APT28
Fancy Bear · Sofacy · Sednit
A prolific espionage group known for targeting political and military organizations across NATO countries.
Primary targets
TTPs
- Spear phishing
- Zero-day exploitation
- Credential harvesting
An intelligence database on Advanced Persistent Threat actors and their tactics, techniques & procedures.
Fancy Bear · Sofacy · Sednit
A prolific espionage group known for targeting political and military organizations across NATO countries.
Primary targets
TTPs
Cozy Bear · The Dukes · Nobelium
A sophisticated actor linked to major supply-chain intrusions and stealthy, long-term espionage campaigns.
Primary targets
TTPs
Double Dragon · Winnti · Barium
A dual espionage-and-cybercrime group conducting both state-sponsored operations and financially motivated attacks.
Primary targets
TTPs
Hidden Cobra · APT38 · Zinc
A state-sponsored group notorious for destructive attacks and high-value financial and cryptocurrency theft.
Primary targets
TTPs
OilRig · Helix Kitten
A Middle East–focused espionage actor known for creative DNS-based command-and-control techniques.
Primary targets
TTPs
Elfin · Refined Kitten
An actor targeting aviation and energy sectors, associated with destructive wiper malware campaigns.
Primary targets
TTPs
Carbanak · Carbon Spider
A financially motivated cybercrime syndicate responsible for large-scale payment-card and ransomware operations.
Primary targets
TTPs
Voodoo Bear · Telebots · Iron Viking
A destructive actor linked to attacks on critical infrastructure and industrial control systems.
Primary targets
TTPs
Create a free account, investigate your first live alert, and get instant feedback from the AI Senior Analyst.