Live
jordiserrano.meClickFixKAIROSIntelTracker 🌐 Traducir PanelActoresCampanasCompararEstadisticasBreachesRSSAPI
10,491Incidentes
653Actores
169Paises
25 JunActualizado
ArsenalExploitsTTP MatrixKillChainMapaActoresSSLBLRansomLookRansomwhereAlertasCyberNews
2026-05-27: 5 2026-05-28: 22 2026-05-29: 118 2026-05-30: 16 2026-05-31: 7 2026-06-01: 39 2026-06-02: 20 2026-06-03: 34 2026-06-04: 38 2026-06-05: 200 2026-06-06: 27 2026-06-07: 4 2026-06-08: 76 2026-06-09: 67 2026-06-10: 196 2026-06-11: 99 2026-06-12: 85 2026-06-13: 16 2026-06-14: 27 2026-06-15: 129 2026-06-16: 50 2026-06-17: 36 2026-06-18: 494 2026-06-19: 190 2026-06-20: 518 2026-06-21: 30 2026-06-22: 54 2026-06-23: 38 2026-06-24: 49 2026-06-25: 363
7d: 1,736 posts
641 grupos activos
+592 nuevos
Top: china (6.3%)
china ▲ 109 100% other-actors ▲ 74 100% bushidouk ▲ 55 100% malware---tools ▲ 54 100% unknown---unmapped-actors ▲ 44 100%

