PRC state-affiliated intrusion set publicly attributed by the U.S. DOJ to the Guangzhou-based front company Boyusec (Guangzhou Bo Yu Information Technology), working in concert with the Ministry of S…
PRC state-sponsored intrusion set publicly attributed to the Ministry of State Security's Hubei State Security Department, operating through the front company Wuhan Xiaoruizhi Science and Technology…
DPRK state-sponsored actor publicly attributed to North Korea's Ministry of State Security (MSS). Conducts espionage against South Korean public and private sector targets and, to a lesser extent, Ja…
Iranian state-affiliated intrusion set publicly attributed to Rana Intelligence Computing — an MOIS (Ministry of Intelligence and Security) front company sanctioned by the U.S. Treasury OFAC in Septe…
Chinese state-affiliated group notable for blending espionage with financially-motivated operations (game-industry currency theft, cryptocurrency). Implicated in multiple software supply-chain compro…
Russian state-sponsored intrusion set publicly attributed by the Security Service of Ukraine (SBU) to FSB officers based in Russian-occupied Crimea. The longest-running publicly-documented intrusion…
DPRK state-sponsored umbrella set associated with the Reconnaissance General Bureau. Mixes financially-motivated operations (including major cryptocurrency exchange thefts and SWIFT-network bank intr…
PRC state-aligned intrusion set focused on espionage against European government and NGO targets, Southeast Asian government and military targets (especially around the South China Sea), Mongolia, Ta…
PRC state-sponsored intrusion set publicly attributed by ThreatConnect and Defense Group Inc. to the People's Liberation Army Unit 78020 (Chengdu Military Region Second Technical Reconnaissance Burea…
PRC state-backed actor responsible for the 2024 intrusions into U.S. commercial telecommunications providers — among the most consequential telecom-targeted operations on the public record. Operates…
Russian state-sponsored actor publicly attributed to FSB Center 16. One of the longest-running espionage sets on record, known for the Snake (Uroburos) implant — a sophisticated peer-to-peer covert c…