Track and analyze APT groups, ransomware gangs, hacktivists and cybercrime organizations — their targets, malware, techniques and IOCs updated in real time.
Target Countries
United Arab EmiratesBrazilChinaUnited KingdomTarget Sectors
Funds, Trusts, and Other Financial VehiclesHospitalsPublic AdministrationOil & GasAssociated Malware
—Related CVEs
CVE-2025-59287ATT&CK IDs
T1078.001T1068T1105T119305716nnm · Nnm05716 · NoName057(16) · NoName05716
Target Countries
United Arab EmiratesArmeniaArgentinaAustriaTarget Sectors
Food ManufacturingOther Information ServicesMonetary Authorities-Central BankCredit UnionsAssociated Malware
agent_btzbackswapBlackNETemotetRelated CVEs
CVE-2025-64669CVE-2025-5777CVE-2025-34067CVE-2025-2857ATT&CK IDs
T1453T1105 - Ingress Tool TransferT1095 - Non Application Layer ProtocolT1497 - Virtualization/Sandbox EvasionTarget Countries
—Target Sectors
Educational ServicesHealthCare & Social AssistanceSpace & DefenseNational SecurityAssociated Malware
—Related CVEs
—ATT&CK IDs
T1190 - Exploit Public Facing ApplicationT1003 - OS Credential DumpingT1078 - Valid AccountsT1567 - Exfiltration Over Web ServiceAQUATIC PANDA · BRONZE UNIVERSITY · BountyGlad · CHROMIUM
Target Countries
AfghanistanBangladeshBhutanHong KongTarget Sectors
FinanceEducational ServicesPublic AdministrationTelecommunicationsAssociated Malware
ShadowPadnjRATnjRATwin.mauiRelated CVEs
CVE-2022-40684CVE-2021-34523CVE-2021-34473CVE-2021-31207ATT&CK IDs
T1560 - Archive Collected DataT1070.004T1553 - Subvert Trust ControlsT1078 - Valid Accountsagenda
Target Countries
United Arab EmiratesAlbaniaAngolaArgentinaTarget Sectors
Construction of BuildingsFood ManufacturingOther Information ServicesSoftware PublishersAssociated Malware
QilinRelated CVEs
CVE-2026-50752CVE-2026-50751CVE-2025-5777CVE-2025-53771ATT&CK IDs
T1486T1490T1078T1071.001The Gentlemen Ransomware · the gentlemen
Target Countries
United Arab EmiratesArgentinaAustriaAustraliaTarget Sectors
Construction of BuildingsFood ManufacturingOther Information ServicesRail TransportationAssociated Malware
—Related CVEs
CVE-2025-7771CVE-2025-33073CVE-2025-32433CVE-2024-55591ATT&CK IDs
T1190T1078T1087T1046Water Tambanakua
Target Countries
United Arab EmiratesAlbaniaArgentinaAustriaTarget Sectors
Construction of BuildingsFood ManufacturingOther Information ServicesMonetary Authorities-Central BankAssociated Malware
—Related CVEs
CVE-2025-6264CVE-2025-59287CVE-2025-47176CVE-2025-47171ATT&CK IDs
T1071.001T1499T1569.002UNC6040 · Scattered Lapsus$ Hunters (SLH) · ShinyCorp
Target Countries
AustriaAustraliaBelgiumBrazilTarget Sectors
Food ManufacturingOther Information ServicesCredit UnionsRail TransportationAssociated Malware
—Related CVEs
CVE-2026-35273CVE-2025-61884CVE-2025-61882CVE-2025-55234ATT&CK IDs
—SOCRadar Threat Actor Database is a free repository of structured intelligence profiles covering over 500 documented cyber threat actors — nation-state APT groups, ransomware operations, hacktivist collectives and financially motivated cybercrime organizations. Each profile aggregates origin country, targeted sectors and geographies, attributed malware families, known aliases, historical campaigns, MITRE ATT&CK technique coverage and indicators of compromise. No account required.
Common questions about threat actors and APT groups
United Arab Emirates
Brazil
China
United Kingdom
Armenia
Argentina
Austria
Afghanistan
Bangladesh
Hong Kong
Albania
Angola
Australia
Belgium