Track and analyze APT groups, ransomware gangs, hacktivists and cybercrime organizations — their targets, malware, techniques and IOCs updated in real time.
APT 38 · APT-C-26 · APT38 · ATK117
Target Countries
United Arab EmiratesAustraliaBangladeshBelgiumTarget Sectors
Food ManufacturingReal EstateHospitalsAir TransportationAssociated Malware
win.bistromathwin.brambulwin.buffetlinewin.touchmoveRelated CVEs
CVE-2025-9491CVE-2025-9074CVE-2025-8088CVE-2025-7775ATT&CK IDs
T1404 - Exploit OS VulnerabilityT1220T1072 - Software Deployment ToolsT1070 - Indicator Removal on HostTarget Countries
United StatesTarget Sectors
Performing Arts CompaniesNational SecurityHealthCare & Social AssistanceInternet PublishingAssociated Malware
—Related CVEs
CVE-2018-0802ATT&CK IDs
T1071 - Application Layer ProtocolT1195.002T1553.002 - Code SigningT1557 - Man-in-the-MiddleTarget Countries
HungaryIndiaUnited StatesTarget Sectors
National Security and International AffairsData Processing, Hosting, and Related ServicesComputer Systems Design and Related ServicesAdvertising AgenciesAssociated Malware
XenaRelated CVEs
CVE-2024-3094CVE-2024-21893CVE-2024-21887CVE-2023-46805ATT&CK IDs
T1559T1547.013 - XDG Autostart EntriesT1185T1587.001 - MalwareTarget Countries
United Arab EmiratesAustraliaBangladeshBulgariaTarget Sectors
Real EstateHospitalsAir TransportationConstructionAssociated Malware
—Related CVEs
CVE-2022-23943CVE-2021-44790CVE-2021-23017CVE-2019-12521ATT&CK IDs
T1195 - Supply Chain CompromiseT1140 - Deobfuscate/Decode Files or InformationT1199 - Trusted RelationshipT1003 - OS Credential DumpingUnderground · TeamUnderground
Target Countries
United Arab EmiratesAustraliaBrazilCanadaTarget Sectors
Construction of BuildingsOther Information ServicesHospitalsManufacturingAssociated Malware
—Related CVEs
CVE-2023-36884ATT&CK IDs
T1021.002T1059.003T1018T1105El-Dorado · Global · BlackLock · Eldorado
Target Countries
United Arab EmiratesArgentinaAustraliaArubaTarget Sectors
Construction of BuildingsOther Information ServicesSoftware PublishersReal EstateAssociated Malware
—Related CVEs
CVE-2021-21974ATT&CK IDs
—Target Countries
United Arab EmiratesAustriaAustraliaBahrainTarget Sectors
Construction of BuildingsFood ManufacturingOther Information ServicesSoftware PublishersAssociated Malware
—Related CVEs
CVE-2025-59287ATT&CK IDs
—Chaos · Dark · Void
Target Countries
AustraliaCanadaGermanyUnited KingdomTarget Sectors
Construction of BuildingsSoftware PublishersEnterprises & HoldingAir TransportationAssociated Malware
—Related CVEs
—ATT&CK IDs
—SOCRadar Threat Actor Database is a free repository of structured intelligence profiles covering over 500 documented cyber threat actors — nation-state APT groups, ransomware operations, hacktivist collectives and financially motivated cybercrime organizations. Each profile aggregates origin country, targeted sectors and geographies, attributed malware families, known aliases, historical campaigns, MITRE ATT&CK technique coverage and indicators of compromise. No account required.
Common questions about threat actors and APT groups
We use cookies to improve your experience, analyze traffic, and personalize content. You can accept all or customize your preferences. Privacy Policy
United Arab Emirates
Australia
Bangladesh
Belgium
United States
Hungary
India
Bulgaria
Brazil
Canada
Argentina
Austria
Bahrain
Germany
United Kingdom