There's drama brewing between various Kremlin-backed hacktivist groups, which percolated into public view this week with the move by Killnet group leader "Killmilk" to expose the identity of "Raty," the leader of seemingly aligned threat group Anonymous Russia.
Raty, outed as Arseni Yeliseyeu, was subsequently arrested in Belarus, Kellmilk said, according to new analysis from Flashpoint. Further, Killmilk decided to appoint a threat actor named "Radis" to head up Anonymous Russia in Raty's absence.
Following the announcement, the Anonymous Russia Telegram channel identified itself as steadfastly pro-Kremlin with a declaration of war against the "CIA rats," according to Flashpoint, and offered the group's distributed denial-of-service (DDoS) cyberattacks as a for-hire service, adding "anyone can purchase."
The episode is just the latest example of Killnet's attempts to consolidate power.
"The developing story highlights the twists and turns of pro-Kremlin hacktivism over the past approximately six months since Killnet first attempted to collect all major and minor groups under its own umbrella," Flashpoint's report said. "This endeavor has remained relatively unsuccessful."
Groups are pushing back against Killnet to strike out of their own, creating a more competitive hacktivist market, Flashpoint explained.
"In the past months several smaller groups, including Phoenix, announced the creation of their own alliances or business ventures, suggesting that the market of cybercrime services under the guise of hacktivism is getting crowded too," the report said.