 GlorySec logo | |
| Formation | 9 August 2023 |
|---|---|
| Founder | Charon |
| Type | Hacking |
| Purpose | Expressing Anarcho-capitalist beliefs and supporting the West through hacktivism |
Membership | Unknown (estimated 30+) |
| Leader | Charon Wheezy (determined by monthly election) |
Parent organization | Gloria Quaerere |
| Affiliations | Gloria Quaerere, GloryScroll, GloryEnd, Albanian GlorySec, GloryKill, GlorySA, GloryData |
GlorySec, otherwise known by their unabridged name Glory Security, is an active hacktivist group known for their attacks on multiple countries. For instance, one of these attacks included airdropping worm-type malware stored on USB sticks in Venezuela, Guyana City. This was done in opposition to Maduro's regime, such as his human rights violations, economic mismanagement and erosion of democratic institutions. The estimated damage of this malware has been said to affect 100 companies. GlorySec align themselves under the belief of Avaritionism/Anarcho-capitalism and they have expressed their beliefs many times, carrying out their attacks under this belief and their attacks have brought attention to the malpractices of many countries, something they share in common with other hacktivist groups.
GlorySec originally saw its advent upon the splitting of the original group GloryScroll, which birthed the group as it is known today. The group is a part of a chain of groups that make up the collective known as Gloria Quaerere, which translates from Latin to "To seek glory" or may be reiterated as "To seek knowledge". The group remains active to this day, with a series of campaigns targeting countries that oppose the West or countries allied with it.
Beliefs & alignment
editAs is visible from their official Telegram group channel, the group is known for their beliefs in Avarationism and Anarcho-capitalism and it is expressed in the various political views they are seen to have. They align themselves with the West and have been doing so since their inception. Their earliest activity consisted of DDoSing Russian websites as well as helping Taiwanese and Japanese websites to secure themselves, both of which are Western allies. On the contrary, countries like Russia, Venezuela, China, North Korea are perceived as enemies to GlorySec. They stand against communism and target these countries for various reasons, mainly for their standing against the West and malpractices.
Timeline of attacks
editThese attacks come as is written from their official Telegram channel. Where articles are written on an attack, they will be referenced as usual. These are attacks they have claimed responsibility or joint-responsibility for.
Minor activity
editAugust 9 2023 - September 8 2023
editBetween these dates just after their inception, GlorySec claimed responsibility for multiple data-breaches, ranging from a site based in Veliky Novgorod to DDoSes on multiple Russian websites and performing UDF payloads.
National Bank of Pakistan breach
editDirectly after establishing new management behind the scenes, on September 9th 2023, they breached the National Bank of Pakistan. They claimed access to the personal information of all investors of the bank through this breach and uncovered 1.7 gigabytes of data through this breach which they then leaked on their public channel. Through this breach, GlorySec accused investors of supporting and supplying 21 terrorist groups including ISIS, Al Qaeda and the Taliban. The attack was done as a result of Pakistan strengthening their relations to Iran and Russia. While it is unknown if this attack was done through the efforts of GlorySec or whether they claim joint-responsibility for this with other hacker groups, this is where their collaborations began with GhostSec and KromSec.
Parliament of Pakistan breach
editSome time after the National Bank of Pakistan breach in what seemed to a follow-up attack, on September 14th 2023, they breached the Parliament of Pakistan in a breach that contained 4.3 gigabytes of data, leaking data of every politician in Pakistan. The database of the Parliament of Pakistan was leaked and while it is unknown whether any specific follow-up attacks were done through this data, it is known that this attack was completed in opposition to Pakistan's support to Al Qaeda and other groups of the like.
Attacks on high profile Russian government websites
editOn September 19th 2023, GlorySec performed attacks on high profile Russian government websites (specifically kremlin.ru, gov.ru and government.ru). The DDoS attack took down their websites and meant that the websites were inaccessible to over 30 countries.
Maria Vladimirovna Vorontsova & Jorrit Joost Faassen dox
editA dox that originally began with DoomSec, it was later continued and published on September 23rd 2023, adding on extra personal information of Maria Vladimirovna Vorontsova and added the personal information of Jorrit Joost Faassen. These doxes were likely done as a result of Maria Vladimirovna Vorontsova being the daughter of Vladimir Putin. Jorrit Joost Faassen was revealed to be oligarch that works for Gazprom through this dox, his motives (from the perspective of GlorySec) believed to be driven around money.
Government of South Africa (ORTAMBODM) breach
editIn partnership with Anonymous, this data-breach (estimated worth supposedly $10,000) was released by GlorySec on September 30th 2023 for free in opposition to both the Government of South Africa but also to send a message to other hacktivist group, challenging their standing as hacktivists. GlorySec challenged the intentions of hacktivism groups labelling them as 'evil.'
Cyber Attack on Palestine
editIn response to the Israel-Palestine conflict and in their expression of disaccord with Hamas, GlorySec released a data dump on November 30 2023 containing an estimated amount of 500 gigabytes of data. The data contained confidential data in connection to Palestine's government institutions and while the hack gained them access to the entire database, in a deliberate move, they did not disclose the entire database; instead opting to disclose specific information. This data dump was believed to be done in a move to seize victory over Hamas in their cyber war; however with no conclusions to the conflict, this is uncertain.
Cyber Attack on Iran
editAfter their return to activity on January 13th 2024, GlorySec claimed responsibiltiy for attacks on an estimated 50 Iranian websites, performing data dumps on them. Shortly after this on January 17th 2024, in response to an attack from the Houthi movement on US cargo ships, GlorySec introduced a new campaign labelled '#OPTerrorism' with their first official action under th8is campaign being to dump multiple Iranian and Yemeni websites. These dumps included an Iranian plantation and an Iranian laboratory. The campaign was created as a front against terrorism.