Live
jordiserrano.meClickFixKAIROSIntelTracker 🌐 Traducir PanelActoresCampanasCompararEstadisticasBreachesRSSAPI
10,488Incidentes
653Actores
169Paises
25 JunActualizado
ArsenalExploitsTTP MatrixKillChainMapaActoresSSLBLRansomLookRansomwhereAlertasCyberNews
2026-05-27: 5 2026-05-28: 22 2026-05-29: 118 2026-05-30: 16 2026-05-31: 7 2026-06-01: 39 2026-06-02: 20 2026-06-03: 34 2026-06-04: 38 2026-06-05: 200 2026-06-06: 27 2026-06-07: 4 2026-06-08: 76 2026-06-09: 67 2026-06-10: 196 2026-06-11: 99 2026-06-12: 85 2026-06-13: 16 2026-06-14: 27 2026-06-15: 129 2026-06-16: 50 2026-06-17: 36 2026-06-18: 494 2026-06-19: 190 2026-06-20: 518 2026-06-21: 30 2026-06-22: 54 2026-06-23: 38 2026-06-24: 49 2026-06-25: 363
7d: 1,736 posts
641 grupos activos
+592 nuevos
Top: china (6.3%)
china ▲ 109 100% other-actors ▲ 74 100% bushidouk ▲ 55 100% malware---tools ▲ 54 100% unknown---unmapped-actors ▲ 44 100%

