2,004 indexed
ACTORSThreat actors
2004 threat-actor records from MISP-Galaxy v341. Filter by attributed country, or for country / sector / MITRE-Group facets see /explore/actors. Authored by Adam Lundqvist.
Showing 1,451–1,500 of 1,546 in Other · page 30 of 31
| ID | Title | Summary |
|---|---|---|
| UTG-Q-010 | UTG-Q-010 | UTG-Q-010 is a financially motivated APT group from East Asia that has been active since late 2022, primarily targeting the pharmaceutical industry and cryptoc… |
| Vanilla Tempest | Vanilla Tempest | Vice Society is a ransomware group that has been active since at least June 2021. They primarily target the education and healthcare sectors, but have also bee… |
| VANILLA-TEMPEST | Vanilla Tempest | Vice Society is a ransomware group that has been active since at least June 2021. They primarily target the education and healthcare sectors, but have also bee… |
| Velvet Tempest | Velvet Tempest | Velvet Tempest is a threat actor associated with the BlackCat ransomware group. They have been observed deploying multiple ransomware payloads, including Black… |
| VELVET-TEMPEST | Velvet Tempest | Velvet Tempest is a threat actor associated with the BlackCat ransomware group. They have been observed deploying multiple ransomware payloads, including Black… |
| VENOM SPIDER | VENOM SPIDER | VENOM SPIDER is the developer of a large toolset that includes SKID, VenomKit and Taurus Loader. Under the moniker 'badbullzvenom', the adversary has been an a… |
| VENOM-SPIDER | VENOM SPIDER | VENOM SPIDER is the developer of a large toolset that includes SKID, VenomKit and Taurus Loader. Under the moniker 'badbullzvenom', the adversary has been an a… |
| VICE-SPIDER | VICE SPIDER | Vice Spider is a Russian-speaking ransomware group that has been active since at least April 2021 and is linked to a significant increase in identity-based att… |
| ViceLeaker | ViceLeaker | In May 2018, we discovered a campaign targeting dozens of mobile Android devices belonging to Israeli citizens. Kaspersky spyware sensors caught the signal of … |
| VICELEAKER | ViceLeaker | In May 2018, we discovered a campaign targeting dozens of mobile Android devices belonging to Israeli citizens. Kaspersky spyware sensors caught the signal of … |
| VICEROY-TIGER | VICEROY TIGER | VICEROY TIGER is an adversary with a nexus to India that has historically targeted entities throughout multiple sectors. Older activity targeted multiple secto… |
| VICIOUS-PANDA | Vicious Panda | Check Point Research discovered a new campaign against the Mongolian public sector, which takes advantage of the current Coronavirus scare, in order to deliver… |
| ViciousTrap | ViciousTrap | ViciousTrap has compromised over 5,500 edge devices, transforming them into honeypots and utilizing a shell script called NetGhost to redirect incoming traffic… |
| VICIOUSTRAP | ViciousTrap | ViciousTrap has compromised over 5,500 edge devices, transforming them into honeypots and utilizing a shell script called NetGhost to redirect incoming traffic… |
| VIKING-JACKAL | Viking Jackal | |
| VIKING SPIDER | VIKING SPIDER | VIKING SPIDER is the criminal group behind the development and distribution of Ragnar Locker ransomware. While public reporting indicates the group began threa… |
| VIKING-SPIDER | VIKING SPIDER | VIKING SPIDER is the criminal group behind the development and distribution of Ragnar Locker ransomware. While public reporting indicates the group began threa… |
| Void Arachne | Void Arachne | Void Arachne is a threat actor group targeting Chinese-speaking users with malicious MSI files containing legitimate software installers for AI software. They … |
| VOID-ARACHNE | Void Arachne | Void Arachne is a threat actor group targeting Chinese-speaking users with malicious MSI files containing legitimate software installers for AI software. They … |
| Void Balaur | Void Balaur | Void Balaur is a highly active hack-for-hire / cyber mercenary group with a wide range of known target types across the globe. Their services have been observe… |
| VOID-BALAUR | Void Balaur | Void Balaur is a highly active hack-for-hire / cyber mercenary group with a wide range of known target types across the globe. Their services have been observe… |
| Void Banshee | Void Banshee | Void Banshee is an APT group targeting North America, Europe, and Southeast Asia for information theft and financial gain. They exploit vulnerabilities like CV… |
| VOID-BANSHEE | Void Banshee | Void Banshee is an APT group targeting North America, Europe, and Southeast Asia for information theft and financial gain. They exploit vulnerabilities like CV… |
| VOID-BLIZZARD | Void Blizzard | Void Blizzard’s cyberespionage operations tend to be highly targeted at specific organizations of interest to the Russian government, including in government, … |
