2,004 indexed
ACTORSThreat actors
2004 threat-actor records from MISP-Galaxy v341. Filter by attributed country, or for country / sector / MITRE-Group facets see /explore/actors. Authored by Adam Lundqvist.
Showing 601–650 of 2,004 · page 13 of 41
| ID | Title | Summary |
|---|---|---|
| GAMACOPY | GamaCopy | GamaCopy is a threat actor first discovered in June 2023, known for launching cyberattacks against Russia’s defense and critical infrastructure sectors by mimi… |
| Gamaredon Group | Gamaredon Group RU | Unit 42 threat researchers have recently observed a threat group distributing new, custom developed malware. We have labelled this threat group the Gamaredon G… |
| GAMAREDON-GROUP | Gamaredon Group | Unit 42 threat researchers have recently observed a threat group distributing new, custom developed malware. We have labelled this threat group the Gamaredon G… |
| GambleForce | GambleForce | GambleForce is a threat actor specializing in SQL injection attacks. They have targeted over 20 websites in various sectors across multiple countries, compromi… |
| GAMBLEFORCE | GambleForce | GambleForce is a threat actor specializing in SQL injection attacks. They have targeted over 20 websites in various sectors across multiple countries, compromi… |
| GC01 | GC01 | From November 2017 to October 2018, we attributed 14 campaigns to the GC threat actors that used a specific MaaS provider (hereinafter “the Provider”) offered … |
| GC01 | GC01 | From November 2017 to October 2018, we attributed 14 campaigns to the GC threat actors that used a specific MaaS provider (hereinafter “the Provider”) offered … |
| GC02 | GC02 | From November 2017 to October 2018, we attributed 14 campaigns to the GC threat actors that used a specific MaaS provider (hereinafter “the Provider”) offered … |
| GC02 | GC02 | From November 2017 to October 2018, we attributed 14 campaigns to the GC threat actors that used a specific MaaS provider (hereinafter “the Provider”) offered … |
| GCMAN | GCMAN RU | GCMAN is a Russian-attributed threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). The group is also tracked as G0036. Original record: GCMAN is a threat… |
| GCMAN | GCMAN | GCMAN is a threat group that focuses on targeting banks for the purpose of transferring money to e-currency services. |
| Gelsemium | Gelsemium | The Gelsemium group has been active since at least 2014 and was described in the past by a few security companies. Gelsemium’s name comes from one possible tra… |
| GELSEMIUM | Gelsemium | The Gelsemium group has been active since at least 2014 and was described in the past by a few security companies. Gelsemium’s name comes from one possible tra… |
| Ghost Jackal | Ghost Jackal | |
| GHOST-JACKAL | Ghost Jackal | |
| GHOST-STADIUM | GHOST STADIUM | GHOST STADIUM is a Chinese-speaking, financially motivated threat actor operating a sophisticated phishing campaign across over 300 domains, utilizing a custom… |
| GhostEmperor | GhostEmperor CN | GhostEmperor is a Chinese-speaking threat actor that targets government entities and telecom companies in Southeast Asia. They employ a Windows kernel-mode roo… |
| GHOSTEMPEROR | GhostEmperor | GhostEmperor is a Chinese-speaking threat actor that targets government entities and telecom companies in Southeast Asia. They employ a Windows kernel-mode roo… |
| GhostNet | GhostNet | Cyber espionage is an issue whose time has come. In this second report from the Information Warfare Monitor, we lay out the findings of a 10-month investigatio… |
| GHOSTNET | GhostNet | Cyber espionage is an issue whose time has come. In this second report from the Information Warfare Monitor, we lay out the findings of a 10-month investigatio… |
| GhostR | GhostR | Ghostr is a financially motivated threat actor known for stealing a confidential database containing 5.3 million records from the World-Check and leaking about… |
| GHOSTR | GhostR | Ghostr is a financially motivated threat actor known for stealing a confidential database containing 5.3 million records from the World-Check and leaking about… |
| GhostRedirector | GhostRedirector CN | GhostRedirector is a China-aligned threat actor that has compromised at least 65 Windows servers across various sectors, primarily in Brazil, Thailand, and Vie… |
| GHOSTREDIRECTOR | GhostRedirector | GhostRedirector is a China-aligned threat actor that has compromised at least 65 Windows servers across various sectors, primarily in Brazil, Thailand, and Vie… |
| GhostSec | GhostSec | GhostSec is a hacktivist group that emerged as an offshoot of Anonymous. They primarily focused on counterterrorism efforts and monitoring online activities as… |