Actores mas activos

qilin707thegentlemen461akira324dragonforce264lockbit5260

Paises con mas actividad

United States1792United Kingdom258Germany252China212Canada171

IOCs con relaciones

hash301ip22ip-135-125-160.eu9hash3hash3
11 de 11 incidentesExportar CSV
APT40
china Reference China
Que es Apt40 es un actor de ciberseguridad asociado al grupo regional de China. Conocido también como Leviathan, Temp.Periscope, Temp.Jumper, y otros alias, este grupo ha sido vinculado a actividades …
China2 minVer analisis →
TA410
china Reference China T1566
Que es Ta410 es un actor APT (Advanced Persistent Threat) vinculado al grupo regional de China. Este grupo, conocido por sus alias como Witchetty, FlowingFrog, LookingFrog, entre otros, ha sido identi…
China2 minVer analisis →
Persistency: tipically launching ransomware after operation to destroy evidences,Threat Recon.nshc.net alias=SectorA01,http://www.mcafee.com/us/resources/white-papers/wp-dissecting-operation-troy.pdf,http://researchcenter.paloaltonetworks.com/2015/11/tdrop2-attacks-suggest-dark-seoul-attackers-return/,https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Report.pdf,https://www.alienvault.com/open-threat-exchange/blog/operation-blockbuster-unveils-the-actors-behind-the-sony-attacks,https://www.us-cert.gov/ncas/alerts/TA17-164A,http://www.fsec.or.kr/common/proc/fsec/bbs/21/fileDownLoad/1235.do,https://researchcenter.paloaltonetworks.com/2017/08/unit42-blockbuster-saga-continues/,https://www.crowdstrike.com/blog/unprecedented-announcement-fbi-implicates-north-korea-destructive-attacks/,https://www.us-cert.gov/ncas/alerts/TA17-318A,https://www.us-cert.gov/ncas/alerts/TA17-318B,https://www.proofpoint.com/sites/default/files/pfpt-us-wp-north-korea-bitten-by-bitcoin-bug.pdf,https://securingtomorrow.mcafee.com/mcafee-labs/lazarus-resurfaces-targets-global-banks-bitcoin-users/,https://www.darkreading.com/vulnerabilities---threats/lazarus-group-fancy-bear-most-active-threat-groups-in-2017/d/d-id/1330954?print=yes,https://www.us-cert.gov/HIDDEN-COBRA-North-Korean-Malicious-Cyber-Activity, https://securelist.com/operation-applejeus/87553/,https://blogs.microsoft.com/on-the-issues/2017/12/19/microsoft-facebook-disrupt-zinc-malware-attack-protect-customers-internet-ongoing-cyberthreats/,https://www.secureworks.com/about/press/media-alert-secureworks-discovers-north-korean-cyber-threat-group-lazarus-spearphishing,https://threatrecon.nshc.net/2019/01/23/sectora01-custom-proxy-utility-tool-analysis/,https://objective-see.com/blog/blog_0x49.html,https://www.sentinelone.com/blog/lazarus-apt-targets-mac-users-poisoned-word-document/,https://blog.alyac.co.kr/2827,https://www.sentinelone.com/blog/four-distinct-families-of-lazarus-malware-target-apples-macos-platform/,https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/,https://www.welivesecurity.com/2020/06/17/operation-interception-aerospace-military-companies-cyberspies/,https://www.mcafee.com/blogs/other-blogs/mcafee-labs/operation-north-star-a-job-offer-thats-too-good-to-be-true/,https://www.clearskysec.com/operation-dream-job/,https://blogs.jpcert.or.jp/en/2020/08/Lazarus-malware.html,https://medium.com/s2wlab/analysis-of-threatneedle-c-c-communication-feat-google-tag-warning-to-researchers-782aa51cf74,https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/,https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-against-security-researchers/,https://www.hvs-consulting.de/lazarus-report/,https://blog.chainalysis.com/reports/lazarus-group-kucoin-exchange-hack,https://securelist.com/lazarus-threatneedle/100803/,https://www.clearskysec.com/wp-content/uploads/2021/05/CryptoCore-Lazarus-Clearsky.pdf,https://blog.alyac.co.kr/3814,https://www.cisa.gov/uscert/ncas/alerts/aa22-108a,https://www.sentinelone.com/blog/lazarus-operation-interception-targets-macos-users-dreaming-of-jobs-in-crypto/,https://www.microsoft.com/security/blog/2022/09/29/zinc-weaponizing-open-source-software/,https://securelist.com/dtrack-targeting-europe-latin-america/107798/,https://www.volexity.com/blog/2022/12/01/buyer-beware-fake-cryptocurrency-applications-serving-as-front-for-applejeus-malware/,https://www.microsoft.com/en-us/security/blog/2022/12/06/dev-0139-launches-targeted-attacks-against-the-cryptocurrency-industry/,https://labs.withsecure.com/content/dam/labs/docs/WithSecure-Lazarus-No-Pineapple-Threat-Intelligence-Report-2023.pdf,https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/,https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/,https://www.welivesecurity.com/en/eset-research/lazarus-luring-employees-trojanized-coding-challenges-case-spanish-aerospace-company/
north-korea Reference North Korea Gov T1566
Que es Threat Recon.nshc.net alias=SectorA01 es un actor APT del grupo regional de North Korea asociado a operaciones de ransomware. Este grupo ha sido documentado en múltiples fuentes de inteligencia…
North Korea2 minVer analisis →
TA544
other-actors Reference United States 🏦 Banking T1566
Que es TA544 es un actor APT (Advanced Persistent Threat) del grupo Other Actors, con alias como Narwhal Spider, URLZone, Ursnif, Panda Banker, Nymaim, Chthonic, Smoke Loader, y Online banking. Este g…
United States2 minVer analisis →
TA555
other-actors Reference United States
Que es TA555 TA555 es un actor de alto nivel (APT) asociado al grupo Other Actors, identificado como parte de una red de actores no estandardizados en el análisis de amenazas. Este actor ha sido vincu…
United States3 minVer analisis →
TA2101
other-actors Reference United States T1566
Que es TA2101 es un actor APT (Advanced Persistent Threat) del grupo Other Actors, vinculado a actividades de ciberataques relacionados con el ransomware Maze. Este grupo ha sido identificado como par…
United States2 minVer analisis →
APTTrail: exilerat indicators and references
exilerat Ioc India
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a exilerat. Aliases observados: exilerat, luckycat, sepulcher, shadownet, ta413. Conteo por tipo: domain: 56, ipv4: 8, url: 1.Indicador…
India1 minVer analisis →
APTTrail: APT NETTRAVELER indicators and references
apt-nettraveler Ioc Russia
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a APT NETTRAVELER. Aliases observados: APT NETTRAVELER. Conteo por tipo: domain: 45.Indicadores de Compromiso (IOCs)TipoValorContextoDo…
Russia1 minVer analisis →
APTTrail: APT TA2101 indicators and references
apt-ta2101 Ioc Unknown 🏛️ Government
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a APT TA2101. Aliases observados: APT TA2101. Conteo por tipo: domain: 2, url: 9.Indicadores de Compromiso (IOCs)TipoValorContextoDomai…
Unknown1 minVer analisis →
APTTrail: FlowCloud indicators and references
flowcloud Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a FlowCloud. Aliases observados: FlowCloud, LookBack, LookingFrog, Witchetty. Conteo por tipo: domain: 16, ipv4: 3, url: 4.Indicadores …
Unknown1 minVer analisis →
APTTrail: APT TA416 indicators and references
apt-ta416 Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a APT TA416. Aliases observados: APT TA416. Conteo por tipo: domain: 2, ipv4: 8, url: 4.Indicadores de Compromiso (IOCs)TipoValorContex…
Unknown1 minVer analisis →