> Cuba Ransomware
PRIMARY ROLE: Ransomware as a Service (RaaS) Operator
MOTIVATION: Financial
TARGETS: US Critical Infrastructure, Financial, Government
Click to View Full TTPs...
> Reptile (Developer)
PRIMARY ROLE: Custom Malware Developer (Linux/Solaris Focus)
MOTIVATION: Espionage/Persistence
TARGETS: Linux Servers, Defense Industrial Base, Telecommunications (Linux)
Click to View Full TTPs...
> Rhynda
PRIMARY ROLE: Initial Access Broker (IAB) and Credential Seller
MOTIVATION: Financial
TARGETS: SMBs, Enterprises with weak remote access security
Click to View Full TTPs...
> APT29 (Cozy Bear)
PRIMARY ROLE: Nation-State Actor (Russia) / Espionage
MOTIVATION: Espionage
TARGETS: Government, Think Tanks, IT Service Providers (Supply Chain)
Click to View Full TTPs...
> Black Basta
PRIMARY ROLE: Ransomware as a Service (RaaS) Operator (Conti Offshoot)
MOTIVATION: Financial (Triple Extortion)
TARGETS: Healthcare, Manufacturing, US, Europe
Click to View Full TTPs...
> UNC2452
PRIMARY ROLE: Supply Chain Attack Specialist / Developer
MOTIVATION: Espionage
TARGETS: US Government, IT Service Providers, Think Tanks
Click to View Full TTPs...