Russian state-sponsored intrusion set publicly assessed by Microsoft as associated with the GRU but operationally distinct from Forest Blizzard (APT28) and Seashell Blizzard (Sandworm). Conducted the…
Pro-Palestine hacktivist persona operated by the Iranian MOIS-affiliated **Void Manticore** cluster — see the parent actor entry for the full attribution chain. Named for the Naji al-Ali cartoon char…
Public-facing hacktivist persona operated by the Iranian MOIS-affiliated Void Manticore cluster, used for the July 2022 destructive intrusion of the Albanian government's central IT infrastructure. T…
Pro-Israel hacktivist persona widely assessed by researchers and Israeli media as linked to Israeli military intelligence, though no government has publicly confirmed the relationship. Has claimed re…
Russian military-intelligence (GRU Unit 74455) intrusion set responsible for some of the most destructive cyberattacks publicly attributed to a nation-state: the 2015 and 2016 Ukrainian power-grid ou…
Iranian state-sponsored intrusion set publicly attributed to the Ministry of Intelligence and Security (MOIS), specialised in destructive operations and conducting them under a rotating set of public…