2,004 indexed
ACTORSThreat actors
2004 threat-actor records from MISP-Galaxy v341. Filter by attributed country, or for country / sector / MITRE-Group facets see /explore/actors. Authored by Adam Lundqvist.
Showing 51–100 of 1,546 in Other · page 2 of 31
| ID | Title | Summary |
|---|---|---|
| APT10 | APT10 | menuPass is a threat group that has been active since at least 2006. Individual members of menuPass are known to have acted in association with the Chinese Min… |
| APT12 | APT12 | A group of China-based attackers, who conducted a number of spear phishing attacks in 2013. |
| APT14 | APT14 | PLA Navy Anchor Panda is an adversary that CrowdStrike has tracked extensively over the last year targeting both civilian and military maritime operations in t… |
| APT15 | APT15 | This threat actor uses phishing techniques to compromise the networks of foreign ministries of European countries for espionage purposes. |
| APT16 | APT16 | Between November 26, 2015, and December 1, 2015, known and suspected China-based APT groups launched several spear-phishing attacks targeting Japanese and Taiw… |
| APT17 | APT17 | FireEye described APT17 in a 2015 report as: 'APT17, also known as DeputyDog, is a China based threat group that FireEye Intelligence has observed conducting n… |
| APT18 | APT18 | Wekby was described by Palo Alto Networks in a 2015 report as: 'Wekby is a group that has been active for a number of years, targeting various industries such … |
| APT19 | APT19 | Adversary group targeting financial, technology, non-profit organisations. |
| APT2 | APT2 | Putter Panda were the subject of an extensive report by CrowdStrike, which stated: 'The CrowdStrike Intelligence team has been tracking this particular unit si… |
| APT20 | APT20 | We’ve uncovered some new data and likely attribution regarding a series of APT watering hole attacks this past summer. Watering hole attacks are an increasingl… |
| APT21 | APT21 | |
| APT22 | APT22 | Suckfly is a China-based threat group that has been active since at least 2014 |
| APT23 | APT23 | TrendMicro described Tropic Trooper in a 2015 report as: 'Taiwan and the Philippines have become the targets of an ongoing campaign called Operation TropicTroo… |
| APT24 | APT24 | The Pitty Tiger group has been active since at least 2011. They have been seen using HeartBleed vulnerability in order to directly get valid credentials |
| APT26 | APT26 | |
| APT27 | APT27 | A China-based actor that targets foreign embassies to collect data on government, defence, and technology sectors. |
| APT28 | APT28 | The Sofacy Group (also known as APT28, Pawn Storm, Fancy Bear and Sednit) is a cyber espionage group believed to have ties to the Russian government. Likely op… |
| APT29 | APT29 | A 2015 report by F-Secure describe APT29 as: 'The Dukes are a well-resourced, highly dedicated and organized cyberespionage group that we believe has been work… |
| APT3 | APT3 | Symantec described UPS in 2016 report as: 'Buckeye (also known as APT3, Gothic Panda, UPS Team, and TG-0110) is a cyberespionage group that is believed to hav… |
| APT30 | APT30 | APT30 is a threat group suspected to be associated with the Chinese government. While Naikon shares some characteristics with APT30, the two groups do not appe… |
| APT31 | APT31 | FireEye characterizes APT31 as an actor specialized on intellectual property theft, focusing on data and projects that make a particular organization competeti… |
| APT32 | APT32 | Cyber espionage actors, now designated by FireEye as APT32 (OceanLotus Group), are carrying out intrusions into private sector companies across multiple indust… |
| APT33 | APT33 | Our analysis reveals that APT33 is a capable group that has carried out cyber espionage operations since at least 2013. We assess APT33 works at the behest of … |
| APT35 | APT35 | FireEye has identified APT35 operations dating back to 2014. APT35, also known as the Newscaster Team, is a threat group sponsored by the Iranian government th… |
| APT37 | APT37 | APT37 has likely been active since at least 2012 and focuses on targeting the public and private sectors primarily in South Korea. In 2017, APT37 expanded its … |
| APT39 | APT39 | APT39 was created to bring together previous activities and methods used by this actor, and its activities largely align with a group publicly referred to as "… |
