Live
jordiserrano.meClickFixKAIROSIntelTracker 🌐 Traducir PanelActoresCampanasCompararEstadisticasBreachesRSSAPI
10,491Incidentes
653Actores
169Paises
25 JunActualizado
ArsenalExploitsTTP MatrixKillChainMapaActoresSSLBLRansomLookRansomwhereAlertasCyberNews
2026-05-27: 5 2026-05-28: 22 2026-05-29: 118 2026-05-30: 16 2026-05-31: 7 2026-06-01: 39 2026-06-02: 20 2026-06-03: 34 2026-06-04: 38 2026-06-05: 200 2026-06-06: 27 2026-06-07: 4 2026-06-08: 76 2026-06-09: 67 2026-06-10: 196 2026-06-11: 99 2026-06-12: 85 2026-06-13: 16 2026-06-14: 27 2026-06-15: 129 2026-06-16: 50 2026-06-17: 36 2026-06-18: 494 2026-06-19: 190 2026-06-20: 518 2026-06-21: 30 2026-06-22: 54 2026-06-23: 38 2026-06-24: 49 2026-06-25: 363
7d: 1,736 posts
641 grupos activos
+592 nuevos
Top: china (6.3%)
china ▲ 109 100% other-actors ▲ 74 100% bushidouk ▲ 55 100% malware---tools ▲ 54 100% unknown---unmapped-actors ▲ 44 100%

