2,004 indexed
ACTORSThreat actors
2004 threat-actor records from MISP-Galaxy v341. Filter by attributed country, or for country / sector / MITRE-Group facets see /explore/actors. Authored by Adam Lundqvist.
Showing 1,901–1,950 of 2,004 · page 39 of 41
| ID | Title | Summary |
|---|---|---|
| VOID-BALAUR | Void Balaur | Void Balaur is a highly active hack-for-hire / cyber mercenary group with a wide range of known target types across the globe. Their services have been observe… |
| Void Banshee | Void Banshee | Void Banshee is an APT group targeting North America, Europe, and Southeast Asia for information theft and financial gain. They exploit vulnerabilities like CV… |
| VOID-BANSHEE | Void Banshee | Void Banshee is an APT group targeting North America, Europe, and Southeast Asia for information theft and financial gain. They exploit vulnerabilities like CV… |
| Void Blizzard | Void Blizzard RU | Void Blizzard’s cyberespionage operations tend to be highly targeted at specific organizations of interest to the Russian government, including in government, … |
| VOID-BLIZZARD | Void Blizzard | Void Blizzard’s cyberespionage operations tend to be highly targeted at specific organizations of interest to the Russian government, including in government, … |
| Void Manticore | Void Manticore IR | Void Manticore is an Iranian APT group affiliated with MOIS, known for conducting destructive wiping attacks and influence operations. They collaborate with Sc… |
| VOID-MANTICORE | Void Manticore | Void Manticore is an Iranian APT group affiliated with MOIS, known for conducting destructive wiping attacks and influence operations. They collaborate with Sc… |
| Void Rabisu | Void Rabisu | Void Rabisu is a threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). The group is also tracked as Tropical Scorpius. Documented victim organisations inc… |
| VOID-RABISU | Void Rabisu | Void Rabisu is an intrusion set associated with both financially motivated ransomware attacks and targeted campaigns on Ukraine and countries supporting Ukrain… |
| Volatile Cedar | Volatile Cedar LB | Beginning in late 2012, a carefully orchestrated attack campaign we call Volatile Cedar has been targeting individuals, companies and institutions worldwide. T… |
| VOLATILE-CEDAR | Volatile Cedar | Beginning in late 2012, a carefully orchestrated attack campaign we call Volatile Cedar has been targeting individuals, companies and institutions worldwide. T… |
| Volt Typhoon | Volt Typhoon CN | [Microsoft] Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderat… |
| VOLT-TYPHOON | Volt Typhoon | [Microsoft] Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderat… |
| VulzSecTeam | VulzSecTeam ID | VulzSec, also known as VulzSecTeam, is a hacktivist group that has been involved in various cyber-attacks. They have targeted government websites in retaliatio… |
| VULZSECTEAM | VulzSecTeam | VulzSec, also known as VulzSecTeam, is a hacktivist group that has been involved in various cyber-attacks. They have targeted government websites in retaliatio… |
| WageMole | WageMole KP | WageMole is a North Korean state-sponsored APT that employs social engineering and technology to secure remote job opportunities in Western countries, leveragi… |
| WAGEMOLE | WageMole | WageMole is a North Korean state-sponsored APT that employs social engineering and technology to secure remote job opportunities in Western countries, leveragi… |
| WARP PANDA | WARP PANDA CN | WARP PANDA is a China-nexus APT that targets VMware vCenter environments and Microsoft Azure infrastructures, primarily focusing on legal, technology, and manu… |
| WARP-PANDA | WARP PANDA | WARP PANDA is a China-nexus APT that targets VMware vCenter environments and Microsoft Azure infrastructures, primarily focusing on legal, technology, and manu… |
| Wassonite | Wassonite KP | WASSONITE is a North Korea-linked APT that has targeted industrial sectors, including electric generation, nuclear energy, manufacturing, and research entities… |
| WASSONITE | Wassonite | WASSONITE is a North Korea-linked APT that has targeted industrial sectors, including electric generation, nuclear energy, manufacturing, and research entities… |
| Watchdog | Watchdog | Thief Libra is a cloud-focused threat group that has a history of cryptojacking operations as well as cloud service platform credential scraping. They were fir… |
| WATCHDOG | Watchdog | Thief Libra is a cloud-focused threat group that has a history of cryptojacking operations as well as cloud service platform credential scraping. They were fir… |
| Water Bakunawa | Water Bakunawa | Water Bakunawa is a cybercriminal group identified by Trend Micro, responsible for the RansomHub ransomware, which exploits the Zerologon vulnerability to gain… |
| WATER-BAKUNAWA | Water Bakunawa | Water Bakunawa is a cybercriminal group identified by Trend Micro, responsible for the RansomHub ransomware, which exploits the Zerologon vulnerability to gain… |
