2,004 indexed
ACTORSThreat actors
2004 threat-actor records from MISP-Galaxy v341. Filter by attributed country, or for country / sector / MITRE-Group facets see /explore/actors. Authored by Adam Lundqvist.
Showing 501–550 of 2,004 · page 11 of 41
| ID | Title | Summary |
|---|---|---|
| EARTH-LONGZHI | Earth Longzhi | Earth Longzhi is a subgroup of APT41 targeting organizations based in Taiwan, Thailand, the Philippines, and Fiji, and using “stack rumbling” via Image File Ex… |
| Earth Lusca | Earth Lusca CN | Earth Lusca is a threat actor from China that targets organizations of interest to the Chinese government, including academic institutions, telecommunication c… |
| EARTH-LUSCA | Earth Lusca | Earth Lusca is a threat actor from China that targets organizations of interest to the Chinese government, including academic institutions, telecommunication c… |
| Earth Naga | Earth Naga CN | Earth Naga is an APT group that has persistently targeted high-value organizations, including government agencies, telecommunications, and military-related man… |
| EARTH-NAGA | Earth Naga | Earth Naga is an APT group that has persistently targeted high-value organizations, including government agencies, telecommunications, and military-related man… |
| Earth Wendigo | Earth Wendigo CN | Earth Wendigo is a threat actor from China that has been targeting several organizations — including government organizations, research institutions, and unive… |
| EARTH-WENDIGO | Earth Wendigo | Earth Wendigo is a threat actor from China that has been targeting several organizations — including government organizations, research institutions, and unive… |
| Earth Yako | Earth Yako | Earth Yako is a threat actor that has been actively targeting researchers in academic organizations and think tanks in Japan. They use spearphishing emails wit… |
| EARTH-YAKO | Earth Yako | Earth Yako is a threat actor that has been actively targeting researchers in academic organizations and think tanks in Japan. They use spearphishing emails wit… |
| EC2 Grouper | EC2 Grouper | EC2 Grouper is a prolific threat actor known for leveraging AWS tools for PowerShell to conduct automated attacks in cloud environments. They typically utilize… |
| EC2-GROUPER | EC2 Grouper | EC2 Grouper is a prolific threat actor known for leveraging AWS tools for PowerShell to conduct automated attacks in cloud environments. They typically utilize… |
| Edalat-e Ali | Edalat-e Ali IR | Edalat-e Ali is a hacktivist group known for disrupting Iranian state-run TV and radio transmissions during significant events, such as the Revolution Day cere… |
| EDALAT-E-ALI | Edalat-e Ali | Edalat-e Ali is a hacktivist group known for disrupting Iranian state-run TV and radio transmissions during significant events, such as the Revolution Day cere… |
| Educated Manticore | Educated Manticore IR | Educated Manticore is an Iranian APT group aligned with the Islamic Revolutionary Guard Corps, primarily engaged in espionage targeting government, military, a… |
| EDUCATED-MANTICORE | Educated Manticore | Educated Manticore is an Iranian APT group aligned with the Islamic Revolutionary Guard Corps, primarily engaged in espionage targeting government, military, a… |
| El Machete | El Machete | El Machete is one of these threats that was first publicly disclosed and named by Kaspersky here. We’ve found that this group has continued to operate successf… |
| EL-MACHETE | El Machete | El Machete is one of these threats that was first publicly disclosed and named by Kaspersky here. We’ve found that this group has continued to operate successf… |
| ELECTRIC PANDA | ELECTRIC PANDA CN | ELECTRIC PANDA is a Chinese-attributed threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). Original record: ELECTRIC PANDA is a Chinese-attributed threa… |
| ELECTRIC-PANDA | ELECTRIC PANDA | |
| ELOQUENT PANDA | ELOQUENT PANDA CN | ELOQUENT PANDA is a Chinese-attributed threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). Original record: ELOQUENT PANDA is a Chinese-attributed threa… |
| ELOQUENT-PANDA | ELOQUENT PANDA | |
| ELUSIVE COMET | ELUSIVE COMET KP | ELUSIVE COMET is a threat actor responsible for significant cryptocurrency theft through sophisticated social engineering attacks, particularly leveraging Zoom… |
| ELUSIVE-COMET | ELUSIVE COMET | ELUSIVE COMET is a threat actor responsible for significant cryptocurrency theft through sophisticated social engineering attacks, particularly leveraging Zoom… |
| ENERGETIC BEAR | ENERGETIC BEAR RU | ENERGETIC BEAR is a Russian-attributed threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). The group is also tracked as BERSERK BEAR, ALLANITE, CASTLE (… |