| GHOSTSEC | GhostSec | GhostSec is a hacktivist group that emerged as an offshoot of Anonymous. They primarily focused on counterterrorism efforts and monitoring online activities as… |
| Ghostwriter | Ghostwriter BY | Ghostwriter is a Belarusian-attributed threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). The group is also tracked as UNC1151, TA445, PUSHCHA (and 3 m… |
| GHOSTWRITER | Ghostwriter | Ghostwriter is referred as an 'activity set', with various incidents tied together by overlapping behavioral characteristics and personas, rather than as an ac… |
| GIBBERISH PANDA | GIBBERISH PANDA CN | GIBBERISH PANDA is a Chinese-attributed threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). Original record: GIBBERISH PANDA is a Chinese-attributed thr… |
| GIBBERISH-PANDA | GIBBERISH PANDA | |
| Gitloker | Gitloker | Gitloker is a threat actor group targeting GitHub repositories, wiping their contents, and extorting victims for their data. They use stolen credentials to com… |
| GITLOKER | Gitloker | Gitloker is a threat actor group targeting GitHub repositories, wiping their contents, and extorting victims for their data. They use stolen credentials to com… |
| Gnosticplayers | Gnosticplayers | The hacker said that he put up the data for sale mainly because these companies had failed to protect passwords with strong encryption algorithms like bcrypt. … |
| GNOSTICPLAYERS | Gnosticplayers | The hacker said that he put up the data for sale mainly because these companies had failed to protect passwords with strong encryption algorithms like bcrypt. … |
| GOBLIN PANDA | GOBLIN PANDA CN | GOBLIN PANDA is a Chinese-attributed threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). The group is also tracked as Conimes, Cycldek. Operational targ… |
| GOBLIN-PANDA | GOBLIN PANDA | Goblin Panda is one of a handful of elite Chinese advanced persistent threat (APT) groups. Most Chinese APTs target the United States and NATO, but Goblin Pand… |
| GOFFEE | GOFFEE | GOFFEE is a threat actor that has targeted entities in the Russian Federation since early 2022, employing spear phishing emails with malicious attachments, inc… |
| GOFFEE | GOFFEE | GOFFEE is a threat actor that has targeted entities in the Russian Federation since early 2022, employing spear phishing emails with malicious attachments, inc… |
| GOLD BURLAP | GOLD BURLAP | GOLD BURLAP is a group of financially motivated criminals responsible for the development of the Pysa ransomware, also referred to as Mespinoza. Pysa is a cros… |
| GOLD-BURLAP | GOLD BURLAP | GOLD BURLAP is a group of financially motivated criminals responsible for the development of the Pysa ransomware, also referred to as Mespinoza. Pysa is a cros… |
| GOLD CABIN | GOLD CABIN | GOLD CABIN is a financially motivated cybercriminal threat group operating a malware distribution service on behalf of numerous customers since 2018. GOLD CABI… |
| GOLD-CABIN | GOLD CABIN | GOLD CABIN is a financially motivated cybercriminal threat group operating a malware distribution service on behalf of numerous customers since 2018. GOLD CABI… |
| GOLD DUPONT | GOLD DUPONT | GOLD DUPONT is a financially motivated cybercriminal threat group that specializes in post-intrusion ransomware attacks using 777 (aka Defray777 or RansomExx) … |
| GOLD-DUPONT | GOLD DUPONT | GOLD DUPONT is a financially motivated cybercriminal threat group that specializes in post-intrusion ransomware attacks using 777 (aka Defray777 or RansomExx) … |
| GOLD EVERGREEN | GOLD EVERGREEN | GOLD EVERGREEN was a financially motivated cybercriminal threat group that operated the Gameover Zeus (aka Mapp, P2P Zeus) botnet until June 2014. It encompass… |
| GOLD-EVERGREEN | GOLD EVERGREEN | GOLD EVERGREEN was a financially motivated cybercriminal threat group that operated the Gameover Zeus (aka Mapp, P2P Zeus) botnet until June 2014. It encompass… |
| GOLD FAIRFAX | GOLD FAIRFAX | GOLD FAIRFAX is a financially motivated cybercriminal threat group responsible for the creation, distribution, and operation of the Ramnit botnet. Ramnit, the … |
| GOLD-FAIRFAX | GOLD FAIRFAX | GOLD FAIRFAX is a financially motivated cybercriminal threat group responsible for the creation, distribution, and operation of the Ramnit botnet. Ramnit, the … |
| GOLD FLANDERS | GOLD FLANDERS | GOLD FLANDERS is a financially motivated group responsible for distributed denial of service (DDOS) attacks linked to extortion emails demanding between 5 and … |
| GOLD-FLANDERS | GOLD FLANDERS | GOLD FLANDERS is a financially motivated group responsible for distributed denial of service (DDOS) attacks linked to extortion emails demanding between 5 and … |