2,004 indexed
ACTORSThreat actors
2004 threat-actor records from MISP-Galaxy v341. Filter by attributed country, or for country / sector / MITRE-Group facets see /explore/actors. Authored by Adam Lundqvist.
Showing 351–400 of 1,546 in Other · page 8 of 31
| ID | Title | Summary |
|---|---|---|
| EARTH-BERBEROKA | Earth Berberoka | According to TrendMicro, Earth Berberoka is a threat group originating from China that mainly focuses on targeting gambling websites. This group's campaign use… |
| Earth Estries | Earth Estries | Trend Micro found that Earth Estries relies heavily on DLL sideloading to load various tools within its arsenal. Aside from the backdoors previously mentioned,… |
| EARTH-ESTRIES | Earth Estries | Trend Micro found that Earth Estries relies heavily on DLL sideloading to load various tools within its arsenal. Aside from the backdoors previously mentioned,… |
| EARTH-FREYBUG | Earth Freybug | Earth Freybug, identified as a subset of APT41, is a cyberthreat group active since at least 2012, engaging in espionage and financially motivated activities a… |
| Earth Kapre | Earth Kapre | Earth Kapre is an APT group specializing in cyberespionage. They target organizations in various countries through phishing campaigns using malicious attachmen… |
| EARTH-KAPRE | Earth Kapre | Earth Kapre is an APT group specializing in cyberespionage. They target organizations in various countries through phishing campaigns using malicious attachmen… |
| Earth Kitsune | Earth Kitsune | Earth Kitsune is an advanced persistent threat actor that has been active since at least 2019. They primarily target individuals interested in North Korea and … |
| EARTH-KITSUNE | Earth Kitsune | Earth Kitsune is an advanced persistent threat actor that has been active since at least 2019. They primarily target individuals interested in North Korea and … |
| EARTH-KRAHANG | Earth Krahang | Earth Krahang is an APT group targeting government organizations worldwide. They use spear-phishing emails, weak internet-facing servers, and custom backdoors … |
| Earth Kurma | Earth Kurma | Earth Kurma is an APT group targeting government and telecommunications sectors in Southeast Asia, with a primary focus on data exfiltration. They employ advan… |
| EARTH-KURMA | Earth Kurma | Earth Kurma is an APT group targeting government and telecommunications sectors in Southeast Asia, with a primary focus on data exfiltration. They employ advan… |
| EARTH-LAMIA | Earth Lamia | Earth Lamia is a China-nexus APT that targets organizations across multiple sectors, including finance, logistics, and government, primarily in Latin America, … |
| Earth Longzhi | Earth Longzhi | Earth Longzhi is a subgroup of APT41 targeting organizations based in Taiwan, Thailand, the Philippines, and Fiji, and using “stack rumbling” via Image File Ex… |
| EARTH-LONGZHI | Earth Longzhi | Earth Longzhi is a subgroup of APT41 targeting organizations based in Taiwan, Thailand, the Philippines, and Fiji, and using “stack rumbling” via Image File Ex… |
| EARTH-LUSCA | Earth Lusca | Earth Lusca is a threat actor from China that targets organizations of interest to the Chinese government, including academic institutions, telecommunication c… |
| EARTH-NAGA | Earth Naga | Earth Naga is an APT group that has persistently targeted high-value organizations, including government agencies, telecommunications, and military-related man… |
| EARTH-WENDIGO | Earth Wendigo | Earth Wendigo is a threat actor from China that has been targeting several organizations — including government organizations, research institutions, and unive… |
| Earth Yako | Earth Yako | Earth Yako is a threat actor that has been actively targeting researchers in academic organizations and think tanks in Japan. They use spearphishing emails wit… |
| EARTH-YAKO | Earth Yako | Earth Yako is a threat actor that has been actively targeting researchers in academic organizations and think tanks in Japan. They use spearphishing emails wit… |
| EC2 Grouper | EC2 Grouper | EC2 Grouper is a prolific threat actor known for leveraging AWS tools for PowerShell to conduct automated attacks in cloud environments. They typically utilize… |
| EC2-GROUPER | EC2 Grouper | EC2 Grouper is a prolific threat actor known for leveraging AWS tools for PowerShell to conduct automated attacks in cloud environments. They typically utilize… |
| EDALAT-E-ALI | Edalat-e Ali | Edalat-e Ali is a hacktivist group known for disrupting Iranian state-run TV and radio transmissions during significant events, such as the Revolution Day cere… |
