admin@338 is a China-based cyber threat group that has previously used newsworthy events as lures to deliver malware and has primarily targeted organizations involved in financial, economic, and trade policy.

Agrius is an Iranian threat actor active since 2020 notable for a series of ransomware and wiper operations in the Middle East, with an emphasis on Israeli targets.

Ajax Security Team is a group that has been active since at least 2010 and believed to be operating out of Iran.

Akira is a ransomware variant and ransomware deployment entity active since at least March 2023.

Akira Team is a ransomware group that has been active since at least March 2023, targeting organizations across various sectors.

ALLANITE is a suspected Russian cyber espionage group that has primarily targeted the electric utility sector within the United States and United Kingdom.

Andariel is a North Korean state-sponsored threat group that has been active since at least 2009, focusing on South Korean government agencies and military organizations.

Aoqin Dragon is a suspected Chinese cyber espionage threat group that has been active since at least 2013, targeting government, education, and telecommunication organizations.

AppleJeus is a North Korean state-sponsored threat group primarily targeting the cryptocurrency industry.

APT-C-23 is a threat group that has been active since at least 2014, primarily focused on the Middle East.

APT-C-36 is a suspected South America espionage group that has been active since at least 2018.

APT1 is a Chinese threat group attributed to the 2nd Bureau of the People's Liberation Army (PLA) General Staff Department's 3rd Department, Unit 61398.