2,004 indexed
ACTORSThreat actors
2004 threat-actor records from MISP-Galaxy v341. Filter by attributed country, or for country / sector / MITRE-Group facets see /explore/actors. Authored by Adam Lundqvist.
Showing 1–50 of 2,004 · page 1 of 41
| ID | Title | Summary |
|---|---|---|
| Stealth Mango and Tangelo | Stealth Mango and Tangelo PK | Stealth Mango and Tangelo is a Pakistani-attributed threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). Operational targeting focuses on the Government… |
| STEALTH-MANGO-AND-TANGELO | Stealth Mango and Tangelo | This threat actor targets organizations in the satellite communications, telecommunications, geospatial-imaging, and defense sectors in the United States and S… |
| [Unnamed group] | [Unnamed group] | Over the last few weeks, several significant leaks regarding a number of Iranian APTs took place. After analyzing and investigating the documents we conclude t… |
| UNNAMED-GROUP | [Unnamed group] | Over the last few weeks, several significant leaks regarding a number of Iranian APTs took place. After analyzing and investigating the documents we conclude t… |
| [Vault 7/8] | [Vault 7/8] | An unnamed source leaked almost 10,000 documents describing a large number of 0-day vulnerabilities, methodologies and tools that had been collected by the CIA… |
| VAULT-7-8 | [Vault 7/8] | An unnamed source leaked almost 10,000 documents describing a large number of 0-day vulnerabilities, methodologies and tools that had been collected by the CIA… |
| 1937CN | 1937CN | 1937CN is a Chinese hacking group that has been active since at least 2013. The group is known for targeting Vietnamese organizations, including government age… |
| 1937CN | 1937CN CN | 1937CN is a Chinese hacking group that has been active since at least 2013. The group is known for targeting Vietnamese organizations, including government age… |
| 313-TEAM | 313 Team | 313 Team is an Iraq-based threat actor that has conducted coordinated DDoS campaigns targeting multiple government servers in the UAE, Kuwait, and Romania, oft… |
| 313 Team | 313 Team IQ | 313 Team is an Iraq-based threat actor that has conducted coordinated DDoS campaigns targeting multiple government servers in the UAE, Kuwait, and Romania, oft… |
| ABABIL-OF-MINAB | Ababil of Minab | Ababil of Minab is an emerging pro-Iranian hacktivist group with a limited public profile and little verifiable prior activity in threat intelligence reporting… |
| Ababil of Minab | Ababil of Minab IR | Ababil of Minab is an emerging pro-Iranian hacktivist group with a limited public profile and little verifiable prior activity in threat intelligence reporting… |
| Actor240524 | Actor240524 | Actor240524 is a newly identified APT group that targeted Azerbaijani and Israeli diplomats through spear-phishing emails to steal sensitive data. The group em… |
| ACTOR240524 | Actor240524 | Actor240524 is a newly identified APT group that targeted Azerbaijani and Israeli diplomats through spear-phishing emails to steal sensitive data. The group em… |
| Adrastea | Adrastea | Adrastea is a threat actor who has been active on cybercrime forums, claiming to have breached organizations like MBDA and offering stolen data for sale. They … |
| ADRASTEA | Adrastea | Adrastea is a threat actor who has been active on cybercrime forums, claiming to have breached organizations like MBDA and offering stolen data for sale. They … |
| AeroBlade | AeroBlade | AeroBlade is a previously unknown threat actor that has been targeting an aerospace organization in the United States. Their objective appears to be conducting… |
| AEROBLADE | AeroBlade | AeroBlade is a previously unknown threat actor that has been targeting an aerospace organization in the United States. Their objective appears to be conducting… |
| Aggressive Inventory Zombies | Aggressive Inventory Zombies | Aggressive Inventory Zombies is a threat actor involved in a large-scale phishing and pig-butchering network targeting retail brands and cryptocurrency users. … |
| AGGRESSIVE-INVENTORY-ZOMBIES | Aggressive Inventory Zombies | Aggressive Inventory Zombies is a threat actor involved in a large-scale phishing and pig-butchering network targeting retail brands and cryptocurrency users. … |
| ALLANITE | ALLANITE | Adversaries abusing ICS (based on Dragos Inc adversary list). ALLANITE accesses business and industrial control (ICS) networks, conducts reconnaissance, and ga… |
| ALLANITE | ALLANITE | Adversaries abusing ICS (based on Dragos Inc adversary list). ALLANITE accesses business and industrial control (ICS) networks, conducts reconnaissance, and ga… |
| Alpha Spider | Alpha Spider | ALPHA SPIDER is a threat actor known for developing and operating the Alphv ransomware as a service. They have been observed using novel offensive techniques, … |
