Tech Beetle briefing GB

The Com: the growing cybercrime network behind recent Pornhub hack

Essential brief

The Com: the growing cybercrime network behind recent Pornhub hack

Key facts

The Com is a loosely affiliated English-speaking cybercrime network mainly composed of males aged 16 to 25.

It encompasses a wide range of crimes including ransomware, data theft, crypto scams, sextortion, and real-world harassment.

Groups like ShinyHunters and Scattered Spider operate within the Com, targeting high-profile victims such as Pornhub users and UK retailers.

The network grooms younger members to commit increasingly sophisticated cybercrimes, often manipulating vulnerable children.

Law enforcement agencies have increased efforts to address the Com, but its fluid and decentralized nature makes it a persistent threat.

Highlights

The Com is a loosely affiliated English-speaking cybercrime network mainly composed of males aged 16 to 25.

It encompasses a wide range of crimes including ransomware, data theft, crypto scams, sextortion, and real-world harassment.

Groups like ShinyHunters and Scattered Spider operate within the Com, targeting high-profile victims such as Pornhub users and UK retailers.

The network grooms younger members to commit increasingly sophisticated cybercrimes, often manipulating vulnerable children.

The Com is an emerging cybercrime ecosystem primarily composed of native English speakers, mostly males aged 16 to 25, engaging in a broad spectrum of criminal activities.

This loosely affiliated network defies traditional categorization but is responsible for significant cyberattacks, including ransomware hacks, data theft, crypto scams, and sextortion.

Recent high-profile victims include premium users of Pornhub, whose search histories and viewing habits were compromised by the hacking group ShinyHunters, a faction within the Com.

Other notable groups linked to the Com include Scattered Spider, known for attacks on British retailers like M&S, the Co-op, and Harrods.

The Com operates without formal membership, spanning from young teens attempting minor hacks to adults orchestrating complex cybercrimes.

According to Aiden Sinnott, principal threat researcher at Sophos, older members groom younger recruits to escalate their criminal activities, creating a pipeline of increasingly sophisticated offenders.

Communication among members occurs on platforms like Discord and Telegram, where they exchange information, share extreme content, and boast about hacks.

Law enforcement agencies in both the US and UK are acutely aware of the Com, with the FBI issuing warnings and the UK's National Crime Agency reporting a sixfold increase in Com-related incidents between 2022 and 2024.

The Com is divided into three overlapping subsets: Hacker Com, including groups like ShinyHunters and Lapsus$, focused on data theft and ransomware; IRL Com, which engages in real-world harassment such as swatting and bomb threats; and Extortion Com, which targets vulnerable children for sextortion and self-harm coercion.

These activities often involve manipulating minors into harmful or illegal acts, with some members motivated by status, power, misogyny, or extremist ideologies.

The fluid nature of the Com allows movement between subsets, complicating efforts to dismantle the network.

Recent prosecutions, such as the sentencing of Noah Urban and Cameron Finnigan, highlight law enforcement's attempts to combat this growing threat.

Overall, the Com represents a dynamic and dangerous cybercriminal ecosystem that blends online and offline crimes, posing significant challenges for global cybersecurity and child protection efforts.