2,004 indexed
ACTORSThreat actors
2004 threat-actor records from MISP-Galaxy v341. Filter by attributed country, or for country / sector / MITRE-Group facets see /explore/actors. Authored by Adam Lundqvist.
Showing 451–500 of 1,546 in Other · page 10 of 31
| ID | Title | Summary |
|---|---|---|
| Ghost Jackal | Ghost Jackal | |
| GHOST-JACKAL | Ghost Jackal | |
| GHOST-STADIUM | GHOST STADIUM | GHOST STADIUM is a Chinese-speaking, financially motivated threat actor operating a sophisticated phishing campaign across over 300 domains, utilizing a custom… |
| GHOSTEMPEROR | GhostEmperor | GhostEmperor is a Chinese-speaking threat actor that targets government entities and telecom companies in Southeast Asia. They employ a Windows kernel-mode roo… |
| GhostNet | GhostNet | Cyber espionage is an issue whose time has come. In this second report from the Information Warfare Monitor, we lay out the findings of a 10-month investigatio… |
| GHOSTNET | GhostNet | Cyber espionage is an issue whose time has come. In this second report from the Information Warfare Monitor, we lay out the findings of a 10-month investigatio… |
| GhostR | GhostR | Ghostr is a financially motivated threat actor known for stealing a confidential database containing 5.3 million records from the World-Check and leaking about… |
| GHOSTR | GhostR | Ghostr is a financially motivated threat actor known for stealing a confidential database containing 5.3 million records from the World-Check and leaking about… |
| GHOSTREDIRECTOR | GhostRedirector | GhostRedirector is a China-aligned threat actor that has compromised at least 65 Windows servers across various sectors, primarily in Brazil, Thailand, and Vie… |
| GhostSec | GhostSec | GhostSec is a hacktivist group that emerged as an offshoot of Anonymous. They primarily focused on counterterrorism efforts and monitoring online activities as… |
| GHOSTSEC | GhostSec | GhostSec is a hacktivist group that emerged as an offshoot of Anonymous. They primarily focused on counterterrorism efforts and monitoring online activities as… |
| GHOSTWRITER | Ghostwriter | Ghostwriter is referred as an 'activity set', with various incidents tied together by overlapping behavioral characteristics and personas, rather than as an ac… |
| GIBBERISH-PANDA | GIBBERISH PANDA | |
| Gitloker | Gitloker | Gitloker is a threat actor group targeting GitHub repositories, wiping their contents, and extorting victims for their data. They use stolen credentials to com… |
| GITLOKER | Gitloker | Gitloker is a threat actor group targeting GitHub repositories, wiping their contents, and extorting victims for their data. They use stolen credentials to com… |
| Gnosticplayers | Gnosticplayers | The hacker said that he put up the data for sale mainly because these companies had failed to protect passwords with strong encryption algorithms like bcrypt. … |
| GNOSTICPLAYERS | Gnosticplayers | The hacker said that he put up the data for sale mainly because these companies had failed to protect passwords with strong encryption algorithms like bcrypt. … |
| GOBLIN-PANDA | GOBLIN PANDA | Goblin Panda is one of a handful of elite Chinese advanced persistent threat (APT) groups. Most Chinese APTs target the United States and NATO, but Goblin Pand… |
| GOFFEE | GOFFEE | GOFFEE is a threat actor that has targeted entities in the Russian Federation since early 2022, employing spear phishing emails with malicious attachments, inc… |
| GOFFEE | GOFFEE | GOFFEE is a threat actor that has targeted entities in the Russian Federation since early 2022, employing spear phishing emails with malicious attachments, inc… |
| GOLD BURLAP | GOLD BURLAP | GOLD BURLAP is a group of financially motivated criminals responsible for the development of the Pysa ransomware, also referred to as Mespinoza. Pysa is a cros… |
| GOLD-BURLAP | GOLD BURLAP | GOLD BURLAP is a group of financially motivated criminals responsible for the development of the Pysa ransomware, also referred to as Mespinoza. Pysa is a cros… |
| GOLD CABIN | GOLD CABIN | GOLD CABIN is a financially motivated cybercriminal threat group operating a malware distribution service on behalf of numerous customers since 2018. GOLD CABI… |
| GOLD-CABIN | GOLD CABIN | GOLD CABIN is a financially motivated cybercriminal threat group operating a malware distribution service on behalf of numerous customers since 2018. GOLD CABI… |
| GOLD DUPONT | GOLD DUPONT | GOLD DUPONT is a financially motivated cybercriminal threat group that specializes in post-intrusion ransomware attacks using 777 (aka Defray777 or RansomExx) … |
| GOLD-DUPONT | GOLD DUPONT | GOLD DUPONT is a financially motivated cybercriminal threat group that specializes in post-intrusion ransomware attacks using 777 (aka Defray777 or RansomExx) … |