| APT4 | APT4 | |
| APT40 | APT40 | Leviathan is an espionage actor targeting organizations and high-value targets in defense and government. Active since at least 2014, this actor has long-stand… |
| APT41 | APT41 | APT41 is a prolific cyber threat group that carries out Chinese state-sponsored espionage activity in addition to financially motivated activity potentially ou… |
| APT42 | APT42 | Iranian state-sponsored cyber espionage group tasked with conducting information collection and surveillance operations against individuals and organizations o… |
| APT43 | APT43 | • APT43 is a prolific cyber operator that supports the interests of the North Korean regime. The group combines moderately-sophisticated technical capabilities… |
| APT43 | APT43 | • APT43 is a prolific cyber operator that supports the interests of the North Korean regime. The group combines moderately-sophisticated technical capabilities… |
| APT45 | APT45 | APT45 is a North Korean cyber threat actor that has been active since at least 2009. They have conducted espionage campaigns targeting government agencies and … |
| APT5 | APT5 | We have observed one APT group, which we call APT5, particularly focused on telecommunications and technology companies. More than half of the organizations we… |
| APT6 | APT6 | The FBI issued a rare bulletin admitting that a group named Advanced Persistent Threat 6 (APT6) hacked into US government computer systems as far back as 2011 … |
| APT73 | APT73 | APT73 is a ransomware group that has publicly identified 12 victims and launched its data leak site on April 25th. The DLS bears a striking resemblance to that… |
| APT73 | APT73 | APT73 is a ransomware group that has publicly identified 12 victims and launched its data leak site on April 25th. The DLS bears a striking resemblance to that… |
| APT9 | APT9 | APT9 engages in cyber operations where the goal is data theft, usually focusing on the data and projects that make a particular organization competitive within… |
| APTIRAN | APTIran | APTIran has claimed responsibility for a large-scale campaign targeting Israeli critical infrastructure, asserting infiltration of government ministries, hospi… |
| ArcaneDoor | ArcaneDoor | ArcaneDoor is a campaign that is the latest example of state-sponsored actors targeting perimeter network devices from multiple vendors. Coveted by these actor… |
| ARCANEDOOR | ArcaneDoor | ArcaneDoor is a campaign that is the latest example of state-sponsored actors targeting perimeter network devices from multiple vendors. Coveted by these actor… |
| ARIDVIPER | AridViper | AridViper is a state-sponsored APT primarily targeting military personnel, journalists, and dissidents in the Middle East, with a focus on Israel and Palestine… |
| ASLAN-NEFERLER-TIM | Aslan Neferler Tim | Turkish nationalist hacktivist group that has been active for roughly one year. According to Domaintools, the group’s site has been registered since December 2… |
| Asnarök | Asnarök | Asnarök is a threat actor that exploited CVE-2020-12271 and utilized command injection privilege escalation to gain root access to devices and install the Asna… |
| ASNAR-K | Asnarök | Asnarök is a threat actor that exploited CVE-2020-12271 and utilized command injection privilege escalation to gain root access to devices and install the Asna… |
| AtlasCross | AtlasCross | NSFOCUS Security Labs recently discovered a new attack process based on phishing documents in their daily threat-hunting operations. Delving deeper into this f… |
| ATLASCROSS | AtlasCross | NSFOCUS Security Labs recently discovered a new attack process based on phishing documents in their daily threat-hunting operations. Delving deeper into this f… |
| Attor | Attor | Attor is a threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). Operational targeting focuses on the Private sector and Government sectors. Original reco… |
| ATTOR | Attor | Adversary group targeting diplomatic missions and governmental organisations. |
| AVIVORE | Avivore | The group’s existence came to light during Context’s investigation of a number of attacks against multinational enterprises that compromise smaller engineering… |