2,004 indexed
ACTORSThreat actors
2004 threat-actor records from MISP-Galaxy v341. Filter by attributed country, or for country / sector / MITRE-Group facets see /explore/actors. Authored by Adam Lundqvist.
Showing 451–500 of 2,004 · page 10 of 41
| ID | Title | Summary |
|---|---|---|
| DIZZY PANDA | DIZZY PANDA | DIZZY PANDA is a threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). The group is also tracked as LadyBoyle. Original record: DIZZY PANDA is a threat ac… |
| DIZZY-PANDA | DIZZY PANDA | |
| DNSpionage | DNSpionage | Cisco Talos recently discovered a new campaign targeting Lebanon and the United Arab Emirates (UAE) affecting .gov domains, as well as a private Lebanese airli… |
| DNSPIONAGE | DNSpionage | Cisco Talos recently discovered a new campaign targeting Lebanon and the United Arab Emirates (UAE) affecting .gov domains, as well as a private Lebanese airli… |
| Domestic Kitten | Domestic Kitten IR | An extensive surveillance operation targets specific groups of individuals with malicious mobile apps that collect sensitive information on the device along wi… |
| DOMESTIC-KITTEN | Domestic Kitten | An extensive surveillance operation targets specific groups of individuals with malicious mobile apps that collect sensitive information on the device along wi… |
| DOPPEL SPIDER | DOPPEL SPIDER | In June 2019, CrowdStrike Intelligence observed a source code fork of BitPaymer and began tracking the new ransomware strain as DoppelPaymer. Further technical… |
| DOPPEL-SPIDER | DOPPEL SPIDER | In June 2019, CrowdStrike Intelligence observed a source code fork of BitPaymer and began tracking the new ransomware strain as DoppelPaymer. Further technical… |
| DragonBreath | DragonBreath | Golden Eye Dog targets Chinese-speaking users engaged in online gambling, employing techniques such as SERP poisoning, social engineering, and DDoS attacks. Th… |
| DRAGONBREATH | DragonBreath | Golden Eye Dog targets Chinese-speaking users engaged in online gambling, employing techniques such as SERP poisoning, social engineering, and DDoS attacks. Th… |
| Dragonbridge | Dragonbridge CN | DRAGONBRIDGE is a Chinese state-sponsored threat actor known for engaging in information operations to promote the political interests of the People's Republic… |
| DRAGONBRIDGE | Dragonbridge | DRAGONBRIDGE is a Chinese state-sponsored threat actor known for engaging in information operations to promote the political interests of the People's Republic… |
| DragonForce | DragonForce MY | DragonForce is a hacktivist group based in Malaysia that has been involved in cyberattacks targeting government institutions and commercial organizations in In… |
| DRAGONFORCE | DragonForce | DragonForce is a hacktivist group based in Malaysia that has been involved in cyberattacks targeting government institutions and commercial organizations in In… |
| DragonOK | DragonOK CN | Threat group that has targeted Japanese organizations with phishing emails. Due to overlapping TTPs, including similar custom tools, DragonOK is thought to hav… |
| DRAGONOK | DragonOK | Threat group that has targeted Japanese organizations with phishing emails. Due to overlapping TTPs, including similar custom tools, DragonOK is thought to hav… |
| DragonRank | DragonRank | DragonRank is a threat actor primarily targeting web application services in Asia and Europe, utilizing TTPs associated with Simplified Chinese-speaking hackin… |
| DRAGONRANK | DragonRank | DragonRank is a threat actor primarily targeting web application services in Asia and Europe, utilizing TTPs associated with Simplified Chinese-speaking hackin… |
| DragonSpark | DragonSpark CN | DragonSpark is a threat actor that has been conducting attacks primarily targeting organizations in East Asia. They utilize the open-source tool SparkRAT, whic… |
| DRAGONSPARK | DragonSpark | DragonSpark is a threat actor that has been conducting attacks primarily targeting organizations in East Asia. They utilize the open-source tool SparkRAT, whic… |
| DriftingCloud | DriftingCloud CN | DriftingCloud is a persistent threat actor known for targeting various industries and locations. They are skilled at developing or acquiring zero-day exploits … |
| DRIFTINGCLOUD | DriftingCloud | DriftingCloud is a persistent threat actor known for targeting various industries and locations. They are skilled at developing or acquiring zero-day exploits … |
| DRIVESURGE | DriveSurge | DriveSurge compromises legitimate websites to inject scripts that route visitors through zTDS, leading them to fake browser updates and ClickFix-style prompts.… |
| DUNGEON SPIDER | DUNGEON SPIDER | DUNGEON SPIDER is a criminal group operating the ransomware most commonly known as Locky, which has been active since February 2016 and was last observed in la… |
| DUNGEON-SPIDER | DUNGEON SPIDER | DUNGEON SPIDER is a criminal group operating the ransomware most commonly known as Locky, which has been active since February 2016 and was last observed in la… |
