capable of manipulating Industrial Control Systems (ICS) or Supervisory Control and Data Acquisition (SCADA) systems, which are commonly used to manage critical infrastructure. By gaining control of these systems, BO Team was able to inflict physical damage that extended beyond the digital realm, showcasing a hybrid approach to cyber warfare. BO Team’s operations reflect a high level of technical acumen and a clear understanding of their targets’ critical systems. Their attacks are meticulously planned and executed with the intent to cause not just disruption, but long-lasting damage to the infrastructure they target. The group’s ability to simultaneously destroy data and disrupt physical systems makes them a formidable threat in the cyber warfare landscape, particularly in the context of the ongoing conflict between Russia and Ukraine. As their activities continue, BO Team remains a significant concern for cybersecurity professionals and nation-states alike, highlighting the evolving nature of cyber threats in modern conflicts.
References:
  • Pro-Ukraine Hacktivists Wiped Massive Data Trove from Russian Research Center
Tags: BO TeamBO_TeamHydrometeorologyPhishingRussiaSpearphishingThreat ActorsUkraineVulnerabilitiesWipers
ADVERTISEMENT

Related Posts

Storm-1811 (Cybercriminal) – Threat Actor

Storm-1811 (Cybercriminal) – Threat Actor

March 2, 2025
CopyCop (State-Sponsored) – Threat Actor

CopyCop (State-Sponsored) – Threat Actor

March 2, 2025
Storm-0539 – Threat Actor

Storm-0539 – Threat Actor

March 2, 2025
Void Manticore (Storm-0842) – Threat Actor

Void Manticore (Storm-0842) – Threat Actor

March 2, 2025
Unfading Sea Haze – Threat Actor

Unfading Sea Haze – Threat Actor

March 2, 2025
Ikaruz Red Team – Threat Actor

Ikaruz Red Team – Threat Actor

March 2, 2025

Latest Alerts

New ZeroCrumb Malware Steals Browser Cookies

TikTok Videos Spread Vidar StealC Malware

CISA Commvault ZeroDay Flaw Risks Secrets

GitLab Patch Stops Service Disruption Risks

3AM Ransomware Email Bomb and Vishing Threat

Function Confusion Hits Serverless Clouds

Subscribe to our newsletter

    Latest Incidents

    Cetus Crypto Exchange Hacked For $223M

    MCP Data Breach Hits 235K NC Lab Patients

    UFCW Data Breach Risks Social Security Data

    Cyberattack Paralyzes French Hauts de Seine

    Santa Fe City Loses $324K In Hacker Scam

    Belgium Housing Hit by Ransomware Attack

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial