Home/actors
All curated threat actors
238 results
actor
8Base
base_8
 actor
ALPHV / BlackCat
alphv_blackcat
 actor
APT1
apt1_commentcrew
 actor
APT10
apt10_stonepanda
 actor
APT17
apt17_aurora_panda
 actor
APT27
emissary_panda
 actor
APT28
apt28_fancybear
 actor
APT29
apt29_cozybear
 actor
APT3
apt3_gothic_panda
 actor
APT31
apt31_zirconium
 actor
APT33
apt33_elfin
 actor
APT35
apt35_charmingkitten
 actor
APT37
apt37_reaper
 actor
APT38
apt38_bluenoroff
 actor
APT39
apt39_chafer
 actor
APT40
apt40_leviathan
 actor
APT41
apt41_wickedpanda
 actor
APT5 (UNC2630 / UNC2717 / Mulberry Typhoon)
apt5_unc2630
 actor
Agrius
agrius
 actor
Akira
akira_ransomware
 actor
Amavaldo
amavaldo
 actor
Andariel
andariel
 actor
Animal Farm
animal_farm
 actor
Anonymous Sudan
anonymous_sudan
 actor
Anubis Ransomware
anubis_ransomware
 actor
Aoqin Dragon
aoqin_dragon
 actor
Aquatic Panda
aquatic_panda
 actor
AwfulShred
awfulshred
 actor
BAUXITE
bauxite
 actor
Bahamut
bahamut
 actor
Banbra
banbra
 actor
BianLian
bianlian
 actor
Billbug
billbug
 actor
Bitter
bitter_apt_c_08
 actor
Bizarro
bizarro
 actor
Black Basta
black_basta
 actor
BlackEnergy
blackenergy
 actor
BlackLock Ransomware
blacklock_ransomware
 actor
BlackLotus
blacklotus
 actor
BlackTech
blacktech
 actor
Brain Cipher
brain_cipher
 actor
Bumblebee Operators / EXOTIC LILY
bumblebee_exotic_lily
 actor
CHERNOVITE (PIPEDREAM / INCONTROLLER)
chernovite_pipedream
 actor
COVELLITE (Lazarus-linked ICS)
covellite_lazarus_ics
 actor
Cactus
cactus_ransomware
 actor
CaddyWiper
caddywiper
 actor
Cadet Blizzard
cadet_blizzard
 actor
Candiru / Sourgum
candiru_sourgum
 actor
Carbanak
carbanak
 actor
Careto / The Mask
careto_the_mask
 actor
Casbaneiro / Metamorfo
casbaneiro
 actor
Cellebrite
cellebrite
 actor
Chimera (G0114)
chimera_china
 actor
Cicada3301
cicada3301
 actor
Citrine Sleet
citrine_sleet
 actor
Cl0p
cl0p
 actor
Cloud Atlas
cloud_atlas
 actor
Confucius (India-Aligned APT)
confucius
 actor
Contagious Interview
contagious_interview
 actor
CosmicStrand
cosmicstrand_uefi
 actor
Cotton Sandstorm
cotton_sandstorm
 actor
Cuba
cuba_ransomware
 actor
Cy4Gate
cy4gate
 actor
Cyber Partisans
cyber_partisans
 actor
CyberAv3ngers (IRGC-CEC)
cyberav3ngers
 actor
DSIRF (Knotweed)
dsirf_knotweed
 actor
Daggerfly
daggerfly
 actor
Dark Caracal
dark_caracal
 actor
Dark Pink
dark_pink
 actor
DarkGate Operators
darkgate_operators
 actor
DarkMatter / Project Raven
darkmatter_uae_project_raven
 actor
DarkSeoul Operators
darkseoul_operators
 actor
DarkSide / BlackMatter
darkside_blackmatter
 actor
Darkhotel
darkhotel
 actor
DoNot Team
donot_team_apt_c_35
 actor
DoubleZero
doublezero
 actor
DragonForce
dragonforce
 actor
Dragonfly
dragonfly_energetic_bear
 actor
Duqu / Duqu 2.0
duqu
 actor
Earth Alux
earth_alux
 actor
Earth Estries
earth_estries
 actor
Earth Krahang
earth_krahang
 actor
Earth Lusca
earth_lusca
 actor
Eldorado Ransomware
eldorado_ransomware
 actor
Embargo
embargo_ransomware
 actor
Emotet Operators
emotet_operators
 actor
Equation Group
equation_group
 actor
FIN7
fin7
 actor
FIN8
fin8
 actor
FinFisher (FinSpy / Gamma Group)
finfisher_finspy
 actor
Flame
flame
 actor
Flax Typhoon
flax_typhoon
 actor
Fog Ransomware
fog_ransomware
 actor
GALLIUM
gallium
 actor
GANANITE
gananite
 actor
Gamaredon Group
gamaredon
 actor
Gauss
gauss
 actor
GhostEmperor
ghostemperor
 actor
GhostSec
ghostsec
 actor
Ghostwriter / UNC1151
ghostwriter
 actor
Goblin Panda
goblin_panda_1937cn
 actor
Grandoreiro
grandoreiro
 actor
Group5
group5_syria_iran
 actor
Guildma / Astaroth
guildma_astaroth
 actor
Hacking Team (Memento Labs / RCS Lab)
hacking_team_memento_labs
 actor
Hazel Sleet
hazel_sleet
 actor
HermeticWiper
hermeticwiper
 actor
Hexane / Lyceum (G1001)
hexane_lyceum
 actor
Hive
hive_ransomware
 actor
Hunters International
hunters_international
 actor
INC Ransom
inc_ransom
 actor
IT Army of Ukraine
it_army_ukraine
 actor
IcedID / BokBot Operators (Lunar Spider)
icedid_operators
 actor
Icefog
icefog
 actor
Imperial Kitten
imperial_kitten_tortoiseshell
 actor
Indrik Spider
indrik_spider_evilcorp
 actor
Industroyer / CrashOverride / Industroyer2
industroyer
 actor
Intellexa / Predator / Cytrox
intellexa_predator
 actor
Interlock Ransomware
interlock_ransomware
 actor
Jade Sleet / TraderTraitor / UNC4899 / Pressure Chollima
jade_sleet_tradertraitor
 actor
Javali
javali
 actor
KAMACITE
kamacite
 actor
KOSTOVITE
kostovite
 actor
Ke3chang
ke3chang
 actor
Killnet
killnet
 actor
Kimsuky
kimsuky
 actor
Krachulka
krachulka
 actor
LAPSUS$
lapsus_dollar
 actor
LAURIONITE
laurionite
 actor
Lazarus Group
lazarus_group
 actor
LockBit Operators
lockbit_operators
 actor
Lokorrito
lokorrito
 actor
Lynx Ransomware
lynx_ransomware
 actor
Madi / Mahdi
madi_mahdi
 actor
Maze
maze_ransomware
 actor
Medusa
medusa_ransomware
 actor
Mekotio
mekotio
 actor
Melcoz
melcoz
 actor
MirrorFace
mirrorface
 actor
Mispadu / URSA
mispadu
 actor
Molerats / Gaza Cybergang
molerats_gaza_cybergang
 actor
Mollitiam Industries
mollitiam_tykelab
 actor
MoonBounce
moonbounce
 actor
Moonstone Sleet (Storm-1789)
moonstone_sleet
 actor
MosaicRegressor
mosaicregressor
 actor
MoustachedBouncer
moustachedbouncer
 actor
MuddyWater
muddywater
 actor
Mustang Panda
mustang_panda
 actor
NSO Group / Pegasus
nso_group_pegasus
 actor
Naikon
naikon
 actor
Negg Group
negg_group
 actor
NetTraveler / Travnet
nettraveler_travnet
 actor
NikoWiper
nikowiper
 actor
NoEscape
noescape
 actor
NoName057(16)
noname057_16
 actor
NotPetya
notpetya
 actor
Numando
numando
 actor
OceanLotus / APT32
oceanlotus_apt32
 actor
OilRig
apt34_oilrig
 actor
Olympic Destroyer
olympic_destroyer
 actor
Opal Sleet