| GOLD EVERGREEN | GOLD EVERGREEN | GOLD EVERGREEN was a financially motivated cybercriminal threat group that operated the Gameover Zeus (aka Mapp, P2P Zeus) botnet until June 2014. It encompass… |
| GOLD-EVERGREEN | GOLD EVERGREEN | GOLD EVERGREEN was a financially motivated cybercriminal threat group that operated the Gameover Zeus (aka Mapp, P2P Zeus) botnet until June 2014. It encompass… |
| GOLD FAIRFAX | GOLD FAIRFAX | GOLD FAIRFAX is a financially motivated cybercriminal threat group responsible for the creation, distribution, and operation of the Ramnit botnet. Ramnit, the … |
| GOLD-FAIRFAX | GOLD FAIRFAX | GOLD FAIRFAX is a financially motivated cybercriminal threat group responsible for the creation, distribution, and operation of the Ramnit botnet. Ramnit, the … |
| GOLD FLANDERS | GOLD FLANDERS | GOLD FLANDERS is a financially motivated group responsible for distributed denial of service (DDOS) attacks linked to extortion emails demanding between 5 and … |
| GOLD-FLANDERS | GOLD FLANDERS | GOLD FLANDERS is a financially motivated group responsible for distributed denial of service (DDOS) attacks linked to extortion emails demanding between 5 and … |
| GOLD GALLEON | GOLD GALLEON | GOLD GALLEON is a financially motivated cybercriminal threat group comprised of at least 20 criminal associates that collectively carry out business email comp… |
| GOLD-GALLEON | GOLD GALLEON | GOLD GALLEON is a financially motivated cybercriminal threat group comprised of at least 20 criminal associates that collectively carry out business email comp… |
| GOLD GARDEN | GOLD GARDEN | GOLD GARDEN was a financially motivated cybercriminal threat group that authored and operated the GandCrab ransomware from January 2018 through May 2019. GandC… |
| GOLD-GARDEN | GOLD GARDEN | GOLD GARDEN was a financially motivated cybercriminal threat group that authored and operated the GandCrab ransomware from January 2018 through May 2019. GandC… |
| GOLD MANSARD | GOLD MANSARD | GOLD MANSARD is a financially motivated cybercriminal threat group that operated the Nemty ransomware from August 2019. The threat actor behind Nemty is known … |
| GOLD-MANSARD | GOLD MANSARD | GOLD MANSARD is a financially motivated cybercriminal threat group that operated the Nemty ransomware from August 2019. The threat actor behind Nemty is known … |
| GOLD NORTHFIELD | GOLD NORTHFIELD | Operational since at least October 2020, GOLD NORTHFIELD is a financially motivated cybercriminal threat group that leverages GOLD SOUTHFIELD's REvil ransomwar… |
| GOLD-NORTHFIELD | GOLD NORTHFIELD | Operational since at least October 2020, GOLD NORTHFIELD is a financially motivated cybercriminal threat group that leverages GOLD SOUTHFIELD's REvil ransomwar… |
| GOLD PRELUDE | GOLD PRELUDE | GOLD PRELUDE is a financially motivated cybercriminal threat group that operates the SocGholish (aka FAKEUPDATES) malware distribution network. GOLD PRELUDE op… |
| GOLD-PRELUDE | GOLD PRELUDE | GOLD PRELUDE is a financially motivated cybercriminal threat group that operates the SocGholish (aka FAKEUPDATES) malware distribution network. GOLD PRELUDE op… |
| GOLD REBELLION | GOLD REBELLION | GOLD REBELLION is a financially motivated cybercriminal threat group that operates the Black Basta name-and-shame ransomware. The group posted its first victim… |
| GOLD-REBELLION | GOLD REBELLION | GOLD REBELLION is a financially motivated cybercriminal threat group that operates the Black Basta name-and-shame ransomware. The group posted its first victim… |
| GOLD RIVERVIEW | GOLD RIVERVIEW | GOLD RIVERVIEW was a financially motivated cybercriminal group that facilitated the distribution of malware- and scam-laden spam email on behalf of its custome… |
| GOLD-RIVERVIEW | GOLD RIVERVIEW | GOLD RIVERVIEW was a financially motivated cybercriminal group that facilitated the distribution of malware- and scam-laden spam email on behalf of its custome… |
| GOLD SKYLINE | GOLD SKYLINE | GOLD SKYLINE is a financially motivated cybercriminal threat group operating from Nigeria engaged in high-value wire fraud facilitated by business email compro… |
| GOLD-SKYLINE | GOLD SKYLINE | GOLD SKYLINE is a financially motivated cybercriminal threat group operating from Nigeria engaged in high-value wire fraud facilitated by business email compro… |
| GOLD SOUTHFIELD | GOLD SOUTHFIELD | GOLD SOUTHFIELD is a financially motivated cybercriminal threat group that authors and operates the REvil (aka Sodinokibi) ransomware on behalf of various affi… |
| GOLD-SOUTHFIELD | GOLD SOUTHFIELD | GOLD SOUTHFIELD is a financially motivated cybercriminal threat group that authors and operates the REvil (aka Sodinokibi) ransomware on behalf of various affi… |