Name | Aliases | Attribution | Tags | Status | Targeted geography | Targeted industries |
---|---|---|---|---|---|---|
ScatterSwine, UNC3944 (Mandiant), Octo Tempest (MSFT), Storm-0875 (MSFT), Scattered Spider, Muddled Libra (Unit42), LUCR-3 (Permiso) | 💰Cybercrime | ExtortionistRansomOps | Finalized | United States/North America | ||
💰Cybercrime | Cryptojacking | Finalized | ||||
💰Cybercrime | Cryptojacking | Stub | ||||
Qilin, Water Galura | 💰Cybercrime | RansomOps | Finalized | AfricaAsia | Healthcare/MedicalEducation | |
💰Cybercrime | Cryptojacking | Finalized | ||||
Silent Chollima, Andariel, GOP, Guardian of Peace, Onyx Sleet, OperationTroy, PLUTONIUM | 🇰🇵 | State-Sponsored | Finalized | South Korea | ||
Mulberry Typhoon, MANGANESE, BRONZE FLEETWOOD, Keyhole Panda, UNC2630 | 🇨🇳 | State-Sponsored | Finalized | United States/North AmericaEuropeAsia | TelecommunicationTechnological | |
APT27 (Mandiant), Iron Tiger (TrendMicro), Emissary Panda (CS), BRONZE UNION, Budworm, Earth Smilodon, G0027, GreedyTaotie, Group 35, Iron Taurus, Lucky Mouse, Red Phoenix, TEMP.Hippo, TG-3390, ZipToken | 🇨🇳 | State-Sponsored | Finalized | EnergyMilitaryAerospaceManufactoringDiplomaticEducationTechnologicalTelecommunication | ||
IRON TWILIGHT, SNAKEMACKEREL, Swallowtail, Group 74, Sednit, Sofacy, Pawn Storm, Fancy Bear, STRONTIUM, Tsar Team, Threat Group-4127, TG-4127, Forest Blizzard, FROZENLAKE | 🇷🇺/GRU | State-Sponsored | Finalized | United States/North America | Federal agencies | |
APT29 (Mandiant), CozyBear (CS), NOBELIUM (MS), YTTRIUM (MS), UNC2452 (Mandiant), Midnight Blizzard (MS), ATK7, Blue Kitsune, BlueBravo, Cloaked Ursa, G0016, Grizzly Steppe, Group 100, IRON HEMLOCK, ITG11, Minidionis, Nobelium, SeaDuke, TA421, The Dukes, UAC-0029 | 🇷🇺/SVR | State-Sponsored | Finalized | United States/North America | MilitaryTelecommunicationTechnologicalHealthcare/MedicalDiplomatic | |
APT31 (Mandiant), Violet Typhoon (MS), Zirconium, Judgment Panda | 🇨🇳 | State-Sponsored | Stub | Federal agenciesMilitary | ||
ATK40, Cobalt Gypsy, Crambus, EUROPIUM, Evasive Serpens, G0049, Hazel Sandstorm, Helix Kitten, IRN2, TA452, Twisted Kitten, OilRig | 🇮🇷 | Data Exfil.State-Sponsored | Stub | Middle East | GovernmentTelecommunicationEnergyFinance | |
BRONZE MOHAWK, FEVERDREAM, Leviathan, G0065, Gadolinium, GreenCrash, Hellsing, Kryptonite Panda, MUDCARP, Periscope, Temp.Periscope, Temp.Jumper | 🇨🇳 | State-SponsoredData Exfil. | Finalized | EducationGovernmentMaritimeAerospaceHealthcare/MedicalHealthcare/Medical | ||
Amoeba, BARIUM, BRONZE ATLAS, BRONZE EXPORT, Blackfly, Brass Typhoon, Earth Baku, G0044, G0096, Grayfly, HOODOO, LEAD, Red Kelpie, TA415, WICKED PANDA, WICKED SPIDER | 🇨🇳 | State-SponsoredData Exfil. | Stub | TelecommunicationHigh-techHealthcare/Medical | ||
Storm-0539 (MS) | 💰Cybercrime | Stub | ||||
💰Cybercrime | RansomOps | Finalized | ||||
Not started | ||||||
💰Cybercrime | Botnet Operator | Stub | ||||
Stub | ||||||
Cerber | Unknown | RansomOpsCryptojacking | Stub | |||
TA453 (Proofpoint), PHOSPHORUS, APT42 | 🇮🇷/IRGC | State-Sponsored | Stub | |||
💰Cybercrime | Botnet Operator | Stub | ||||
💰Cybercrime | Cryptojacking | Stub | ||||
💰Cybercrime | Cryptojacking | Stub | ||||
💰Cybercrime | Stub | |||||
Unknown | Hacktivist | Stub | ||||
🇮🇷/MOIS | State-SponsoredRansomOps | Stub | ||||
💰Cybercrime | RansomOps | Stub | ||||
💰Cybercrime | Botnet OperatorCryptojacking | Stub | ||||
🇨🇳 | Stub | |||||
💰Cybercrime | Botnet OperatorCryptojacking | Featured | ||||
🇹🇷 | Stub | |||||
💰Cybercrime | Botnet Operator | Stub | ||||
