Interactive Demo โ€” Sample data only.Start Real Trial โ†’

Threat Actors

50+ tracked groups with attribution, TTPs, and activity monitoring

Tracked Groups
50+
Active This Month
12
State-Sponsored
7
MITRE Techniques
245

Groups by Origin

Iran
3
Russia
3
North Korea
1
Tunisia
1
Sudan
1
Unknown
1

APT34 (OilRig)

๐Ÿ‡ฎ๐Ÿ‡ท Iran ยท State-Sponsored ยท Active since 2014

CRITICAL RISK

Iranian cyber espionage group targeting Middle East energy, government, and telecommunications sectors. Known for custom malware including POWBAT, BONDUPDATER, and QUADAGENT. Active campaigns against UAE and Saudi Arabian infrastructure.

15
MITRE Techniques
23
Attack Claims
8
Validated Attacks
5
Malware Families
T1566.001 SpearphishingT1059.001 PowerShellT1078 Valid AccountsT1071 App Layer ProtocolT1003 Credential Dumping

All Tracked Groups

GroupOriginTarget SectorsTechniquesRiskStatus
๐Ÿ‡ฎ๐Ÿ‡ท APT34 (OilRig)IranEnergy, Government, Telecom15CriticalActive
๐Ÿ‡ฎ๐Ÿ‡ท MuddyWaterIranGovernment, Defense, Telecom12HighActive
๐Ÿ‡ฎ๐Ÿ‡ท APT33 (Elfin)IranAviation, Energy, Petrochemical11HighActive
๐Ÿ‡น๐Ÿ‡ณ Tunisian MaskersTunisiaGovernment, Education6MediumActive
๐Ÿ‡ท๐Ÿ‡บ LockBit 3.0RussiaCross-sector (Ransomware)14CriticalActive
๐Ÿ‡ธ๐Ÿ‡ฉ Anonymous SudanSudanGovernment, Finance, Tech4MediumActive
๐Ÿ‡ท๐Ÿ‡บ BlackCat/ALPHVRussiaHealthcare, Finance13CriticalActive
๐Ÿ‡ฐ๐Ÿ‡ต Lazarus GroupNorth KoreaFinance, Crypto, Defense18CriticalActive
โ“ SandViperUnknownEnergy, Government (GCC)7HighEmerging
๐Ÿ‡ท๐Ÿ‡บ Cl0pRussiaCross-sector (Ransomware)10HighActive
Showing 10 of 50+ groups โ€” Start trial for full access