Tweaker Squad
The Tweaker Squad is a privacy focused hacktivism/griefing group. Comprising a diverse group of skilled individuals, the Tweaker Squad are known in forums and underground circles for their anonymity and obscurity.
Not much is known about the Tweaker Squad outside of the noted events and a few groups online, they often appear and disappear, preferring to bask in what they do without the need for attention.
Things that are known/assumed:
- Some of them are ex-antiaim members.
- Some of them are ex-autostrafer members.
- Some of them are ex-nohat members.
- Some members used to play HvH.
- They are based within Oceania, Europe/Northern Europe, Africa and the Americas.
- They often blame "Gary Lineker" on their actions.
General Information
Formation: 2019
Type: Technology and Innovation Collective
Founders: Samuel, Nils, Towelie
Notable Members: or1on, vrk1d, d1m, epo, despair
Total Members: 28
Notable Events:
[2019]: Tweaker Squad was founded in April of 2019.
[2019]: Tweaker Squad "doxxed" Owen Benjamin and Vox Day and exposed that their sites were scams.
[2019]: Tweaker Squad became prominent in the "Griefing" communities within the valve/source universe.
[2019]: Tweaker Squad engaged in a campaign in which fake accounts of women were set up to extract money from unsuspecting men.
[2019]: Tweaker Squad [SIM-Swapped] a popular discord admin of a dating servers phone and accessed the accounts, exposing terrible secrets.
[2019]: Tweaker Squad began making accounts for discord pretending to be underage boys and girls, sending remote access malware to abusers via social engineering then exposing them.
[2020]: Tweaker Squad began working with "Willard & Co" to frustrate "Dish Gang" in their efforts to find information by working with both sides but only for one.
[2020]: Tweaker Squad alongside "Willard & Co" exposed notorious Deviant Art pedophile "Alan Hijazi" known as TommyPicklesFan1992 and made sure he couldn't harm any more children.
[2020]: Tweaker Squad gained underground notoriety for their use of denial of service attacks, affecting the United Kingdoms NHS and the Indian Railway Notice Boards.
[2020]: Tweaker Squad shut down the websites and internal management systems of Essex Police after [Operation Raptor] and the arrest of "Potter Payper" for 3 whole days.
[2020]: Tweaker Squad ran a credential stealing operation in which many users of hacking forums and paid cheats had their credentials stolen and sold online.
[2020]: Tweaker Squad ran an operation targeting domestic computers within the Middle East, Eastern Europe, North America and Oceania to be used for "DDOS" attacks and credential harvesting/crypto currency mining.
[2020]: Tweaker Squad started developing more serious malware from ransomware to nmap style scanners designed to ID targets and break into systems.
[2020]: Tweaker Squad developed "TheBigEar", it would scan the internet breaking into targets and mapping the US NAVY and Department Of Defense honeypots and exposed services for nearly 2 years.
[2020]: Tweaker Squad shut down Minecraft Servers and other general game servers throughout the rest of the year.
[2021]: Tweaker Squad's members hosted a file repository containing [Malware] and tutorials for users to learn new exploits and get into hacktivism.
[2021]: Tweaker Squad began to host large botnets, often charging users for access, many of these were Mirai and generic qBot's however a few appeared to use custom server interfaces and fresh exploits.
[2021]: Tweaker Squad opened up the "TheBigEar" so that it could be connected to by any client, allowing others who could not find "botlists" to scan for free, this service was very popular.
[2022]: Tweaker Squad began to spam users on twitch with follow bots and fake hate raids, due to many of them having close ties to MyG0t this is assumed to be some old school fun and nothing serious, footage can still be found.
[2022]: Tweaker Squad published an open-source launcher for "Skate Online." this allowed players to host servers with far more features than other clients at the time and is still considered superior to other clients.
[2022]: Tweaker Squad published an open-source server for "Project Zomboid" allowing players using Steam or "Pirated" versions to play together and provided its own scripting language for people to develop new commands with.
[2023]: Tweaker Squad began a send.it spam campaign throughout western countries, once again this was seen as harmless fun, some highlights can be found on reddit.
[2023]: Tweaker Squad released a set of encryption libraries for IRC and file security, it remains underground but is used heavily within the circles.
[2023]: Tweaker Squad managed to obtain development copies of "theHunter: Primal" commonly known in "Lost Media" circles as deceased, they have since released it along side with a trainer and the ability to play multiplayer.
[2023]: Tweaker Squad released another file repository for exploits, this time including a whole new repository containing ways to make most narcotics.
[2023]: TheBigEar came online again, this time aiming its sights on the US, China and Eurasia, appearing to be evading honeypots such as greyzone and many other such platforms.
[2023]: Tweaker Squad released another encryption suite, they also appear to have been updating their "irc.exe" program.
[2023]: Tweaker Squad gave kt and ego their regards after surviving the end of an era and wished their best of luck to them.
Known Software Created By The Group:
DWM.exe (a tool designed to bypass windows defender, often loaded as a side application within a stager)
Tsun.exe (a tool used to find usernames, commonly referenced as the "Sherlock for Windows")
AsyncLoader.exe (a tool used to stage the Async RAT, not much is known about this and it was heavily obfuscated)
Skate.Launcher.exe (a launcher for the Skate Online. Leak, featuring lots of cool stuff and even access to the debug console)
irc.exe (some kind of secure communication platform, it appears to use its own cipher sets as padding upon 3 layers of encryption)
bHash.exe (a tool used to crack hashes, an archive can be found on github)
enclib.exe (some kind of library plugin for encryption in IRC servers and file programs)
Minerva.exe (a backdoor worm designed to scan military services and locate specific SSH servers, it utilized the 2017 ZTE-CVE to infect domestic routers to assist in scanning and brute-forcing)
m_Cipher.exe (an encryption suite, not much else is known)
Legacy:
Despite not being prominent and hiding their identities Tweaker Squad have managed to garner enough attention to be on watchlists from Turkey to Malaysia, they are considered a sleeper cell that act with "no direct goal in mind"