opal_sleet
 actor
Operation Triangulation
operation_triangulation
 actor
Ousaban
ousaban
 actor
Paragon Solutions / Graphite
paragon_solutions_graphite
 actor
Patchwork
patchwork
 actor
Pearl Sleet
pearl_sleet
 actor
PikaBot Operators / Water Curupira
pikabot_operators
 actor
Pioneer Kitten
pioneer_kitten_fox_kitten
 actor
Play
play_ransomware
 actor
Predatory Sparrow
predatory_sparrow
 actor
Prestige ransomware
prestige_ransomware
 actor
Project Sauron / Strider
project_sauron_strider
 actor
Qakbot / Qbot Operators
qakbot_operators
 actor
Qilin
qilin_ransomware
 actor
QuaDream / Reign
quadream_reign
 actor
RASPITE (Leafminer)
raspite_leafminer
 actor
REvil
revil_sodinokibi
 actor
RansomBoggs
ransomboggs
 actor
RansomHub
ransomhub
 actor
RedFoxtrot
redfoxtrot
 actor
RedHotel
redhotel
 actor
Rhysida
rhysida_ransomware
 actor
RoarBAT
roarbat
 actor
RomCom
romcom
 actor
Royal / BlackSuit
royal_blacksuit
 actor
Ruby Sleet
ruby_sleet
 actor
Salt Typhoon
salt_typhoon
 actor
Sandworm Team
sandworm_team
 actor
Sapphire Sleet
sapphire_sleet
 actor
Scarred Manticore
scarred_manticore_unc1860
 actor
Scattered Spider
scattered_spider
 actor
Sea Turtle
sea_turtle
 actor
SideCopy
sidecopy
 actor
SideWinder
sidewinder
 actor
SiegedSec
siegedsec
 actor
Silk Typhoon
silk_typhoon
 actor
Star Blizzard
star_blizzard_callisto
 actor
Stealth Falcon
stealth_falcon
 actor
Storm-0558
storm_0558
 actor
Storm-0861
storm_0861
 actor
Storm-2603
storm_2603
 actor
StrongPity / Promethium
strongpity_promethium
 actor
Stuxnet
stuxnet
 actor
SwiftSlicer
swiftslicer
 actor
TA505
ta505
 actor
TAG-100
tag_100
 actor
TAG-110
tag_110
 actor
TeamTNT (Cloud Cryptojacking Operator)
teamtnt
 actor
Termite Ransomware
termite_ransomware
 actor
The Shadow Brokers
shadow_brokers
 actor
Tick
tick_bronze_butler
 actor
ToddyCat
toddycat
 actor
Tonto Team
tonto_team
 actor
Transparent Tribe
mythic_leopard
 actor
Trigona
trigona_ransomware
 actor
Tropic Trooper
tropic_trooper
 actor
Turla
turla
 actor
UNC1860 (Iran MOIS Access Broker)
unc1860
 actor
UNC3886
unc3886
 actor
UNC4191
unc4191
 actor
UNC4841
unc4841
 actor
UNC4990 (Italy USB Cryptojacking Operator)
unc4990
 actor
UNC5325 (Ivanti Connect Secure 2024 Operator)
unc5325
 actor
Vadokrist
vadokrist
 actor
Vanguard Panda
vanguard_panda
 actor
Variston (Heliconia)
variston_heliconia
 actor
Velvet Ant
velvet_ant
 actor
Vice Society / Vanilla Tempest
vice_society_vanilla_tempest
 actor
Volt Typhoon
volt_typhoon
 actor
WhisperGate
whispergate
 actor
Windshift
windshift
 actor
Wintego Systems
wintego_systems
 actor
Winter Vivern / TA473 (TAG-70)
winter_vivern_ta473
 actor
Wizard Spider
wizard_spider_conti
 actor
Worok
worok
 actor
XENOTIME / TRITON / TRISIS
xenotime_triton
 actor
Zumanek
zumanek
 actor
eSurv
esurv
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin