Name | Aliases | Attribution | Tags | Status | Targeted geography | Targeted industries |
---|---|---|---|---|---|---|
ScatterSwine, UNC3944 (Mandiant), Octo Tempest (MSFT), Storm-0875 (MSFT), Scattered Spider, Muddled Libra (Unit42), LUCR-3 (Permiso) | 💰Cybercrime | ExtortionistRansomOps | Finalized | United States/North America | ||
💰Cybercrime | Cryptojacking | Finalized | ||||
💰Cybercrime | Cryptojacking | Stub | ||||
Qilin, Water Galura | 💰Cybercrime | RansomOps | Finalized | AfricaAsia | Healthcare/MedicalEducation | |
💰Cybercrime | Cryptojacking | Finalized | ||||
Silent Chollima, Andariel, GOP, Guardian of Peace, Onyx Sleet, OperationTroy, PLUTONIUM | 🇰🇵 | State-Sponsored | Finalized | South Korea | ||
Mulberry Typhoon, MANGANESE, BRONZE FLEETWOOD, Keyhole Panda, UNC2630 | 🇨🇳 | State-Sponsored | Finalized | United States/North AmericaEuropeAsia | TelecommunicationTechnological | |
APT27 (Mandiant), Iron Tiger (TrendMicro), Emissary Panda (CS), BRONZE UNION, Budworm, Earth Smilodon, G0027, GreedyTaotie, Group 35, Iron Taurus, Lucky Mouse, Red Phoenix, TEMP.Hippo, TG-3390, ZipToken | 🇨🇳 | State-Sponsored | Finalized | EnergyMilitaryAerospaceManufactoringDiplomaticEducationTechnologicalTelecommunication | ||
IRON TWILIGHT, SNAKEMACKEREL, Swallowtail, Group 74, Sednit, Sofacy, Pawn Storm, Fancy Bear, STRONTIUM, Tsar Team, Threat Group-4127, TG-4127, Forest Blizzard, FROZENLAKE | 🇷🇺/GRU | State-Sponsored | Finalized | United States/North America | Federal agencies | |
APT29 (Mandiant), CozyBear (CS), NOBELIUM (MS), YTTRIUM (MS), UNC2452 (Mandiant), Midnight Blizzard (MS), ATK7, Blue Kitsune, BlueBravo, Cloaked Ursa, G0016, Grizzly Steppe, Group 100, IRON HEMLOCK, ITG11, Minidionis, Nobelium, SeaDuke, TA421, The Dukes, UAC-0029 | 🇷🇺/SVR | State-Sponsored | Finalized | United States/North America | MilitaryTelecommunicationTechnologicalHealthcare/MedicalDiplomatic | |
APT31 (Mandiant), Violet Typhoon (MS), Zirconium, Judgment Panda | 🇨🇳 | State-Sponsored | Stub | Federal agenciesMilitary | ||
ATK40, Cobalt Gypsy, Crambus, EUROPIUM, Evasive Serpens, G0049, Hazel Sandstorm, Helix Kitten, IRN2, TA452, Twisted Kitten, OilRig | 🇮🇷 | Data Exfil.State-Sponsored | Stub | Middle East | GovernmentTelecommunicationEnergyFinance | |
BRONZE MOHAWK, FEVERDREAM, Leviathan, G0065, Gadolinium, GreenCrash, Hellsing, Kryptonite Panda, MUDCARP, Periscope, Temp.Periscope, Temp.Jumper | 🇨🇳 | State-SponsoredData Exfil. | Finalized | EducationGovernmentMaritimeAerospaceHealthcare/MedicalHealthcare/Medical | ||
Amoeba, BARIUM, BRONZE ATLAS, BRONZE EXPORT, Blackfly, Brass Typhoon, Earth Baku, G0044, G0096, Grayfly, HOODOO, LEAD, Red Kelpie, TA415, WICKED PANDA, WICKED SPIDER | 🇨🇳 | State-SponsoredData Exfil. | Stub | TelecommunicationHigh-techHealthcare/Medical | ||
Storm-0539 (MS) | 💰Cybercrime | Stub | ||||
💰Cybercrime | RansomOps | Finalized | ||||
Not started | ||||||
💰Cybercrime | Botnet Operator | Stub | ||||
Stub | ||||||
Not started | ||||||
Cerber | Unknown | RansomOpsCryptojacking | Stub | |||
TA453 (Proofpoint), PHOSPHORUS, APT42 | 🇮🇷/IRGC | State-Sponsored | Stub | |||
💰Cybercrime | Botnet Operator | Stub | ||||
💰Cybercrime | Cryptojacking | Stub | ||||
💰Cybercrime | Cryptojacking | Stub | ||||
💰Cybercrime | Stub | |||||
Unknown | Hacktivist | Stub | ||||
🇮🇷/MOIS | State-SponsoredRansomOps | Stub | ||||
💰Cybercrime | RansomOps | Stub | ||||
💰Cybercrime | Botnet OperatorCryptojacking | Stub | ||||
🇨🇳 | Stub | |||||
💰Cybercrime | Botnet OperatorCryptojacking | Featured | ||||
🇨🇳 | State-Sponsored | Finalized | AsiaEast Asia | ManufactoringHigh-techGovernmentAerospaceTechnological | ||
🇹🇷 | Stub | |||||
Not started | ||||||
💰Cybercrime | Botnet Operator | Stub | ||||
Unknown | Stub | |||||
Stub | ||||||
Unknown | Data Exfil. | Stub | ||||
