VFVCT

VFVCT, also referred to as V For Vendetta Cyber Team, is a threat actor operating within a broader collaborative cybercrime ecosystem tied to THE PERSEPHONE leak platform. The content links VFVCT to THE PERSEPHONE through a BreachForums post by the user VFVCT that referred to the Persephone domain as "our website," repeated sharing of the domain in VFVCT-linked Telegram channels, and prominent references to VFVCT on the Persephone landing page. THE PERSEPHONE presented itself as a prototype leak platform and described cooperation among VFVCT, RasCorp Group, and ClayRat/CrackRat Zone Clay under the banner of "United Cyber Operations," indicating that VFVCT participated in a multi-group alliance rather than acting solely through a standalone leak site. The group used Telegram channels and groups as a communication and coordination layer for recruitment, leak promotion, operational messaging, and discussion of future database releases. A private Telegram group titled Project_Vendetta referenced V For Vendetta Cyber Team and listed contact points including a Telegram bot and email addresses. A separate Telegram channel presented itself as a backup channel for VFVCT. Messages in these channels discussed hacking activities, recruitment, geopolitical commentary, and upcoming data releases, including a planned database release at the end of Ramadan. One message claimed campaigns targeting South Korea, India, and Indonesia and asserted possession of large datasets associated with those countries. The content also indicates that VFVCT maintained broader supporting infrastructure beyond Telegram, including references to a GitHub Pages site described by the actors as part of their DLS or ransomware-related infrastructure, a TOX ID, a Session messenger ID, and a separate website hosted through a free web hosting provider. A VFVCT channel message invited technically skilled individuals to contact the group regarding ransomware partnerships. Within the alliance described in the content, VFVCT was characterized as contributing operational and strategic capabilities, while RasCorp Group handled business operations and coordination and CrackRat Zone Clay provided multifunctional tools. Known aliases and associated names directly mentioned in the content include VFVCT and V For Vendetta Cyber Team. Associated allied groups mentioned are RasCorp Group and ClayRat/CrackRat Zone Clay.