Executive Summary

This profile is a comprehensive analysis of the threat actor H3C4KEDZ and associated groups such as NXBBSEC, BL4CK CYB3R, KOLZSEC, and allied syndicates operating across Cambodia, Thailand, and Southeast Asia. The assessment is based exclusively on Telegram channel chat records (Jul-Aug 2025), open-source intelligence (OSINT), and corroborative indicators. The findings reveal a sophisticated, highly active hacktivist network orchestrating wide-scale data breaches, persistent DDoS, defacement, and psychological operations, primarily targeting the Thai Government, military, educational, and healthcare sectors, in a context of escalating geopolitical tensions.


Threat Actor Identifiers & Social Media Presence


Attack Timeline & Evidence

July-August 2025 Attack Campaigns

Summary:

The group conducted a coordinated sequence of breaches, defacements, distributed denial-of-service attacks (DDoS), credential leaks, and public shaming operations, targeting a wide variety of Thai government infrastructure, universities, hospitals, military, police, and corporations. Below is a breakdown of their claimed operations, with evidence drawn directly from chat logs:

Major Data Breaches (Exfiltration + Destruction)