APT's - ctrlaltdeceit.org

Advanced Persistent Threats (APTs) are highly sophisticated hacking groups, often state-sponsored, that conduct cyber espionage, data theft, and sabotage. They operate globally, with affiliations to various countries. Below is a list of notable APT groups categorized by their suspected country of origin: --- ### [[Chinese APT's]] - APT1 (Comment Crew)– PLA-affiliated, focused on cyber espionage. - APT3 (Gothic Panda) – Tied to the MSS, exploits zero-days. - APT10 (Stone Panda, MenuPass) – Global cyber espionage, "Cloud Hopper" campaign. - APT17 (Deputy Dog)– Targets government and legal sectors. - APT27 (Lucky Mouse, Emissary Panda) – Uses Gh0st RAT, focuses on cyber espionage. - APT31 (Zirconium, Judgement Panda) – Targets political and tech sectors. - **APT40 (Periscope, Leviathan)** – Maritime and naval sector focus. - **APT41 (Winnti, Wicked Panda)** – Espionage and financially motivated attacks. - **Mustang Panda (Bronze President)** – Spear-phishing campaigns, NGOs. - **Chimera** – Targets Taiwan’s semiconductor industry. --- ### [[Russian APT's]] - **APT28 (Fancy Bear, Sofacy)** – GRU-linked, targets NATO, elections. - **APT29 (Cozy Bear, The Dukes)** – FSB-linked, SolarWinds attack. - **Turla (Snake, Venomous Bear)** – FSB-linked, cyber espionage. - **Sandworm Team** – GRU-linked, responsible for NotPetya attacks. - **Berserk Bear (Energetic Bear, Crouching Yeti)** – FSB-linked, targets energy sectors. --- ### [[🇮🇷 Iran (Iranian APTs)]] - **APT33 (Elfin, Magnallium)** – Aerospace and energy sector attacks. - **APT34 (OilRig, Helix Kitten)** – Middle East cyber espionage. - **APT35 (Charming Kitten, Phosphorus)** – Political and media targets. - **APT39 (Rana Intelligence Group)** – Focuses on surveillance. --- ### [[North Korean Hacker groups]]🇰🇵 North Korea (North Korean APTs) - **APT37 (Reaper, ScarCruft)** – Espionage and industrial sabotage. - **APT38 (Lazarus Group, Hidden Cobra)** – Bank heists, cryptocurrency theft. - **Bluenoroff** – Financially motivated cybercrime. - **Andariel** – Cyber warfare and espionage. --- ### 🇺🇸 United States & Five Eyes** While the U.S. and its allies conduct cyber operations, they are less commonly classified as APTs due to secrecy. Notable groups include: - **Equation Group** (NSA-linked, highly sophisticated) - **TAO (Tailored Access Operations)** – U.S. Cyber Command/NSA. - **Five Eyes Intelligence (U.S., UK, Canada, Australia, NZ)** – Cyber espionage capabilities. --- ### [[🇻🇳 Vietnam]] - **OceanLotus (APT32)** – Espionage, targets journalists and businesses. - **APT-C-36 (Vietnamese Hackers)** – Regional cyber threats. --- ### [[🇮🇳 India]] - **SideWinder (APT-C-17)** – Focuses on Pakistan, China. --- ### [[🇵🇰 Pakistan]] - **Transparent Tribe (APT36)** – Targets India, defense, and government. --- ### [[🇹🇷 Turkey]] - **Sea Turtle** – DNS hijacking campaigns. ---