| VOID-MANTICORE | Void Manticore | Void Manticore is an Iranian APT group affiliated with MOIS, known for conducting destructive wiping attacks and influence operations. They collaborate with Sc… |
| Void Rabisu | Void Rabisu | Void Rabisu is a threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). The group is also tracked as Tropical Scorpius. Documented victim organisations inc… |
| VOID-RABISU | Void Rabisu | Void Rabisu is an intrusion set associated with both financially motivated ransomware attacks and targeted campaigns on Ukraine and countries supporting Ukrain… |
| VOLATILE-CEDAR | Volatile Cedar | Beginning in late 2012, a carefully orchestrated attack campaign we call Volatile Cedar has been targeting individuals, companies and institutions worldwide. T… |
| VOLT-TYPHOON | Volt Typhoon | [Microsoft] Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderat… |
| VULZSECTEAM | VulzSecTeam | VulzSec, also known as VulzSecTeam, is a hacktivist group that has been involved in various cyber-attacks. They have targeted government websites in retaliatio… |
| WAGEMOLE | WageMole | WageMole is a North Korean state-sponsored APT that employs social engineering and technology to secure remote job opportunities in Western countries, leveragi… |
| WARP-PANDA | WARP PANDA | WARP PANDA is a China-nexus APT that targets VMware vCenter environments and Microsoft Azure infrastructures, primarily focusing on legal, technology, and manu… |
| WASSONITE | Wassonite | WASSONITE is a North Korea-linked APT that has targeted industrial sectors, including electric generation, nuclear energy, manufacturing, and research entities… |
| Watchdog | Watchdog | Thief Libra is a cloud-focused threat group that has a history of cryptojacking operations as well as cloud service platform credential scraping. They were fir… |
| WATCHDOG | Watchdog | Thief Libra is a cloud-focused threat group that has a history of cryptojacking operations as well as cloud service platform credential scraping. They were fir… |
| Water Bakunawa | Water Bakunawa | Water Bakunawa is a cybercriminal group identified by Trend Micro, responsible for the RansomHub ransomware, which exploits the Zerologon vulnerability to gain… |
| WATER-BAKUNAWA | Water Bakunawa | Water Bakunawa is a cybercriminal group identified by Trend Micro, responsible for the RansomHub ransomware, which exploits the Zerologon vulnerability to gain… |
| Water Barghest | Water Barghest | Water Barghest is a cybercriminal group that has compromised over 20,000 IoT devices by October 2024, monetizing them through a residential proxy marketplace. … |
| WATER-BARGHEST | Water Barghest | Water Barghest is a cybercriminal group that has compromised over 20,000 IoT devices by October 2024, monetizing them through a residential proxy marketplace. … |
| Water Curupira | Water Curupira | With its emergence in 2022, Water Curupira has established itself as a persistent threat actor targeting organizations primarily in South America and Europe. T… |
| WATER-CURUPIRA | Water Curupira | With its emergence in 2022, Water Curupira has established itself as a persistent threat actor targeting organizations primarily in South America and Europe. T… |
| WATER-GAMAYUN | Water Gamayun | Water Gamayun exploits the MSC EvilTwin zero-day vulnerability to compromise systems and exfiltrate data, utilizing custom payloads and advanced data exfiltrat… |
| Water Kurita | Water Kurita | Water Kurita is a financially motivated cybercriminal entity associated with the Lumma Stealer infostealer-as-a-service operation, primarily active on undergro… |
| WATER-KURITA | Water Kurita | Water Kurita is a financially motivated cybercriminal entity associated with the Lumma Stealer infostealer-as-a-service operation, primarily active on undergro… |
| Water Labbu | Water Labbu | Trend Micro discovered a threat actor they named Water Labbu that was targeting cryptocurrency scam websites. Typically, cryptocurrency scammers use social eng… |
| WATER-LABBU | Water Labbu | Trend Micro discovered a threat actor they named Water Labbu that was targeting cryptocurrency scam websites. Typically, cryptocurrency scammers use social eng… |
| Water Makara | Water Makara | Water Makara employs the Astaroth banking malware, which features a new defense evasion technique. Their spear phishing campaigns exploit human error by target… |
| WATER-MAKARA | Water Makara | Water Makara employs the Astaroth banking malware, which features a new defense evasion technique. Their spear phishing campaigns exploit human error by target… |
| Water Orthrus | Water Orthrus | Water Orthrus is a threat actor known for distributing CopperStealer and CopperPhish malware. They target Microsoft 365 users with phishing campaigns to steal … |
| WATER-ORTHRUS | Water Orthrus | Water Orthrus is a threat actor known for distributing CopperStealer and CopperPhish malware. They target Microsoft 365 users with phishing campaigns to steal … |