Andariel — Threat Actor Profile, Campaigns & Targets

Threat entity extracted from intelligence sources

Frequency
13
occurrences
First Seen
October 24, 2025
Last Seen
June 8, 2026

Andariel is a apt_group tracked across 9 threat clusters and 13 intelligence report mentions on ThreatCluster. First observed October 24, 2025; most recent activity June 8, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • T1203 · Exploitation for Client Execution — attack.mitre.org · June 8, 2026
  • ESET Research APT Report: China-aligned groups spy in Venezuela and the Gulf, target AI ... — Markets.Businessinsider · May 28, 2026
  • ESET APT Activity Report Q4 2025–Q1 2026 — Welivesecurity · May 28, 2026
  • North Korea's Modular Malware Strategy Hides Attribution, Defies Takedowns — Gbhackers · April 6, 2026
  • Suspected Nork intruders infecting US healthcare, education — Theregister · February 28, 2026
  • Suspected Nork digital intruders caught breaking into US healthcare, education orgs — Theregister · February 27, 2026
  • Hacked in 30 minutes, Claude distillation, DeFi shutdown after attack — Linkedin · February 25, 2026
  • North Korea's Lazarus Group targets healthcare orgs with Medusa ransomware — Theregister · February 24, 2026

CVSS v3.1 Breakdown