Live
jordiserrano.meClickFixKAIROSIntelTracker 🌐 Traducir PanelActoresCampanasCompararEstadisticasBreachesRSSAPI
10,488Incidentes
653Actores
169Paises
25 JunActualizado
ArsenalExploitsTTP MatrixKillChainMapaActoresSSLBLRansomLookRansomwhereAlertasCyberNews
2026-05-27: 5 2026-05-28: 22 2026-05-29: 118 2026-05-30: 16 2026-05-31: 7 2026-06-01: 39 2026-06-02: 20 2026-06-03: 34 2026-06-04: 38 2026-06-05: 200 2026-06-06: 27 2026-06-07: 4 2026-06-08: 76 2026-06-09: 67 2026-06-10: 196 2026-06-11: 99 2026-06-12: 85 2026-06-13: 16 2026-06-14: 27 2026-06-15: 129 2026-06-16: 50 2026-06-17: 36 2026-06-18: 494 2026-06-19: 190 2026-06-20: 518 2026-06-21: 30 2026-06-22: 54 2026-06-23: 38 2026-06-24: 49 2026-06-25: 363
7d: 1,736 posts
641 grupos activos
+592 nuevos
Top: china (6.3%)
china ▲ 109 100% other-actors ▲ 74 100% bushidouk ▲ 55 100% malware---tools ▲ 54 100% unknown---unmapped-actors ▲ 44 100%