🇨🇳 | State-Sponsored | Finalized | Middle EastEast AsiaAsia | GovernmentManufactoringEducation | ||
💰Cybercrime | Stub | |||||
💰Cybercrime | Botnet Operator | Stub | ||||
💰Cybercrime | Botnet Operator | Stub | ||||
p0-LUCR-1 (P0) | 💰Cybercrime | Stub | ||||
💰Cybercrime | Botnet OperatorCryptojacking | Stub | ||||
Not started | ||||||
💰Cybercrime | Data Exfil. | Stub | ||||
💰Cybercrime | Cryptojacking | Finalized | ||||
💰Cybercrime | Stub | |||||
💰Cybercrime | Cryptojacking | Stub | ||||
Strawberry Tempest (MS), DEV-0537 (MS) | 💰Cybercrime | Extortionist | Featured | |||
Labyrinth Chollima, HIDDEN COBRA, Guardians of Peace, ZINC, NICKEL ACADEMY, Diamond Sleet, APT38 | 🇰🇵 | State-Sponsored | Stub | United States/North America | AerospaceEntertainment | |
💰Cybercrime | Botnet Operator | Stub | ||||
💰Cybercrime | Stub | |||||
💰Cybercrime | Stub | |||||
💰Cybercrime | Stub | |||||
Not started | ||||||
💰Cybercrime | Hacktivist | Stub | ||||
💰Cybercrime | Cryptojacking | Stub | ||||
💰Cybercrime | Cryptojacking | Stub | ||||
💰Cybercrime | Botnet OperatorCryptojacking | Stub | ||||
💰Cybercrime | Stub | |||||
Mispadu stealer | 💰Cybercrime | Data Exfil. | Finalized | Latin America | ||
Not started | ||||||
MuddyWater (CHKP), Mango Sandstorm (MS), Mercury (MS) | 🇮🇷/MOIS | State-Sponsored | Finalized | Middle East | ||
💰Cybercrime | Botnet Operator | Stub | ||||
💰Cybercrime | Stub | |||||
🥷Insider threat | Stub | |||||
💰Cybercrime | Botnet Operator | Finalized | ||||
erratic | 💰Cybercrime | Stub | ||||
APT33 (Mandiant), HOLMIUM (MS), Refined Kitten (CS), Elfin, Magic Hound | 🇮🇷/IRGC | State-Sponsored | Finalized | Middle East | PharmaceuticalMilitary | |
Botnet Operator | Not started | |||||
Gold Melody (SecureWorks) | 💰Cybercrime | RansomOps | Stub | |||
💰Cybercrime | Cryptojacking | Stub | ||||
💰Cybercrime | Botnet Operator | Stub | ||||
Stub | ||||||
Stub | ||||||
Not started | ||||||
💰Cybercrime | Cryptojacking | Stub | ||||
Storm-0978 | 🇷🇺 | ExtortionistRansomOps | Stub | |||
🇷🇴 | Botnet OperatorCryptojacking | Finalized | ||||
🇷🇺/GRU | State-Sponsored | Stub | ||||
💰Cybercrime | Data Exfil.Cryptojacking | Finalized | ||||
Cosmic Wolf (Talos), Teal Kurma, Silicon, UNC1326 | 🇹🇷 | State-Sponsored | Stub | |||
ShadowSyndicate (Group-IB), Infra Storm (Group-IB) | 💰Cybercrime | RansomOpsExtortionist | Finalized | |||
Not started | ||||||
SilentBob (Permiso) | 💰Cybercrime | Cryptojacking | Stub | |||
Unknown | Stub | |||||
💰Cybercrime | Cryptojacking | Stub | ||||
Labyrinth Chollima (CS), UNC4736 (Mandiant) | 🇰🇵 | State-Sponsored | Stub | |||
Not started | ||||||
Stub | ||||||
Storm-0558 (MS) | 🇨🇳 | State-Sponsored | Stub | |||
Stub | ||||||
Storm-1283 (MS) | Unknown | Stub | ||||
UAT4356 | 🇨🇳 | State-SponsoredData Exfil. | Finalized | Government | ||
Mallox | 💰Cybercrime | RansomOps | Finalized | |||
Adept Libra (PA) | 💰Cybercrime | Cryptojacking | Featured | |||
💰Cybercrime | RansomOps | Finalized | ||||
UNC4899, Jade Sleet | 🇰🇵 | Stub | ||||
💰Cybercrime | RansomOps | Finalized | ||||
Scarred Manticore, HTTPSnoop | 🇮🇷/MOIS | State-Sponsored | Finalized | |||
UNC2903 (Mandiant) | 💰Cybercrime | Stub | ||||
UNC2970 (Mandiant) | 🇰🇵 | State-Sponsored | Stub | |||
UNC3886 (Mandiant) | 🇨🇳 | State-Sponsored | Stub | |||
UNC4841 (Mandiant) | 🇨🇳 | Stub | ||||
Uteus | 🇨🇳 | State-SponsoredHacktivist | Finalized | |||
🇨🇳 | Stub | |||||
Stub | ||||||
Stub | ||||||
Not started | ||||||
Insidious Taurus (PA), Vanguard Panda, DEV-0391 | 🇨🇳 | State-Sponsored | Finalized | United States/North America | TelecommunicationEnergy | |
💰Cybercrime | Cryptojacking | Stub | ||||
DarkCasino | 💰Cybercrime | State-SponsoredData Exfil. | Finalized | |||
Not started | ||||||
💰Cybercrime | Cryptojacking | Stub | ||||
💰Cybercrime | Cryptojacking | Stub |