The cybersecurity landscape has witnessed an alarming evolution in hacktivist operations, with threat actors increasingly shifting their focus from traditional DDoS attacks and website defacements to sophisticated industrial control system (ICS) infiltrations. Industrial control system attacks, data breaches, and access-based intrusions have surged to comprise 31% of all hacktivist activities in the second quarter of 2025, marking a notable increase from the 29% recorded in the previous quarter. Cyble analysts identified Z-Pentest as the most prolific hacktivist group targeting critical infrastructure, executing 38 ICS attacks in Q2 2025 alone—representing a staggering 150% increase from the 15 attacks attributed to the group in the first quarter. This tactical transformation represents a significant escalation in the hacktivist threat ecosystem, as groups now target critical infrastructure components that directly impact national security and economic stability. Dark Engine, operating under the alias “Infrastructure Destruction Squad,” has emerged as another significant threat actor, conducting 26 ICS-targeted incidents during the second quarter with a pronounced operational surge in June. The group’s recent compromise of an HMI/SCADA interface controlling a high-temperature furnace in Vietnamese industrial operations exemplifies the sophisticated nature of these attacks. The emergence of Russia-linked groups has fundamentally altered the hacktivist landscape, with organizations like Z-Pentest leading the charge in ICS-targeted operations. The group’s consistent targeting of energy infrastructure across multiple European nations reflects a coordinated campaign strategy designed to maximize psychological and operational impact. Dark Engine’s infiltration techniques focus on exploiting human-machine interface (HMI) and SCADA systems, particularly those controlling industrial processes in sectors such as metallurgy, ceramics, cement, and food processing. This upward trajectory signals a concerning shift toward infrastructure-level interference, demonstrating enhanced strategic intent and technical capabilities within the hacktivist community. The group’s ability to gain unauthorized access indicates sophisticated reconnaissance capabilities and deep understanding of industrial control protocols. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis.
This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 16 Jul 2025 03:15:09 +0000