Home Who Are These UGNazi Hackers?

Who Are These UGNazi Hackers?

A group of malicious hackers calling themselves UGNazi claims it took down Twitter late last week for about 40 minutes. Despite reports confirming the attack, Twitter denied that UGNazi was responsible for the outage, calling it a “cascading bug.” Who is UGNazi?

When it comes to tracking the “hacktivist” types, the best way to get an overview of who they are and what they do is to visit their Twitter accounts. For UGNazi, its Twitter activity shows a group of at least four people that are interested in using DDoS attacks to take down prominent websites and to hack into other sites to deface them. 

In and of themselves, DDoS attacks and defacement are simple, and perhaps juvenile, pastimes for young hackers looking to make a name for themselves. But, UGNazi also has an agenda that could be far more harmful to its targets. The group has been linked to a breach at WHMCS, an online billing and client management platform, that exposed about 1.7 GB of company data, including credit card numbers and passwords.

“Hackers claiming to be part of UGNazi have been involved in a number of attacks against websites (defacements, data leaks and DDoS attacks, that kind of thing),” said security expert Graham Cluley of Sophos. “One of the attacks they have been linked to targeted WHMCS, and resulted in the exposure of half a million usernames and passwords.  It’s claimed that they exploited a zero-day vulnerability to break into web-hosting software that uses WHMCS.”

The WHMCS attack was reportedly done through a SQL injection, a technique used by malicious hackers to force their way into databases and extract information. SQL injections have been known to be favorite techniques of both Anonymous and LulzSec. 

According to the UGNazi Twitter account, the group has aligned itself with the infamous anti-security group Anonymous, if at least on a tangential basis. Groups such as LulzSec, Anonymous and UGNazi are not centralized administrations, but rather disparate groups of hackers that have loosely aligned around a common purpose, usually against governments, companies and security agencies that the groups perceive to have committed some type of wrong. 

This particular group appears to consist of four males that go by the handles JoshTheGod, Mr0sama, Cosmo and CyberZeist. The language the group members use in their Twitter accounts is similar to what Anonymous and LulzSec members use – often immature rants and bold claims of dubious truth. The catch phrase for these hacktivist groups when they perform a successful DDoS attack is “Tango Down,” which UGNazi used when it claimed it had taken down Twitter last week.

It was reported that the so-called leader of UGNazi – Cosmo – was arrested by the FBI at the end of May in relation to the WHMCS attack.

UGNazi has a published a list of companies and websites it wishes to attack, for a variety of reasons. That list includes Google.com (“for the lulz”), gas station company WaWa, BP.com, WePay.com and 4Chan.com. The group has claimed to deface or hack sites such as Six Flags, Michigan.gov and regional Comcast sites. 

Will UGNazi take off into prominence the way that Anonymous and LulzSec have before it? Perhaps. It will depend on how successful this small group of hackers becomes. As for Twitter’s outage, that is a he-said, she-said type scenario, in which UGNazi takes responsibility but Twitter denies it. 

Cluley, for one, is not sold. 

”Of course, we have to take everything that a group like UgNazi claims on its Twitter feed with a pinch of salt,” Cluley said.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.