Actores mas activos

qilin707thegentlemen461akira324dragonforce264lockbit5260

Paises con mas actividad

United States1792United Kingdom258Germany253China212Canada171

IOCs con relaciones

hash301ip22ip-135-125-160.eu9hash3hash3
15 de 18 incidentesExportar CSV
APT16
china Reference China T1566
Que es Apt16 es un actor APT (Advanced Persistent Threat) asociado al grupo regional de China, con alias como G0023, ELMER backdoor, Gh0st, HTRAN, UNICAT, Poison Ivy, Pandora. Este grupo se enfoca en …
China2 minVer analisis →
APT41
china Reference China
Que es APT41 es un actor APT (Advanced Persistent Threat) vinculado al grupo regional de China. Conocido también como G0096, CRACKSHOT, GEARSHIFT, HIGHNOON, JUMPALL, POISONPLUG, HOTCHAI, LATELUNCH, LI…
China2 minVer analisis →
Also note that Turla used OilRigs implants,https://www.fireeye.com/blog/threat-research/2016/05/targeted_attacksaga.html,http://researchcenter.paloaltonetworks.com/2016/10/unit42-oilrig-malware-campaign-updates-toolset-and-expands-targets/,http://researchcenter.paloaltonetworks.com/2016/05/the-oilrig-campaign-attacks-on-saudi-arabian-organizations-deliver-helminth-backdoor/,http://www.clearskysec.com/oilrig/,https://cert.gov.il/Updates/Alerts/SiteAssets/CERT-IL-ALERT-W-120.pdf,http://researchcenter.paloaltonetworks.com/2017/04/unit42-oilrig-actors-provide-glimpse-development-testing-efforts/,http://blog.morphisec.com/iranian-fileless-cyberattack-on-israel-word-vulnerability%20,https://www.forbes.com/sites/thomasbrewster/2017/02/15/oilrig-iran-hackers-cyberespionage-us-turkey-saudi-arabia/#56749aa2468a,https://researchcenter.paloaltonetworks.com/2017/07/unit42-twoface-webshell-persistent-access-point-lateral-movement/,https://researchcenter.paloaltonetworks.com/2017/07/unit42-oilrig-uses-ismdoor-variant-possibly-linked-greenbug-threat-group/,https://researchcenter.paloaltonetworks.com/2017/09/unit42-striking-oil-closer-look-adversary-infrastructure/,https://www.fireeye.com/blog/threat-research/2017/12/targeted-attack-in-middle-east-by-apt34.html,https://researchcenter.paloaltonetworks.com/2017/12/unit42-introducing-the-adversary-playbook-first-up-oilrig/,https://www.dragos.com/blog/20180517Chrysene.html,https://www.fireeye.com/content/dam/collateral/en/mtrends-2018.pdf,https://sec0wn.blogspot.com/2018/05/prb-backdoor-fully-loaded-powershell.html,https://www.ncsc.gov.uk/news/turla-group-exploits-iran-apt-to-expand-coverage-of-victims,https://securityintelligence.com/posts/new-destructive-wiper-zerocleare-targets-energy-sector-in-the-middle-east/,https://www.clearskysec.com/powdesk-apt34/,https://unit42.paloaltonetworks.com/oilrig-novel-c2-channel-steganography/,https://blog.talosintelligence.com/2018/11/dnspionage-campaign-targets-middle-east.html,https://blog.talosintelligence.com/2019/04/dnspionage-brings-out-karkoff.html,https://www.crowdstrike.com/blog/widespread-dns-hijacking-activity-targets-multiple-sectors/,https://blog-cert.opmd.fr/dnspionage-retour-factuel-sur-les-attaques-annoncees-dans-differents-medias/,https://www.trendmicro.com/en_us/research/23/b/new-apt34-malware-targets-the-middle-east.html,https://www.trendmicro.com/en_no/research/23/i/apt34-deploys-phishing-attack-with-new-malware.html,https://research.checkpoint.com/2023/from-albania-to-the-middle-east-the-scarred-manticore-is-listening/,,,,,,
iran Reference Iran Gov T1566
Que es Turla es un grupo de ciberataques asociado al país de Irán, conocido por su actividad de espionaje cyber y operaciones de ingeniería social. El grupo utiliza técnicas avanzadas para comprometer…
Iran3 minVer analisis →
UNC1945
other-actors Reference Unknown
Que es UNC1945 es un actor APT (Advanced Persistent Threat) del grupo "Other Actors", reconocido por su actividad en el sector cibernético. Este grupo, también conocido como LightBasin, DecisiveArchit…
Unknown2 minVer analisis →
UNC1151
other-actors Reference United States
Que es UNC1151 es un actor APT (Advanced Persistent Threat) del grupo "Other Actors", conocido por su actividad en el ámbito regional y sus alias como Ghostwriter, TA445, UAC-0057 o Operation Ghostwri…
United States3 minVer analisis →
EvilPost
unknown---unmapped-actors Reference United States
Que es EvilPost es un actor APT (Advanced Persistent Threat) del grupo regional Unknown / Unmapped Actors, asociado a actividades de ciberataques relacionados con la defensa sectorial japonesa. Se ha …
United States2 minVer analisis →
Triton
unknown---unmapped-actors Reference Unknown Gov
Que es Triton Triton es un actor APT (Advanced Persistent Threat) asociado al grupo regional Unknown / Unmapped Actors, cuya identidad no ha sido oficialmente revelada. Este grupo se conoce bajo vario…
Unknown2 minVer analisis →
Poison Ivy
malware---tools Reference Unknown 🖥️ Software
Que es Poison Ivy es un herramienta de malware asociada al grupo regional de actores APT (Advanced Persistent Threat). Este tipo de amenazas está relacionado con la ciberdelincuencia organizada y suel…
Unknown2 minVer analisis →
APTTrail: apt-c-12 indicators and references
apt-c-12 Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a apt-c-12. Aliases observados: apt-c-12, apt12, bluemushroom, dnscalc, dyncalc, ixeshe. Conteo por tipo: domain: 2, ipv4: 1, url: 10.I…
Unknown1 minVer analisis →
APTTrail: APT 18 indicators and references
apt-18 Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a APT 18. Aliases observados: APT 18. Conteo por tipo: domain: 14, ipv4: 1, url: 2.Indicadores de Compromiso (IOCs)TipoValorContextoDom…
Unknown1 minVer analisis →
APTTrail: apt19 indicators and references
apt19 Ioc United States 💻 Tech
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a apt19. Aliases observados: apt19, c0d0so0, codoso, codoso team, deep panda, sunshop group. Conteo por tipo: domain: 57, file_path: 1,…
United States1 minVer analisis →
APTTrail: APT DRAGONOK indicators and references
apt-dragonok Ioc Japan
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a APT DRAGONOK. Aliases observados: APT DRAGONOK. Conteo por tipo: domain: 14.Indicadores de Compromiso (IOCs)TipoValorContextoDomainbb…
Japan1 minVer analisis →
APTTrail: apt-c-3 indicators and references
apt-c-3 Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a apt-c-3. Aliases observados: apt-c-3, apt3, ups. Conteo por tipo: domain: 10.Indicadores de Compromiso (IOCs)TipoValorContextoDomainb…
Unknown1 minVer analisis →
APTTrail: APT REAPER indicators and references
apt-reaper Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a APT REAPER. Aliases observados: APT REAPER. Conteo por tipo: domain: 19, file_path: 1.Indicadores de Compromiso (IOCs)TipoValorContex…
Unknown1 minVer analisis →
APTTrail: APT SNOWMAN indicators and references
apt-snowman Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a APT SNOWMAN. Aliases observados: APT SNOWMAN. Conteo por tipo: domain: 8.Indicadores de Compromiso (IOCs)TipoValorContextoDomainali.b…
Unknown1 minVer analisis →