| ENERGETIC-BEAR | ENERGETIC BEAR | A Russian group that collects intelligence on the energy industry. |
| Equation Group | Equation Group US | The Equation Group is a highly sophisticated threat actor described by its discoverers at Kaspersky Labs as one of the most sophisticated cyber attack groups i… |
| EQUATION-GROUP | Equation Group | The Equation Group is a highly sophisticated threat actor described by its discoverers at Kaspersky Labs as one of the most sophisticated cyber attack groups i… |
| Evasive Panda | Evasive Panda CN | Evasive Panda is a Chinese-attributed threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). The group is also tracked as BRONZE HIGHLAND. Operational targ… |
| EVASIVE-PANDA | Evasive Panda | Evasive Panda is an APT group that has been active since at least 2012, conducting cyberespionage targeting individuals, government institutions and organizati… |
| Evil Corp | Evil Corp | Evil Corp is an internaltional cybercrime network. In December of 2019 the US Federal Government offered a $5M bounty for information leading to the arrest and… |
| EVIL-CORP | Evil Corp | Evil Corp is an internaltional cybercrime network. In December of 2019 the US Federal Government offered a $5M bounty for information leading to the arrest and… |
| Evilbyte | Evilbyte | EvilByte is a hacktivist group that has conducted several high-profile cyber attacks in 2024, including breaching MyFatoorah's banking system in retaliation ag… |
| EVILBYTE | Evilbyte | EvilByte is a hacktivist group that has conducted several high-profile cyber attacks in 2024, including breaching MyFatoorah's banking system in retaliation ag… |
| Evilnum | Evilnum | ESET has analyzed the operations of Evilnum, the APT group behind the Evilnum malware previously seen in attacks against financial technology companies. While … |
| EVILNUM | Evilnum | ESET has analyzed the operations of Evilnum, the APT group behind the Evilnum malware previously seen in attacks against financial technology companies. While … |
| EvilPost | EvilPost | |
| EVILPOST | EvilPost | |
| EvilTraffic | EvilTraffic | Malware experts at CSE Cybsec uncovered a massive malvertising campaign dubbed EvilTraffic leveraging tens of thousands compromised websites. Crooks exploited … |
| EVILTRAFFIC | EvilTraffic | Malware experts at CSE Cybsec uncovered a massive malvertising campaign dubbed EvilTraffic leveraging tens of thousands compromised websites. Crooks exploited … |
| EvilWeb | EvilWeb RU | EvilWeb is a pro-Russian hacktivist group created in March 2024 that targets American and European entities using a hack-and-leak method alongside DDoS attacks… |
| EVILWEB | EvilWeb | EvilWeb is a pro-Russian hacktivist group created in March 2024 that targets American and European entities using a hack-and-leak method alongside DDoS attacks… |
| ExCobalt | ExCobalt | ExCobalt is an APT group that has been active since at least 2016 and is believed to be linked to the notorious Cobalt Gang. The group primarily targets Russia… |
| EXCOBALT | ExCobalt | ExCobalt is an APT group that has been active since at least 2016 and is believed to be linked to the notorious Cobalt Gang. The group primarily targets Russia… |
| EXOTIC LILY | EXOTIC LILY | EXOTIC LILY is a resourceful, financially motivated group whose activities appear to be closely linked with data exfiltration and deployment of human-operated … |
| EXOTIC-LILY | EXOTIC LILY | EXOTIC LILY is a resourceful, financially motivated group whose activities appear to be closely linked with data exfiltration and deployment of human-operated … |
| Fail0verflow | Fail0verflow | Fail0verflow is a hacking group known for exploiting vulnerabilities in gaming consoles, notably the Nintendo Wii and PlayStation 3. They utilized techniques s… |
| FAIL0VERFLOW | Fail0verflow | Fail0verflow is a hacking group known for exploiting vulnerabilities in gaming consoles, notably the Nintendo Wii and PlayStation 3. They utilized techniques s… |
| FASTCash | FASTCash | Treasury has identified a sophisticated cyber-enabled ATM cash out campaign we are calling FASTCash. FASTCash has been active since late 2016 targeting banks i… |
| FASTCASH | FASTCash | Treasury has identified a sophisticated cyber-enabled ATM cash out campaign we are calling FASTCash. FASTCash has been active since late 2016 targeting banks i… |
| Femwar02 | Femwar02 RU | Femwar02 is a previously unknown pro-Russian ransomware threat actor that emerged in early 2026, linked to a major cyberattack on Italy's Sapienza University o… |