| EDUCATED-MANTICORE | Educated Manticore | Educated Manticore is an Iranian APT group aligned with the Islamic Revolutionary Guard Corps, primarily engaged in espionage targeting government, military, a… |
| El Machete | El Machete | El Machete is one of these threats that was first publicly disclosed and named by Kaspersky here. We’ve found that this group has continued to operate successf… |
| EL-MACHETE | El Machete | El Machete is one of these threats that was first publicly disclosed and named by Kaspersky here. We’ve found that this group has continued to operate successf… |
| ELECTRIC-PANDA | ELECTRIC PANDA | |
| ELOQUENT-PANDA | ELOQUENT PANDA | |
| ELUSIVE-COMET | ELUSIVE COMET | ELUSIVE COMET is a threat actor responsible for significant cryptocurrency theft through sophisticated social engineering attacks, particularly leveraging Zoom… |
| ENERGETIC-BEAR | ENERGETIC BEAR | A Russian group that collects intelligence on the energy industry. |
| EQUATION-GROUP | Equation Group | The Equation Group is a highly sophisticated threat actor described by its discoverers at Kaspersky Labs as one of the most sophisticated cyber attack groups i… |
| EVASIVE-PANDA | Evasive Panda | Evasive Panda is an APT group that has been active since at least 2012, conducting cyberespionage targeting individuals, government institutions and organizati… |
| Evil Corp | Evil Corp | Evil Corp is an internaltional cybercrime network. In December of 2019 the US Federal Government offered a $5M bounty for information leading to the arrest and… |
| EVIL-CORP | Evil Corp | Evil Corp is an internaltional cybercrime network. In December of 2019 the US Federal Government offered a $5M bounty for information leading to the arrest and… |
| Evilbyte | Evilbyte | EvilByte is a hacktivist group that has conducted several high-profile cyber attacks in 2024, including breaching MyFatoorah's banking system in retaliation ag… |
| EVILBYTE | Evilbyte | EvilByte is a hacktivist group that has conducted several high-profile cyber attacks in 2024, including breaching MyFatoorah's banking system in retaliation ag… |
| Evilnum | Evilnum | ESET has analyzed the operations of Evilnum, the APT group behind the Evilnum malware previously seen in attacks against financial technology companies. While … |
| EVILNUM | Evilnum | ESET has analyzed the operations of Evilnum, the APT group behind the Evilnum malware previously seen in attacks against financial technology companies. While … |
| EvilPost | EvilPost | |
| EVILPOST | EvilPost | |
| EvilTraffic | EvilTraffic | Malware experts at CSE Cybsec uncovered a massive malvertising campaign dubbed EvilTraffic leveraging tens of thousands compromised websites. Crooks exploited … |
| EVILTRAFFIC | EvilTraffic | Malware experts at CSE Cybsec uncovered a massive malvertising campaign dubbed EvilTraffic leveraging tens of thousands compromised websites. Crooks exploited … |
| EVILWEB | EvilWeb | EvilWeb is a pro-Russian hacktivist group created in March 2024 that targets American and European entities using a hack-and-leak method alongside DDoS attacks… |
| ExCobalt | ExCobalt | ExCobalt is an APT group that has been active since at least 2016 and is believed to be linked to the notorious Cobalt Gang. The group primarily targets Russia… |
| EXCOBALT | ExCobalt | ExCobalt is an APT group that has been active since at least 2016 and is believed to be linked to the notorious Cobalt Gang. The group primarily targets Russia… |
| EXOTIC LILY | EXOTIC LILY | EXOTIC LILY is a resourceful, financially motivated group whose activities appear to be closely linked with data exfiltration and deployment of human-operated … |
| EXOTIC-LILY | EXOTIC LILY | EXOTIC LILY is a resourceful, financially motivated group whose activities appear to be closely linked with data exfiltration and deployment of human-operated … |
| Fail0verflow | Fail0verflow | Fail0verflow is a hacking group known for exploiting vulnerabilities in gaming consoles, notably the Nintendo Wii and PlayStation 3. They utilized techniques s… |
| FAIL0VERFLOW | Fail0verflow | Fail0verflow is a hacking group known for exploiting vulnerabilities in gaming consoles, notably the Nintendo Wii and PlayStation 3. They utilized techniques s… |
| FASTCash | FASTCash | Treasury has identified a sophisticated cyber-enabled ATM cash out campaign we are calling FASTCash. FASTCash has been active since late 2016 targeting banks i… |
| FASTCASH | FASTCash | Treasury has identified a sophisticated cyber-enabled ATM cash out campaign we are calling FASTCash. FASTCash has been active since late 2016 targeting banks i… |