| ALPHA-SPIDER | Alpha Spider | ALPHA SPIDER is a threat actor known for developing and operating the Alphv ransomware as a service. They have been observed using novel offensive techniques, … |
| Altahrea Team | Altahrea Team IQ | Altahrea Team is a pro-Iranian hacking group that has been active since at least 2020. The group has claimed responsibility for a number of cyberattacks, inclu… |
| ALTAHREA-TEAM | Altahrea Team | Altahrea Team is a pro-Iranian hacking group that has been active since at least 2020. The group has claimed responsibility for a number of cyberattacks, inclu… |
| ALTDOS | ALTDOS | ALTDOS is a threat actor group that has targeted entities in Southeast Asia, including Singapore, Thailand, and Malaysia. They have been involved in data breac… |
| ALTDOS | ALTDOS | ALTDOS is a threat actor group that has targeted entities in Southeast Asia, including Singapore, Thailand, and Malaysia. They have been involved in data breac… |
| Altoufan Team | Altoufan Team | ALTOUFAN TEAM is a politically motivated hacktivist group with anti-Zionism, anti-monarchy, and pro-14-February movement sentiments. They have targeted governm… |
| ALTOUFAN-TEAM | Altoufan Team | ALTOUFAN TEAM is a politically motivated hacktivist group with anti-Zionism, anti-monarchy, and pro-14-February movement sentiments. They have targeted governm… |
| Amaranth-Dragon | Amaranth-Dragon CN | Amaranth-Dragon is a previously untracked threat actor assessed to be closely linked to the China-affiliated APT 41 ecosystem, exhibiting similar tooling and o… |
| AMARANTH-DRAGON | Amaranth-Dragon | Amaranth-Dragon is a previously untracked threat actor assessed to be closely linked to the China-affiliated APT 41 ecosystem, exhibiting similar tooling and o… |
| ANDROMEDA SPIDER | ANDROMEDA SPIDER | |
| ANDROMEDA-SPIDER | ANDROMEDA SPIDER | |
| Angry Likho | Angry Likho RU | Angry Likho is an APT group that has been active since 2023, primarily targeting large organizations and government agencies in Russia and Belarus. Their attac… |
| ANGRY-LIKHO | Angry Likho | Angry Likho is an APT group that has been active since 2023, primarily targeting large organizations and government agencies in Russia and Belarus. Their attac… |
| Anonymous KSA | Anonymous KSA | Anonymous KSA is a Saudi hacking group that has executed cyber attacks targeting Indian institutions, including a significant breach of UIDAI's data storage un… |
| ANONYMOUS-KSA | Anonymous KSA | Anonymous KSA is a Saudi hacking group that has executed cyber attacks targeting Indian institutions, including a significant breach of UIDAI's data storage un… |
| Anonymous Sudan | Anonymous Sudan | Since January 23, 2023, a threat actor identifying as "Anonymous Sudan" has been conducting denial of service (DDoS) attacks against multiple organizations in … |
| ANONYMOUS-SUDAN | Anonymous Sudan | Since January 23, 2023, a threat actor identifying as "Anonymous Sudan" has been conducting denial of service (DDoS) attacks against multiple organizations in … |
| Anonymous64 | Anonymous64 TW | Anonymous 64 is a group accused by China's national security ministry of attempting to gain control of web portals, outdoor electronic screens, and network tel… |
| ANONYMOUS64 | Anonymous64 | Anonymous 64 is a group accused by China's national security ministry of attempting to gain control of web portals, outdoor electronic screens, and network tel… |
| ANTHROPOID SPIDER | ANTHROPOID SPIDER | Publicly known as 'EmpireMonkey', ANTHROPOID SPIDER conducted phishing campaigns in February and March 2019, spoofing French, Norwegian and Belizean financial … |
| ANTHROPOID-SPIDER | ANTHROPOID SPIDER | Publicly known as 'EmpireMonkey', ANTHROPOID SPIDER conducted phishing campaigns in February and March 2019, spoofing French, Norwegian and Belizean financial … |
| Antlion | Antlion CN | Antlion is a Chinese state-backed advanced persistent threat (APT) group, who has been targeting financial institutions in Taiwan. This persistent campaign has… |
| ANTLION | Antlion | Antlion is a Chinese state-backed advanced persistent threat (APT) group, who has been targeting financial institutions in Taiwan. This persistent campaign has… |
| Aoqin Dragon | Aoqin Dragon CN | SentinelLabs has uncovered a cluster of activity beginning at least as far back as 2013 and continuing to the present day, primarily targeting organizations in… |
| AOQIN-DRAGON | Aoqin Dragon | SentinelLabs has uncovered a cluster of activity beginning at least as far back as 2013 and continuing to the present day, primarily targeting organizations in… |
| AppMilad | AppMilad IR | AppMilad is an Iranian hacking group that has been identified as the source of a spyware campaign called RatMilad. This spyware is designed to silently infiltr… |
| APPMILAD | AppMilad | AppMilad is an Iranian hacking group that has been identified as the source of a spyware campaign called RatMilad. This spyware is designed to silently infiltr… |