Threat Actors

· ATT&CK Live Data183 threat groups from MITRE ATT&CK Enterprise

Threat actor profiles from the MITRE ATT&CK knowledge base. Each group includes associated techniques, software and campaign data. ATT&CK Matrix · Malware

Groups

183

Techniques

233

Software

822

Relationships

21,025

50 groups

APT-C-23G1028

aka Mantis, Arid Viper, Desert Falcon, TAG-63, Grey Karkadann +2

APT-C-23 is a threat group that has been active since at least 2014.(Citation: symantec_mantis) APT-C-23 has primarily focused its operations on the Middle East, including Israeli military assets. APT

APT-C-36G0099

aka Blind Eagle, TAG-144, AguilaCiega, APT-Q-98

APT-C-36 is a suspected South American threat group that has engaged in espionage and financially motivated operations since at least 2018. APT-C-36 has targeted government institutions and entities i

APT1G0006

aka Comment Crew, Comment Group, Comment Panda

APT1 is a Chinese threat group that has been attributed to the 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department, commonly known by its Military Unit Cov

APT12G0005

aka IXESHE, DynCalc, Numbered Panda, DNSCALC

APT12 is a threat group that has been attributed to China. The group has targeted a variety of victims including but not limited to media outlets, high-tech companies, and multiple governments.(Citati

APT16G0023

APT16 is a China-based threat group that has launched spearphishing campaigns targeting Japanese and Taiwanese organizations. (Citation: FireEye EPS Awakens Part 2)

APT17G0025

aka Deputy Dog

APT17 is a China-based threat group that has conducted network intrusions against U.S. government entities, the defense industry, law firms, information technology companies, mining companies, and non

APT18G0026

aka TG-0416, Dynamite Panda, Threat Group-0416

APT18 is a threat group that has operated since at least 2009 and has targeted a range of industries, including technology, manufacturing, human rights groups, government, and medical. (Citation: Dell

APT19G0073

aka Codoso, C0d0so0, Codoso Team, Sunshop Group

APT19 is a Chinese-based threat group that has targeted a variety of industries, including defense, finance, energy, pharmaceutical, telecommunications, high tech, education, manufacturing, and legal

APT28G0007

aka IRON TWILIGHT, SNAKEMACKEREL, Swallowtail, Group 74, Sednit +10

APT28 is a threat group that has been attributed to Russia's General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit 26165.(Citation: NSA/FBI Drovorub

APT29G0016

aka IRON RITUAL, IRON HEMLOCK, NobleBaron, Dark Halo, NOBELIUM +9

APT29 is threat group that has been attributed to Russia's Foreign Intelligence Service (SVR).(Citation: White House Imposing Costs RU Gov April 2021)(Citation: UK Gov Malign RIS Activity April 2021)

Registration Required

Create a free account to access full Threat Actor Database

Showing 10 of 50 results

✓ Personal dashboard✓ Track 1 vendor/product✓ 1 keyword alert✓ Weekly digest✓ 1 CSV export/month

Already have an account? Sign in →