| Water Barghest | Water Barghest | Water Barghest is a cybercriminal group that has compromised over 20,000 IoT devices by October 2024, monetizing them through a residential proxy marketplace. … |
| WATER-BARGHEST | Water Barghest | Water Barghest is a cybercriminal group that has compromised over 20,000 IoT devices by October 2024, monetizing them through a residential proxy marketplace. … |
| Water Curupira | Water Curupira | With its emergence in 2022, Water Curupira has established itself as a persistent threat actor targeting organizations primarily in South America and Europe. T… |
| WATER-CURUPIRA | Water Curupira | With its emergence in 2022, Water Curupira has established itself as a persistent threat actor targeting organizations primarily in South America and Europe. T… |
| Water Gamayun | Water Gamayun RU | Water Gamayun exploits the MSC EvilTwin zero-day vulnerability to compromise systems and exfiltrate data, utilizing custom payloads and advanced data exfiltrat… |
| WATER-GAMAYUN | Water Gamayun | Water Gamayun exploits the MSC EvilTwin zero-day vulnerability to compromise systems and exfiltrate data, utilizing custom payloads and advanced data exfiltrat… |
| Water Kurita | Water Kurita | Water Kurita is a financially motivated cybercriminal entity associated with the Lumma Stealer infostealer-as-a-service operation, primarily active on undergro… |
| WATER-KURITA | Water Kurita | Water Kurita is a financially motivated cybercriminal entity associated with the Lumma Stealer infostealer-as-a-service operation, primarily active on undergro… |
| Water Labbu | Water Labbu | Trend Micro discovered a threat actor they named Water Labbu that was targeting cryptocurrency scam websites. Typically, cryptocurrency scammers use social eng… |
| WATER-LABBU | Water Labbu | Trend Micro discovered a threat actor they named Water Labbu that was targeting cryptocurrency scam websites. Typically, cryptocurrency scammers use social eng… |
| Water Makara | Water Makara | Water Makara employs the Astaroth banking malware, which features a new defense evasion technique. Their spear phishing campaigns exploit human error by target… |
| WATER-MAKARA | Water Makara | Water Makara employs the Astaroth banking malware, which features a new defense evasion technique. Their spear phishing campaigns exploit human error by target… |
| Water Orthrus | Water Orthrus | Water Orthrus is a threat actor known for distributing CopperStealer and CopperPhish malware. They target Microsoft 365 users with phishing campaigns to steal … |
| WATER-ORTHRUS | Water Orthrus | Water Orthrus is a threat actor known for distributing CopperStealer and CopperPhish malware. They target Microsoft 365 users with phishing campaigns to steal … |
| Water Saci | Water Saci BR | Water Saci is a sophisticated cyber threat actor operating in Brazil, utilizing a multi-format attack chain that includes HTA files, ZIP archives, and PDFs to … |
| WATER-SACI | Water Saci | Water Saci is a sophisticated cyber threat actor operating in Brazil, utilizing a multi-format attack chain that includes HTA files, ZIP archives, and PDFs to … |
| Water Sigbin | Water Sigbin CN | The 8220 Gang, also known as Water Sigbin, is a threat actor group that focuses on deploying cryptocurrency-mining malware. They exploit vulnerabilities in Ora… |
| WATER-SIGBIN | Water Sigbin | The 8220 Gang, also known as Water Sigbin, is a threat actor group that focuses on deploying cryptocurrency-mining malware. They exploit vulnerabilities in Ora… |
| Webworm | Webworm CN | Space Pirates is a cybercrime group that has been active since at least 2017. They primarily target Russian companies and have been observed using various malw… |
| WEBWORM | Webworm | Space Pirates is a cybercrime group that has been active since at least 2017. They primarily target Russian companies and have been observed using various malw… |
| WeedSec | WeedSec | WeedSec is a threat actor group that recently targeted the online learning and course management platform Moodle. They posted sample databases of Moodle on the… |
| WEEDSEC | WeedSec | WeedSec is a threat actor group that recently targeted the online learning and course management platform Moodle. They posted sample databases of Moodle on the… |
| WeRedEvils | WeRedEvils IL | WeRedEvils is a hacking group that has claimed responsibility for multiple cyber attacks. They targeted the Iranian Electric Grid and the Tasnimnews website, c… |
| WEREDEVILS | WeRedEvils | WeRedEvils is a hacking group that has claimed responsibility for multiple cyber attacks. They targeted the Iranian Electric Grid and the Tasnimnews website, c… |
| WET PANDA | WET PANDA CN | WET PANDA is a Chinese-attributed threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). The group is also tracked as Red Chimera. Original record: WET PAN… |