Recently, a new actor appeared in the hacker forums under the pseudonym Hikki-Chan, who rapidly attracted attention, claiming liability for high-profile cyber attacks. However, detailed analysis shows that this character is probably a fraudster who is trying take advantage of current geopolitical stresses to create a reputation for yourself.
One of the key arguments on which Hikki-Chan is building its popularity is supposedly a data leak with the popular Russian social network VK. But when checking, it turned out that the “leak” consisted of public information collected from public pages of users. This technique is often used by scammers to present available data as a result of hacking, thus increasing their visibility in hacker communities.
Hikki-Chan also tried to assign responsibility for the attack on the Israeli transport company KAVIM, which was actually committed by the Black Shadow group in 2021. An attempt to attribute to himself this attack raises serious doubts about the veracity of the rest of his statements.
Another high-profile claim of Hikki-Chan was a statement about the hacking of the database of the Israeli police, however, it turned out that the data presented relate to the youth organization engaged in the preparation of adolescents for military service. These data were already appearing at hacker forums in June 2023, which indicates the use of old leaks to create the appearance of new attacks.
Studies show that such cyber operations can stand in groups sponsored by the state, such as Iranian APT groups that use such methods for conducting psychological operations. They distribute fake or outdated databases to create the illusion of successful attacks and destabilize the situation, sow distrust and undermine the reputation of Israeli cybersecurity.
Hikki-chan activity should be considered as part of a wider misinformation campaign aimed at creating the visibility of successful cyber attacks.