With thousands of threat groups trying to make a name for themselves and new ones cropping up every day, it can take some work to come up with a name for a new threat group.
Which may help explain all the misspellings and odd threat group names out there.
Looking just at threat groups active in 2025 that have been investigated by Cyble dark web researchers, here are some of the more interesting and humorous names of hackers and threat groups that are currently active. We opted for PG-rated names; there are quite a few threat groups with names that would make a security writer uncomfortable just typing them out, so we took a more family-friendly approach here.
Weird Threat Group Names: The Menacing
Quite a few threat group names are taken from fantasy characters, typically the menacing ones. Here are a few of those, and you could probably guess which fictional characters have been used for threat group names.
LordVoldemort: The problem with using The Dark Lord’s name is people expect you to be a real badass. With a couple of recent attacks on Indonesian telecom and automotive targets, LordVoldemort may not quite live up to the group’s storied name just yet, but we’re fine with that; we wouldn’t want to see them reach that level of potential.
VanHelsing: Is a Ransomware-as-a-Service (RaaS) group really the equivalent of a vampire slayer? This group just launched on March 7, so we’ll need to wait and see what their targets and methods look like.
Morpheus: Another new group, with two victims so far – a pharmaceutical company and a time-tracking systems company. So far they seem to be engaged in standard ransomware group activity; no red or blue pills reported as of yet.
Satanic: We’ll include the OG Dark Lord in this category. With a couple dozen attacks on organizations around the globe, the Satanic threat group is doing a pretty good job living up to its name.
Cute and Funny Threat Group Names
Some groups don’t seem to want to be seen as fearsome, at least in their choice of name. Easier to escape the notice of law enforcement, perhaps?
Here are several such names.
Space Bears: Cute like Care Bears but in a hackery way, with a pretty odd slogan too: “bears conquer space” (image below).
Rabbit Cyber Team: With apologies to Monty Python, bunnies just aren’t that scary.
Meow: Okay, maybe the cute names are going a little too far.
OX THIEF: Do they steal animals, or Ox cables?
crocs: Does the name refer to the scary reptile, or the fashion-disaster footwear? Sadly, the threat actor’s logo (image left) provides an answer; we were kind of hoping for the footwear. Maybe they could puts a pair of Crocs on the croc, just for us.
Loser: We found ourselves wishing those guys better self-esteem.
swag: At least we know what they’re after.
Skillz: Anyone else hear Napoleon Dynamite in that one? Bow hunting skills, computer hacking skills.
BFF: It’s always heartwarming when lifelong friends embark on a life of cybercrime together.
Weird Threat Group Names: Compound Names
Threat actors often favor compound names, borrowing a branding technique from corporate branding teams. These can create some odd pairings, like “StableFish,” “CanyonGod,” “FlipperZero” and “Devil.God” – we’re sensing some internal conflict on that last one, unlike with “Ddarknotevil,” who want you to know they’re not bad people at heart.
Some other examples of the compound threat group name genre:
BreadPirateLoler: Does anyone else hear “Dread Pirate Roberts” in that one?
Bumblebeef: Do they have a beef with Bumble? So far their only target has been a U.S. financial services firm.
Funksec: Assuming “sec” is short for security, this name conjures up images of a bunch of hackers dressed like Parliament Funkadelic.
SyntheticEmotions: Kind of deep when you think about it.
SafePay: We can imagine the slogan for this ransomware group – “Our decryption keys actually work!”
TrapHouseMob: Not sure if a more unsavory name is possible, at least in a PG-rated article.
Hacktivist Group Names: Ghosts and Dragons
Hacktivists often choose names that blend their regional loyalties with fearsome creatures.
Moroccan Dragons is one such example. This pro-Palestine group has been involved in attacks on Israeli and other targets, and has also been part of the odd alliance of pro-Islamic and pro-Russian groups known as the “Holy League.”
“Ghosts” are another popular name for hacktivist groups. One such group – Arabian Ghosts – is a pro-Syrian group claiming recent attacks on U.S. and Israel critical infrastructure.
Other hacktivist names are, well, kind of fun.
Mysterious Team Bangladesh is a fun name for a group that has been anything but fun. Cyble has recorded 30 attacks by the group involving Indian, Middle Eastern, European and African targets.
Mr Hamza is another somewhat entertaining name for a hacktivist group, in this case a pro-Palestinian group that has attacked targets in Israel, the U.S., and elsewhere.
Cyber Partisans seems like a really polite way for this anti-Russian group to say they’re hacktivists.
