APT28
Russia
APT28 is a threat group that has been attributed to Russia's General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit 26165
APT29
Russia
APT29 is threat group that has been attributed to Russia's Foreign Intelligence Service (SVR).
Volt Typhoon
China
Volt Typhoon is a People's Republic of China (PRC) state-sponsored actor that has been active since at least 2021.
Lazurus
DPRK
Lazarus Group is a North Korean state-sponsored cyber threat group that has been attributed to the Reconnaissance General Bureau
APT38
DPRK
APT38 is a North Korean state-sponsored threat group that specializes in financial cyber operations; it has been attributed to the Reconnaissance General Bureau.
APT37
DPRK
APT37 is a North Korean state-sponsored cyber espionage group that has been active since at least 2012. The group has targeted victims primarily in South Korea, but also in Japan, Vietnam, Russia, Nepal, China, India, Romania, Kuwait, and other parts of the Middle East.
APT39
Iran
APT39 is one of several names for cyber espionage activity conducted by the Iranian Ministry of Intelligence and Security (MOIS) through the front company Rana Intelligence Computing since at least 2014.
APT41
China
APT41 is a threat group that researchers have assessed as Chinese state-sponsored espionage group that also conducts financially-motivated operations. Active since at least 2012, APT41 has been observed targeting healthcare, telecom, technology, and video game industries in 14 countries.
APT33
Iran
APT33 is a suspected Iranian threat group that has carried out operations since at least 2013.