HOMETHREATSUkrainian Cyber Alliance
APT / THREAT GROUP HACKTIVISM

Ukrainian Cyber Alliance

🇺🇦Ukraine-attributed
1
campaigns
2
aliases
Last seen:Mar 17, 2026

Intelligence Profile

Cyber Alliance is a hacktivist group that has demonstrated capabilities in exploiting vulnerabilities, such as CVE-2023-22515 in Confluence, to escalate privileges and access targeted infrastructure. They successfully accessed Trigona's systems, exfiltrating sensitive data and ultimately defacing and deleting the organization's site.

Threat Analysis

Ukrainian Cyber Alliance is a known-sophistication threat actor attributed to Ukraine, engaged in cyber operations with a primary motivation of hacktivism.

As a hacktivist-aligned entity, Ukrainian Cyber Alliance conducts operations driven by ideological, political, or social grievances, typically through website defacements, DDoS attacks, and the leaking of sensitive data to advance a public narrative.

Known Campaigns

Ukrainian Cyber Alliance — Active Operations March 2026

Ukrainian Cyber Alliance is a hacktivism threat actor attributed to UA. Cyber Alliance is a hacktivist group that has demonstrated capabilities in exploiting vulnerabilities, such as CVE-2023-22515 in Confluence, to escalate privileges and access targeted infrastructure. They successfully accessed Trigona's systems, exfiltrating sensitive data and ul...

ACTIVEMEDIUM2026

External References

Quick Facts

TypeAPT / Threat Group
Motivation hacktivism
Origin🇺🇦 Ukraine
Aliases2
SourceMalpedia

Also Known As

Ukrainian Cyber AllianceUCA

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.