| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Dark Engine has emerged as a significant threat actor targeting industrial control systems and SCADA systems in sectors such as metallurgy and food processing. The group has conducted multiple ICS-targeted incidents, with a pronounced operational surge in June 2025. Additionally, Dark Engine is involved in a campaign that embeds fraudulent CAPTCHA prompts into legitimate WordPress sites, utilizing SEO poisoning to harvest login credentials. Reports also indicate a data leak from Dark Engine that exposed sensitive phone data in the U.S.
There are currently no families associated with this actor.
| 2026-02-10
⋅
Google
⋅
Beyond the Battlefield: Threats to the Defense Industrial Base Infrastructure Destruction Squad |
| 2025-06-03
⋅
SecurityBrief Australia
⋅
Fake CAPTCHA scam targets 2,353 WordPress sites, warns CyberCX Infrastructure Destruction Squad |