Track and analyze APT groups, ransomware gangs, hacktivists and cybercrime organizations — their targets, malware, techniques and IOCs updated in real time.
Target Countries
United Arab EmiratesChinaUnited KingdomIsraelTarget Sectors
Funds, Trusts, and Other Financial VehiclesHospitalsOil & GasEnergy & UtilitiesAssociated Malware
win.flash_developRelated CVEs
CVE-2025-59287ATT&CK IDs
T1078.001T1068T1105T1193DEV-0324 · Sagrid · TA543
Target Countries
ArgentinaAustraliaCanadaGermanyTarget Sectors
Public AdministrationHospitalsRestaurantsAerospace Product and Parts ManufacturingAssociated Malware
—Related CVEs
CVE-2023-36884CVE-2023-21715CVE-2023-20198ATT&CK IDs
T1059.001T1071.001T1027T1566.00105716nnm · Nnm05716 · NoName057(16) · NoName05716
Target Countries
United Arab EmiratesArmeniaArgentinaAustriaTarget Sectors
Food ManufacturingOther Information ServicesMonetary Authorities-Central BankCredit UnionsAssociated Malware
WannaCrywebmonitorSmoke LoaderlimeratRelated CVEs
CVE-2025-64669CVE-2025-5777CVE-2025-34067CVE-2025-2857ATT&CK IDs
T1453T1105 - Ingress Tool TransferT1095 - Non Application Layer ProtocolT1497 - Virtualization/Sandbox EvasionAPT-C-20 · ATK5 · Blue Athena · BlueDelta
Target Countries
AfghanistanArmeniaAustraliaAzerbaijanTarget Sectors
Rail TransportationHospitalsAir TransportationConstructionAssociated Malware
win.arguepatchP.A.S. WebshellAgent TeslaZebrocyRelated CVEs
CVE-2026-24858CVE-2026-24423CVE-2026-24061CVE-2026-23800ATT&CK IDs
T1021 - Remote ServicesT1550 - Use Alternate Authentication MaterialT1583.006T1060 - Registry Run Keys / Startup Folderagenda
Target Countries
United Arab EmiratesAlbaniaAngolaArgentinaTarget Sectors
Construction of BuildingsFood ManufacturingOther Information ServicesSoftware PublishersAssociated Malware
QilinRelated CVEs
CVE-2026-50752CVE-2026-50751CVE-2025-5777CVE-2025-53771ATT&CK IDs
T1486T1490T1078T1071.001The Gentlemen Ransomware · the gentlemen
Target Countries
United Arab EmiratesArgentinaAustriaAustraliaTarget Sectors
Construction of BuildingsFood ManufacturingOther Information ServicesRail TransportationAssociated Malware
—Related CVEs
CVE-2025-7771CVE-2025-33073CVE-2025-32433CVE-2024-55591ATT&CK IDs
T1190T1078T1087T1046UNC6040 · Scattered Lapsus$ Hunters (SLH) · ShinyCorp
Target Countries
AustriaAustraliaBelgiumBrazilTarget Sectors
Food ManufacturingOther Information ServicesRail TransportationSoftware PublishersAssociated Malware
—Related CVEs
CVE-2026-35273CVE-2025-61884CVE-2025-61882CVE-2025-55234ATT&CK IDs
—Water Tambanakua
Target Countries
United Arab EmiratesAlbaniaArgentinaAustriaTarget Sectors
Construction of BuildingsFood ManufacturingOther Information ServicesMonetary Authorities-Central BankAssociated Malware
—Related CVEs
CVE-2025-6264CVE-2025-59287CVE-2025-47176CVE-2025-47171ATT&CK IDs
T1071.001T1499T1569.002SOCRadar Threat Actor Database is a free repository of structured intelligence profiles covering over 500 documented cyber threat actors — nation-state APT groups, ransomware operations, hacktivist collectives and financially motivated cybercrime organizations. Each profile aggregates origin country, targeted sectors and geographies, attributed malware families, known aliases, historical campaigns, MITRE ATT&CK technique coverage and indicators of compromise. No account required.
Common questions about threat actors and APT groups
United Arab Emirates
China
United Kingdom
Israel
Argentina
Australia
Canada
Germany
Armenia
Austria
Afghanistan
Azerbaijan
Albania
Angola
Belgium
Brazil