Actores mas activos

qilin707thegentlemen461akira324dragonforce264lockbit5260

Paises con mas actividad

United States1792United Kingdom258Germany252China212Canada171

IOCs con relaciones

hash301ip22ip-135-125-160.eu9hash3hash3
14 de 14 incidentesExportar CSV
DragonSpark
china Reference China
Que es DragonSpark es un actor APT (Advanced Persistent Threat) vinculado al grupo regional de China. Se conoce por su uso de técnicas de evasión de detección, incluyendo la utilización de herramienta…
China2 minVer analisis →
WIP19
china Reference China
Que es WIP19 WIP19 es un actor APT regional vinculado a China, conocido por su actividad de espionaje y ciberataques contra organizaciones clave. El grupo utiliza técnicas avanzadas de ciberseguridad …
China2 minVer analisis →
Persistency: tipically launching ransomware after operation to destroy evidences,Threat Recon.nshc.net alias=SectorA01,http://www.mcafee.com/us/resources/white-papers/wp-dissecting-operation-troy.pdf,http://researchcenter.paloaltonetworks.com/2015/11/tdrop2-attacks-suggest-dark-seoul-attackers-return/,https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Report.pdf,https://www.alienvault.com/open-threat-exchange/blog/operation-blockbuster-unveils-the-actors-behind-the-sony-attacks,https://www.us-cert.gov/ncas/alerts/TA17-164A,http://www.fsec.or.kr/common/proc/fsec/bbs/21/fileDownLoad/1235.do,https://researchcenter.paloaltonetworks.com/2017/08/unit42-blockbuster-saga-continues/,https://www.crowdstrike.com/blog/unprecedented-announcement-fbi-implicates-north-korea-destructive-attacks/,https://www.us-cert.gov/ncas/alerts/TA17-318A,https://www.us-cert.gov/ncas/alerts/TA17-318B,https://www.proofpoint.com/sites/default/files/pfpt-us-wp-north-korea-bitten-by-bitcoin-bug.pdf,https://securingtomorrow.mcafee.com/mcafee-labs/lazarus-resurfaces-targets-global-banks-bitcoin-users/,https://www.darkreading.com/vulnerabilities---threats/lazarus-group-fancy-bear-most-active-threat-groups-in-2017/d/d-id/1330954?print=yes,https://www.us-cert.gov/HIDDEN-COBRA-North-Korean-Malicious-Cyber-Activity, https://securelist.com/operation-applejeus/87553/,https://blogs.microsoft.com/on-the-issues/2017/12/19/microsoft-facebook-disrupt-zinc-malware-attack-protect-customers-internet-ongoing-cyberthreats/,https://www.secureworks.com/about/press/media-alert-secureworks-discovers-north-korean-cyber-threat-group-lazarus-spearphishing,https://threatrecon.nshc.net/2019/01/23/sectora01-custom-proxy-utility-tool-analysis/,https://objective-see.com/blog/blog_0x49.html,https://www.sentinelone.com/blog/lazarus-apt-targets-mac-users-poisoned-word-document/,https://blog.alyac.co.kr/2827,https://www.sentinelone.com/blog/four-distinct-families-of-lazarus-malware-target-apples-macos-platform/,https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/,https://www.welivesecurity.com/2020/06/17/operation-interception-aerospace-military-companies-cyberspies/,https://www.mcafee.com/blogs/other-blogs/mcafee-labs/operation-north-star-a-job-offer-thats-too-good-to-be-true/,https://www.clearskysec.com/operation-dream-job/,https://blogs.jpcert.or.jp/en/2020/08/Lazarus-malware.html,https://medium.com/s2wlab/analysis-of-threatneedle-c-c-communication-feat-google-tag-warning-to-researchers-782aa51cf74,https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/,https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-against-security-researchers/,https://www.hvs-consulting.de/lazarus-report/,https://blog.chainalysis.com/reports/lazarus-group-kucoin-exchange-hack,https://securelist.com/lazarus-threatneedle/100803/,https://www.clearskysec.com/wp-content/uploads/2021/05/CryptoCore-Lazarus-Clearsky.pdf,https://blog.alyac.co.kr/3814,https://www.cisa.gov/uscert/ncas/alerts/aa22-108a,https://www.sentinelone.com/blog/lazarus-operation-interception-targets-macos-users-dreaming-of-jobs-in-crypto/,https://www.microsoft.com/security/blog/2022/09/29/zinc-weaponizing-open-source-software/,https://securelist.com/dtrack-targeting-europe-latin-america/107798/,https://www.volexity.com/blog/2022/12/01/buyer-beware-fake-cryptocurrency-applications-serving-as-front-for-applejeus-malware/,https://www.microsoft.com/en-us/security/blog/2022/12/06/dev-0139-launches-targeted-attacks-against-the-cryptocurrency-industry/,https://labs.withsecure.com/content/dam/labs/docs/WithSecure-Lazarus-No-Pineapple-Threat-Intelligence-Report-2023.pdf,https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/,https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/,https://www.welivesecurity.com/en/eset-research/lazarus-luring-employees-trojanized-coding-challenges-case-spanish-aerospace-company/
north-korea Reference North Korea Gov T1566
Que es Threat Recon.nshc.net alias=SectorA01 es un actor APT del grupo regional de North Korea asociado a operaciones de ransomware. Este grupo ha sido documentado en múltiples fuentes de inteligencia…
North Korea2 minVer analisis →
ModifiedElephant
other-actors Reference India ⚖️ Law
Que es ModifiedElephant es un actor de alto nivel (APT) asociado al grupo Other Actors, con una conexión clara a las intereses del Estado indio. Este grupo, también conocido como Activists, human righ…
India3 minVer analisis →
WIP26
unknown---unmapped-actors Reference Unknown T1566
Que es WIP26 es un actor APT (Advanced Persistent Threat) asociado al grupo regional Unknown / Unmapped Actors, reconocido por su actividad de espionaje y ataques dirigidos a sectores críticos. Este a…
Unknown2 minVer analisis →
Mysterious Metador
unknown---unmapped-actors Reference United States
Que es Mysterious Metador es un actor APT (Advanced Persistent Threat) del grupo Unknown / Unmapped Actors, cuya identidad y origen siguen siendo desconocidos. Con alias como "Mystery Metador", el gru…
United States2 minVer analisis →
Void Balaur
unknown---unmapped-actors Reference United States
Que es Void Balaur es un actor APT (Advanced Persistent Threat) del grupo regional "Unknown / Unmapped Actors". Este alias sugiere una operación que no ha sido mapeada con precisión, lo que indica una…
United States2 minVer analisis →
The group’s victims are mostly private sector businesses and the also includes a government organization and a charity association. All known victims are exclusively from Western countries with the majority of them from the United States and Europe (a single victim was from Singapore).,,https://www.cybereason.com/blog/threat-alert-inc-ransomware,https://www.sentinelone.com/anthology/inc-ransom/,https://www.malwarebytes.com/blog/threat-intelligence/2023/09/ransomware-review-september-2023,,,,,,,,,,,
unknown---unmapped-actors Reference United States 🏛️ Government
Que es El grupo "Unknown / Unmapped Actors" se identifica como un actor APT regional cuyo propósito no está claramente definido. Según informes de seguridad, este grupo ha llevado a cabo ataques con m…
United States2 minVer analisis →
APTTrail: Heyoka indicators and references
heyoka Ioc United States
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a Heyoka. Aliases observados: Heyoka, Mongall, UNC94. Conteo por tipo: domain: 107, ipv4: 4, url: 3.Indicadores de Compromiso (IOCs)Tip…
United States2 minVer analisis →
APTTrail: whiteelephant indicators and references
whiteelephant Ioc India
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a whiteelephant. Aliases observados: whiteelephant. Conteo por tipo: domain: 73, ipv4: 16, url: 7.Indicadores de Compromiso (IOCs)TipoV…
India1 minVer analisis →
APTTrail: APT EGOMANIAC indicators and references
apt-egomaniac Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a APT EGOMANIAC. Aliases observados: APT EGOMANIAC. Conteo por tipo: domain: 9.Indicadores de Compromiso (IOCs)TipoValorContextoDomaina…
Unknown1 minVer analisis →
APTTrail: magalenha indicators and references
magalenha Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a magalenha. Aliases observados: magalenha. Conteo por tipo: ipv4: 1, url: 19.Indicadores de Compromiso (IOCs)TipoValorContextoIP81.200…
Unknown1 minVer analisis →
APTTrail: goreshell indicators and references
goreshell Ioc United States
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a goreshell. Aliases observados: goreshell. Conteo por tipo: domain: 11, ipv4: 1.Indicadores de Compromiso (IOCs)TipoValorContextoDomai…
United States1 minVer analisis →
APTTrail: APT SANDMAN indicators and references
apt-sandman Ioc Unknown
Resumen APTTrailAPTTrail mantiene indicadores publicos asociados a APT SANDMAN. Aliases observados: APT SANDMAN. Conteo por tipo: domain: 4.Indicadores de Compromiso (IOCs)TipoValorContextoDomainencag…
Unknown1 minVer analisis →