Actores mas activos

qilin707thegentlemen461akira324dragonforce264lockbit5260

Paises con mas actividad

United States1792United Kingdom258Germany253China212Canada171

IOCs con relaciones

hash301ip22ip-135-125-160.eu9hash3hash3
15 de 25 incidentesExportar CSV
Sparkling Goblin
china Reference China
Que es Sparkling Goblin es un actor APT (Advanced Persistent Threat) asociado al grupo regional de China. Este grupo ha sido identificado con múltiples alias y está vinculado a organizaciones en diver…
China2 minVer analisis →
BuhTrap
russia Reference Russia
Que es BuhTrap es un actor APT (Advanced Persistent Threat) asociado al grupo regional Russia, activo entre 2015 y 2016. Se conoce por su uso de múltiples herramientas y técnicas de ciberataque, inclu…
Russia2 minVer analisis →
Persistency: tipically launching ransomware after operation to destroy evidences,Threat Recon.nshc.net alias=SectorA01,http://www.mcafee.com/us/resources/white-papers/wp-dissecting-operation-troy.pdf,http://researchcenter.paloaltonetworks.com/2015/11/tdrop2-attacks-suggest-dark-seoul-attackers-return/,https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Report.pdf,https://www.alienvault.com/open-threat-exchange/blog/operation-blockbuster-unveils-the-actors-behind-the-sony-attacks,https://www.us-cert.gov/ncas/alerts/TA17-164A,http://www.fsec.or.kr/common/proc/fsec/bbs/21/fileDownLoad/1235.do,https://researchcenter.paloaltonetworks.com/2017/08/unit42-blockbuster-saga-continues/,https://www.crowdstrike.com/blog/unprecedented-announcement-fbi-implicates-north-korea-destructive-attacks/,https://www.us-cert.gov/ncas/alerts/TA17-318A,https://www.us-cert.gov/ncas/alerts/TA17-318B,https://www.proofpoint.com/sites/default/files/pfpt-us-wp-north-korea-bitten-by-bitcoin-bug.pdf,https://securingtomorrow.mcafee.com/mcafee-labs/lazarus-resurfaces-targets-global-banks-bitcoin-users/,https://www.darkreading.com/vulnerabilities---threats/lazarus-group-fancy-bear-most-active-threat-groups-in-2017/d/d-id/1330954?print=yes,https://www.us-cert.gov/HIDDEN-COBRA-North-Korean-Malicious-Cyber-Activity, https://securelist.com/operation-applejeus/87553/,https://blogs.microsoft.com/on-the-issues/2017/12/19/microsoft-facebook-disrupt-zinc-malware-attack-protect-customers-internet-ongoing-cyberthreats/,https://www.secureworks.com/about/press/media-alert-secureworks-discovers-north-korean-cyber-threat-group-lazarus-spearphishing,https://threatrecon.nshc.net/2019/01/23/sectora01-custom-proxy-utility-tool-analysis/,https://objective-see.com/blog/blog_0x49.html,https://www.sentinelone.com/blog/lazarus-apt-targets-mac-users-poisoned-word-document/,https://blog.alyac.co.kr/2827,https://www.sentinelone.com/blog/four-distinct-families-of-lazarus-malware-target-apples-macos-platform/,https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/,https://www.welivesecurity.com/2020/06/17/operation-interception-aerospace-military-companies-cyberspies/,https://www.mcafee.com/blogs/other-blogs/mcafee-labs/operation-north-star-a-job-offer-thats-too-good-to-be-true/,https://www.clearskysec.com/operation-dream-job/,https://blogs.jpcert.or.jp/en/2020/08/Lazarus-malware.html,https://medium.com/s2wlab/analysis-of-threatneedle-c-c-communication-feat-google-tag-warning-to-researchers-782aa51cf74,https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/,https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-against-security-researchers/,https://www.hvs-consulting.de/lazarus-report/,https://blog.chainalysis.com/reports/lazarus-group-kucoin-exchange-hack,https://securelist.com/lazarus-threatneedle/100803/,https://www.clearskysec.com/wp-content/uploads/2021/05/CryptoCore-Lazarus-Clearsky.pdf,https://blog.alyac.co.kr/3814,https://www.cisa.gov/uscert/ncas/alerts/aa22-108a,https://www.sentinelone.com/blog/lazarus-operation-interception-targets-macos-users-dreaming-of-jobs-in-crypto/,https://www.microsoft.com/security/blog/2022/09/29/zinc-weaponizing-open-source-software/,https://securelist.com/dtrack-targeting-europe-latin-america/107798/,https://www.volexity.com/blog/2022/12/01/buyer-beware-fake-cryptocurrency-applications-serving-as-front-for-applejeus-malware/,https://www.microsoft.com/en-us/security/blog/2022/12/06/dev-0139-launches-targeted-attacks-against-the-cryptocurrency-industry/,https://labs.withsecure.com/content/dam/labs/docs/WithSecure-Lazarus-No-Pineapple-Threat-Intelligence-Report-2023.pdf,https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/,https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/,https://www.welivesecurity.com/en/eset-research/lazarus-luring-employees-trojanized-coding-challenges-case-spanish-aerospace-company/
north-korea Reference North Korea Gov T1566
Que es Threat Recon.nshc.net alias=SectorA01 es un actor APT del grupo regional de North Korea asociado a operaciones de ransomware. Este grupo ha sido documentado en múltiples fuentes de inteligencia…
North Korea2 minVer analisis →
InvisiMole
other-actors Reference Unknown 🖥️ Software
Que es InvisiMole es un actor APT (Advanced Persistent Threat) asociado al grupo regional "Other Actors", con alias vinculados a Rusia y Ucrania. Este nombre se ha utilizado en contextos de seguridad …
Unknown2 minVer analisis →
GreyEnergy Group
other-actors Reference United States
Que es GreyEnergy Group es un actor APT (Advanced Persistent Threat) asociado al grupo regional Other Actors, con alias como Maldoc, GreyEnergy Dropper, GreyEnergy Min y FELIXROOT. Se identifica como …
United States2 minVer analisis →
Worok
unknown---unmapped-actors Reference South Africa 🖥️ Software
Que es Worok es un actor APT (Advanced Persistent Threat) del grupo regional Unknown / Unmapped Actors, con alias como Proxy Shell y CVE-2021-34523. Se asocia con regiones geográficas específicas, inc…
South Africa2 minVer analisis →
X-Agent
malware---tools Reference Unknown
Que es X-Agent es un actor APT (Advanced Persistent Threat) relacionado con el grupo malicioso Sofacy, conocido por su actividad en el ámbito de malware y herramientas cibernéticas. Este grupo ha sido…
Unknown2 minVer analisis →
APTTrail: apt-c-60 indicators and references
apt-c-60 Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a apt-c-60. Aliases observados: apt-c-60, apt-q-12, spyglace. Conteo por tipo: domain: 4, ipv4: 5, url: 5.Indicadores de Compromiso (IO…
Unknown2 minVer analisis →
APTTrail: laret indicators and references
laret Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a laret. Aliases observados: laret, pinar. Conteo por tipo: ipv4: 6.Indicadores de Compromiso (IOCs)TipoValorContextoIP178.209.51.61:12…
Unknown1 minVer analisis →
APTTrail: UAC-0008 indicators and references
uac-0008 Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a UAC-0008. Aliases observados: UAC-0008. Conteo por tipo: domain: 24, file_path: 4, url: 1.Indicadores de Compromiso (IOCs)TipoValorCo…
Unknown1 minVer analisis →
APTTrail: entryshell indicators and references
entryshell Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a entryshell. Aliases observados: entryshell, sparrowdoor, xiangoop. Conteo por tipo: domain: 14, ipv4: 15.Indicadores de Compromiso (I…
Unknown1 minVer analisis →
APTTrail: APT GOLDENJACKAL indicators and references
apt-goldenjackal Ioc Iran 🏛️ Government
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a APT GOLDENJACKAL. Aliases observados: APT GOLDENJACKAL. Conteo por tipo: file_path: 36, ipv4: 1, url: 2.Indicadores de Compromiso (IO…
Iran2 minVer analisis →
APTTrail: nosydoor indicators and references
nosydoor Ioc Japan
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a nosydoor. Aliases observados: nosydoor, nosydownloader, nosyhistorian. Conteo por tipo: domain: 6.Indicadores de Compromiso (IOCs)Tip…
Japan1 minVer analisis →
APTTrail: lodeinfo indicators and references
lodeinfo Ioc China 📺 Media
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a lodeinfo. Aliases observados: lodeinfo, mirrorstealer. Conteo por tipo: domain: 2, ipv4: 17, url: 3.Indicadores de Compromiso (IOCs)T…
China1 minVer analisis →
APTTrail: APT MOUSTACHEDBOUNCER indicators and references
apt-moustachedbouncer Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a APT MOUSTACHEDBOUNCER. Aliases observados: APT MOUSTACHEDBOUNCER. Conteo por tipo: domain: 5, ipv4: 6.Indicadores de Compromiso (IOCs…
Unknown1 minVer analisis →