Unknown | Stub | |||||
Stub | ||||||
Unknown | Data Exfil. | Stub | ||||
💰Cybercrime | Stub | |||||
💰Cybercrime | Botnet Operator | Stub | ||||
💰Cybercrime | Botnet Operator | Stub | ||||
p0-LUCR-1 (P0) | 💰Cybercrime | Stub | ||||
💰Cybercrime | Botnet OperatorCryptojacking | Stub | ||||
Not started | ||||||
💰Cybercrime | Data Exfil. | Stub | ||||
💰Cybercrime | Cryptojacking | Finalized | ||||
💰Cybercrime | Stub | |||||
💰Cybercrime | Cryptojacking | Stub | ||||
Strawberry Tempest (MS), DEV-0537 (MS) | 💰Cybercrime | Extortionist | Featured | |||
Labyrinth Chollima, HIDDEN COBRA, Guardians of Peace, ZINC, NICKEL ACADEMY, Diamond Sleet, APT38 | 🇰🇵 | State-Sponsored | Stub | United States/North America | AerospaceEntertainment | |
💰Cybercrime | Botnet Operator | Stub | ||||
💰Cybercrime | Stub | |||||
💰Cybercrime | Stub | |||||
💰Cybercrime | Stub | |||||
💰Cybercrime | Hacktivist | Stub | ||||
💰Cybercrime | Cryptojacking | Stub | ||||
💰Cybercrime | Cryptojacking | Stub | ||||
💰Cybercrime | Botnet OperatorCryptojacking | Stub | ||||
💰Cybercrime | Stub | |||||
Mispadu stealer | 💰Cybercrime | Data Exfil. | Finalized | Latin America | ||
MuddyWater (CHKP), Mango Sandstorm (MS), Mercury (MS) | 🇮🇷/MOIS | State-Sponsored | Finalized | Middle East | ||
💰Cybercrime | Botnet Operator | Stub | ||||
💰Cybercrime | Stub | |||||
🥷Insider threat | Stub | |||||
💰Cybercrime | Botnet Operator | Finalized | ||||
erratic | 💰Cybercrime | Stub | ||||
APT33 (Mandiant), HOLMIUM (MS), Refined Kitten (CS), Elfin, Magic Hound | 🇮🇷/IRGC | State-Sponsored | Finalized | Middle East | PharmaceuticalMilitary | |
Gold Melody (SecureWorks) | 💰Cybercrime | RansomOps | Stub | |||
💰Cybercrime | Cryptojacking | Stub | ||||
💰Cybercrime | Botnet Operator | Stub | ||||
Stub | ||||||
Stub | ||||||
Not started | ||||||
💰Cybercrime | Cryptojacking | Stub | ||||
Storm-0978 | 🇷🇺 | ExtortionistRansomOps | Stub | |||
🇷🇴 | Botnet OperatorCryptojacking | Finalized | ||||
🇷🇺/GRU | State-Sponsored | Stub | ||||
💰Cybercrime | Data Exfil.Cryptojacking | Finalized | ||||
Cosmic Wolf (Talos), Teal Kurma, Silicon, UNC1326 | 🇹🇷 | State-Sponsored | Stub | |||
ShadowSyndicate (Group-IB), Infra Storm (Group-IB) | 💰Cybercrime | RansomOpsExtortionist | Finalized | |||
SilentBob (Permiso) | 💰Cybercrime | Cryptojacking | Stub | |||
Unknown | Stub | |||||
💰Cybercrime | Cryptojacking | Stub | ||||
Labyrinth Chollima (CS), UNC4736 (Mandiant) | 🇰🇵 | State-Sponsored | Stub | |||
Not started | ||||||
Stub | ||||||
Storm-0558 (MS) | 🇨🇳 | State-Sponsored | Stub | |||
Stub | ||||||
Storm-1283 (MS) | Unknown | Stub | ||||
UAT4356 | 🇨🇳 | State-SponsoredData Exfil. | Finalized | Government | ||
Mallox | 💰Cybercrime | RansomOps | Finalized | |||
Adept Libra (PA) | 💰Cybercrime | Cryptojacking | Featured | |||
💰Cybercrime | RansomOps | Finalized | ||||
UNC4899, Jade Sleet | 🇰🇵 | Stub | ||||
💰Cybercrime | RansomOps | Finalized | ||||
Scarred Manticore, HTTPSnoop | 🇮🇷/MOIS | State-Sponsored | Finalized | |||
UNC2903 (Mandiant) | 💰Cybercrime | Stub | ||||
UNC2970 (Mandiant) | 🇰🇵 | State-Sponsored | Stub | |||
UNC3886 (Mandiant) | 🇨🇳 | State-Sponsored | Stub | |||
UNC4841 (Mandiant) | 🇨🇳 | Stub | ||||
Uteus | 🇨🇳 | State-SponsoredHacktivist | Finalized | |||
🇨🇳 | Stub | |||||
Stub | ||||||
Not started | ||||||
Insidious Taurus (PA) | 🇨🇳 | State-Sponsored | Stub | |||
💰Cybercrime | Cryptojacking | Stub | ||||
DarkCasino | 💰Cybercrime | State-SponsoredData Exfil. | Finalized | |||
💰Cybercrime | Cryptojacking | Stub | ||||
💰Cybercrime | Cryptojacking | Stub |