A loose ecosystem of young cybercriminals known as “the Com” is increasingly being linked to a widening range of online and real-world offenses, from ransomware-style corporate attacks to the hacking of Pornhub users’ data, according to The Guardian.

The Com, short for “community,” is a sprawling, informal network with no membership list and no clear boundaries, but with participants typically 16- to 25-years-old, the news outlet said. The group has been linked to cyberattacks that have disrupted British retailers’ IT systems as well as coordinated harassment and intimidation campaigns that spill offline. 

Its latest victims are premium users of Pornhub, whose search history and viewing habits were accessed in an attack attributed to ShinyHunters, a group that emerged from Com-linked networks, the report said. 

The Com also includes Scattered Spider, a group linked with hacks affecting M&S, the Co-op and Harrods. 

Aiden Sinnott, a principal threat researcher at cybersecurity firm Sophos, told The Guardian the Com operates like a pipeline, with older participants drawing in younger recruits and escalating them toward more sophisticated crimes. He described a spectrum ranging from children “trying to hack Minecraft” to people in their mid-20s targeting vulnerable victims and major institutions. 

Recruitment typically takes on Discord and Telegram, where members may share extreme content or boast about intrusions, the report said. One Telegram channel referenced by The Guardian carried a post describing itself as “the supply and demand for the Com,” underscoring the ecosystem’s self-reinforcing culture. 

Law enforcement officials on both sides of the Atlantic are tracking the phenomenon. The Guardian reported that the FBI issued a public warning in July, describing the Com as a primarily English-speaking, international online ecosystem of interconnected networks that includes minors and spans multiple criminal offenses. 

In the UK, the National Crime Agency (NCA) said reports tied to Com networks increased six-fold from 2022 to 2024, and described typical motivations including status, power, control, misogyny, sexual gratification, and obsession with extreme material. 

Analysts commonly break the Com into three overlapping subsets:

  • “Hacker Com” includes groups linked to ransomware-style extortion, data theft, and crypto scams.
  • “IRL Com” is associated with “swatting,” bomb threats, and even “violence-as-a-service” offerings.
  • “Extortion Com” focuses on coercion of vulnerable children, including a notorious network known as 764, whose victims the FBI says are typically 10 to 17 years old. 

Read more at The Guardian

Related: Google Sues Alleged Chinese Crime Group Behind Massive U.S. “Smishing” Wave