An advanced persistent threat (APT) is a stealthy threat actor, typically a state or state-sponsored group, which gains unauthorized access to a computer...
52 KB (4,098 words) - 21:33, 20 June 2025
Elfin Team (redirect from Advanced Persistent Threat 33)
Advanced Persistent Threat 33 (APT33) is a hacker group identified by FireEye as being supported by the government of Iran. The group has also been called...
5 KB (478 words) - 05:31, 23 June 2025
Salt Typhoon (category Chinese advanced persistent threat groups)
Salt Typhoon is an advanced persistent threat actor believed to be operated by China's Ministry of State Security (MSS) which has conducted high-profile...
18 KB (1,386 words) - 23:32, 18 June 2025
China Information Technology Security Evaluation Center (section Advanced persistent threat involvement)
cyberespionage for the agency, and provides aid to the many advanced persistent threats (APTs) run directly by the agency, by its semi-autonomous provincial...
9 KB (853 words) - 00:03, 11 May 2025
Kimsuky (category North Korean advanced persistent threat groups)
Emerald Sleet) is a North Korean state-backed hacker group and advanced persistent threat that targets South Korean think tanks, industry, nuclear power...
3 KB (287 words) - 18:16, 24 July 2024
HSSD operates advanced persistent threat (APT) number 40. The Hainan State Security Department is behind the advanced persistent threat known as APT40...
10 KB (836 words) - 08:16, 25 January 2025
Helix Kitten (redirect from Advanced Persistent Threat 34)
least 2014. It has targeted many of the same organizations as Advanced Persistent Threat 33, according to John Hultquist. In April 2019, APT34's cyber-espionage...
4 KB (244 words) - 15:58, 5 July 2024
Lazarus Group (category North Korean advanced persistent threat groups)
group, the group has now been designated as an advanced persistent threat due to intended nature, threat, and wide array of methods used when conducting...
49 KB (5,010 words) - 05:54, 11 June 2025
GoldenJackal (category Russian advanced persistent threat groups)
GoldenJackal is an advanced persistent threat active since 2019. According to Kaspersky targets include the governments of Afghanistan, Azerbaijan, Iran...
4 KB (280 words) - 16:48, 1 November 2024
Gamaredon (category Russian advanced persistent threat groups)
UNC530, ACTINIUM, or Aqua Blizzard (by Microsoft) is a Russian advanced persistent threat that has been active since at least 2013. Cyber espionage appears...
3 KB (208 words) - 07:46, 13 May 2024
Titan Rain (category Chinese advanced persistent threat groups)
activity is believed to be associated with a state-sponsored advanced persistent threat. It was given the designation Titan Rain by the federal government...
5 KB (441 words) - 02:37, 1 April 2025
Equation Group (category American advanced persistent threat groups)
describes them as one of the most sophisticated advanced persistent threats in the world and "the most advanced (...) we have seen", operating alongside the...
18 KB (1,724 words) - 18:36, 16 June 2025
the province. The department is best known for operating the advanced persistent threat 31 (APT 31). The Hubei State Security Department was established...
14 KB (1,169 words) - 12:26, 15 December 2024
Volt Typhoon (category Chinese advanced persistent threat groups)
Insidious Taurus, Dev-0391, Storm-0391, UNC3236, or VOLTZITE) is an advanced persistent threat engaged in cyberespionage reportedly on behalf of the People's...
15 KB (1,357 words) - 15:48, 28 April 2025
Cyberwarfare and China (category Advanced persistent threat)
of cyberattacks attributed to state organs and various related advanced persistent threat (APT) groups. Cyberwarfare is the use of cyber attacks against...
73 KB (7,515 words) - 20:26, 12 June 2025
LightBasin (category Chinese advanced persistent threat groups)
as an advanced persistent threat that has been linked to multiple cyberattacks on telecommunications companies. As an advanced persistent threat, they...
6 KB (431 words) - 21:14, 9 September 2024
Elbrus-Avia, Russian airline FC Elbrus Nalchik FIN7, Russian advanced persistent threat also known as ELBRUS R-17 Elbrus, Soviet-designed tactical ballistic...
645 bytes (114 words) - 06:49, 13 December 2024
Operation Shady RAT (category Chinese advanced persistent threat groups)
give the hacker access to their computer. Cyberwarfare and China Advanced persistent threat DigiNotar Duqu PLA Unit 61398 Tailored Access Operations Jim Finkle...
4 KB (348 words) - 15:55, 11 April 2025
security cameras. Since at least April 2017, TEMP.Periscope, an advanced persistent threat based in China, has been hacking Cambodian organizations related...
262 KB (24,219 words) - 21:04, 7 June 2025
shell is commonly used by malicious Chinese actors, including advanced persistent threat (APT) groups, to remotely control web servers. This web shell...
5 KB (434 words) - 05:16, 29 January 2024
Sandworm (hacker group) (category Russian advanced persistent threat groups)
Sandworm is an advanced persistent threat operated by MUNĀ 74455, a cyberwarfare unit of the GRU, Russia's military intelligence service. Other names for...
26 KB (2,239 words) - 11:08, 22 April 2025
Cozy Bear (category Russian advanced persistent threat groups)
Cozy Bear is a Russian advanced persistent threat hacker group believed to be associated with Russian foreign intelligence by United States intelligence...
39 KB (2,814 words) - 17:40, 22 May 2025
GhostNet (category Chinese advanced persistent threat groups)
discovered in March 2009. The operation is likely associated with an advanced persistent threat, or a network actor that spies undetected. Its command and control...
17 KB (1,534 words) - 12:58, 13 May 2025
Fancy Bear (category Russian advanced persistent threat groups)
Russian army regiments. Fancy Bear is classified by FireEye as an advanced persistent threat. Among other things, it uses zero-day exploits, spear phishing...
90 KB (8,014 words) - 16:31, 10 May 2025
DarkHotel (category South Korean advanced persistent threat groups)
in-house WiFi network. It is characterized by Kaspersky Lab as an advanced persistent threat. The attacks are specifically targeted at senior company executives...
7 KB (506 words) - 11:50, 13 January 2025
of the Ministry of State Security. The team was designated an advanced persistent threat by Fireeye, who reported that they target aerospace, engineering...
10 KB (788 words) - 17:20, 31 May 2025
PLA Unit 61398 (category Chinese advanced persistent threat groups)
military unit cover designator (MUCD) of a People's Liberation Army advanced persistent threat unit that has been alleged to be a source of Chinese computer...
16 KB (1,175 words) - 12:48, 1 April 2025
FIN7 (category Russian advanced persistent threat groups)
Carbon Spider, ELBRUS, or Sangria Tempest, is a Russian criminal advanced persistent threat group that has primarily targeted the U.S. retail, restaurant...
10 KB (961 words) - 06:47, 19 November 2024
Russo-Ukrainian War (2014-present) and is attributed to a Russian advanced persistent threat group known as "Sandworm". It is the first publicly acknowledged...
10 KB (824 words) - 08:42, 24 May 2025
Double Dragon (hacking group) (category Chinese advanced persistent threat groups)
the Chinese Ministry of State Security (MSS). Classified as an advanced persistent threat, the organization was named by the United States Department of...
39 KB (3,713 words) - 17:59, 23 May 2025