Threat Actors

BianLian Ransomware: Shadow Data Extortion Group
Resources
BianLian Ransomware: Shadow Data Extortion Group
The BianLian ransomware group represents a significant and growing threat to organizations worldwide. Operating with precision and stealth, they have targeted critical infrastructure and private ...
Trinity Ransomware: The Enigma of the .trinitylock
Resources
Trinity Ransomware: The Enigma of the .trinitylock
Overview: Known Aliases of Trinity Ransomware: Trinity Ransomware. Possible links to 2023Lock and Venus ransomware, implying potential shared infrastructure or ...
Akira Ransomware: The Extortion Ghost in a Shell
Resources
Akira Ransomware: The Extortion Ghost in a Shell
Akira has targeted a range of organizations, including universities (Stanford), major IT service providers (Tietoevry), and numerous businesses across various sectors. Critical infrastructure, including healthcare ...
Hunters International Ransomware: Hive Ransomware Ressurected
Resources
Hunters International Ransomware: Hive Ransomware Ressurected
Hunters International is a Ransomware-as-a-Service (RaaS) group that emerged in October 2023, following the disruption of the Hive ransomware group. They've conducted over 200 attacks ...
Rhysida Ransomware: The Silent Serpent
ransomware
Rhysida Ransomware: The Silent Serpent
Rhysida Ransomware Threat Actor Profile
Black Basta Ransomware: The Black Hand of Dark Web
RaaS
Black Basta Ransomware: The Black Hand of Dark Web
Black Basta is a prolific ransomware-as-a-service (RaaS) group employing double-extortion tactics (data encryption and exfiltration).
Play Ransomware: The Shadow Syndicate
ransomware
Play Ransomware: The Shadow Syndicate
Play is a highly capable ransomware group demonstrating advanced technical skills and operational sophistication.
Dark Angels Ransomware: Sophistication & High Stakes Attacks
Dark Angels Ransomware
Dark Angels Ransomware: Sophistication & High Stakes Attacks
Overview The Dark Angels ransomware group is a sophisticated and stealthy cybercrime operation known for its targeted attacks on large ...
Salt Typhoon: A Chinese APT at War with the US
Resources
Salt Typhoon: A Chinese APT at War with the US
Salt Typhoon is considered an advanced persistent threat (APT) actor, reportedly operated by the Chinese government.
RansomHub Ransomware - A RaaS Syndicate
RaaS
RansomHub Ransomware – A RaaS Syndicate
RansomHub operates as a Ransomware-as-a-Service (RaaS), providing infrastructure and code to affiliates.