| Dust Storm | Dust Storm | Dust Storm is a threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). The group is also tracked as G0031. Original record: Threat actors behind the Operat… |
| DUST-STORM | Dust Storm | Threat actors behind the Operation Dust Storm have been active since at least 2010, the hackers targeted several organizations in Japan, South Korea, the US, E… |
| DustSquad | DustSquad RU | Prodaft researchers have published a report on Paperbug, a cyber-espionage campaign carried out by suspected Russian-speaking group Nomadic Octopus and which t… |
| DUSTSQUAD | DustSquad | Prodaft researchers have published a report on Paperbug, a cyber-espionage campaign carried out by suspected Russian-speaking group Nomadic Octopus and which t… |
| Earth Alux | Earth Alux CN | Earth Alux is a China-linked APT group known for conducting cyberespionage attacks across various sectors, including government, technology, and telecommunicat… |
| EARTH-ALUX | Earth Alux | Earth Alux is a China-linked APT group known for conducting cyberespionage attacks across various sectors, including government, technology, and telecommunicat… |
| Earth Baxia | Earth Baxia CN | Earth Baxia is a threat actor opearting out of China, targeting government organizations in Taiwan and potentially across the APAC region, using spear-phishing… |
| EARTH-BAXIA | Earth Baxia | Earth Baxia is a threat actor opearting out of China, targeting government organizations in Taiwan and potentially across the APAC region, using spear-phishing… |
| Earth Berberoka | Earth Berberoka CN | According to TrendMicro, Earth Berberoka is a threat group originating from China that mainly focuses on targeting gambling websites. This group's campaign use… |
| EARTH-BERBEROKA | Earth Berberoka | According to TrendMicro, Earth Berberoka is a threat group originating from China that mainly focuses on targeting gambling websites. This group's campaign use… |
| Earth Estries | Earth Estries | Trend Micro found that Earth Estries relies heavily on DLL sideloading to load various tools within its arsenal. Aside from the backdoors previously mentioned,… |
| EARTH-ESTRIES | Earth Estries | Trend Micro found that Earth Estries relies heavily on DLL sideloading to load various tools within its arsenal. Aside from the backdoors previously mentioned,… |
| Earth Freybug | Earth Freybug CN | Earth Freybug, identified as a subset of APT41, is a cyberthreat group active since at least 2012, engaging in espionage and financially motivated activities a… |
| EARTH-FREYBUG | Earth Freybug | Earth Freybug, identified as a subset of APT41, is a cyberthreat group active since at least 2012, engaging in espionage and financially motivated activities a… |
| Earth Kapre | Earth Kapre | Earth Kapre is an APT group specializing in cyberespionage. They target organizations in various countries through phishing campaigns using malicious attachmen… |
| EARTH-KAPRE | Earth Kapre | Earth Kapre is an APT group specializing in cyberespionage. They target organizations in various countries through phishing campaigns using malicious attachmen… |
| Earth Kitsune | Earth Kitsune | Earth Kitsune is an advanced persistent threat actor that has been active since at least 2019. They primarily target individuals interested in North Korea and … |
| EARTH-KITSUNE | Earth Kitsune | Earth Kitsune is an advanced persistent threat actor that has been active since at least 2019. They primarily target individuals interested in North Korea and … |
| Earth Krahang | Earth Krahang CN | Earth Krahang is an APT group targeting government organizations worldwide. They use spear-phishing emails, weak internet-facing servers, and custom backdoors … |
| EARTH-KRAHANG | Earth Krahang | Earth Krahang is an APT group targeting government organizations worldwide. They use spear-phishing emails, weak internet-facing servers, and custom backdoors … |
| Earth Kurma | Earth Kurma | Earth Kurma is an APT group targeting government and telecommunications sectors in Southeast Asia, with a primary focus on data exfiltration. They employ advan… |
| EARTH-KURMA | Earth Kurma | Earth Kurma is an APT group targeting government and telecommunications sectors in Southeast Asia, with a primary focus on data exfiltration. They employ advan… |
| Earth Lamia | Earth Lamia CN | Earth Lamia is a China-nexus APT that targets organizations across multiple sectors, including finance, logistics, and government, primarily in Latin America, … |
| EARTH-LAMIA | Earth Lamia | Earth Lamia is a China-nexus APT that targets organizations across multiple sectors, including finance, logistics, and government, primarily in Latin America, … |
| Earth Longzhi | Earth Longzhi | Earth Longzhi is a subgroup of APT41 targeting organizations based in Taiwan, Thailand, the Philippines, and Fiji, and using “stack rumbling” via Image File Ex… |