TA505, the name given by Proofpoint, has been in the cybercrime business for at least four years. This is the group behind the infamous Dridex banking...

Threat Actor Profile

TA505

State-sponsored threat group originating from RU. Known to target Education, Finance, Health and 2 other sectors. Uses 52 known MITRE ATT&CK techniques.

52 TTPs Mapped 5 Industries Tracked Real-Time Alerts

Actor Overview

Origin Country
RU
Known Techniques
52 TTPs

Target Industries

EducationFinanceHealthRetailHospitality

Suspected Victims

AustraliaCanadaCzech RepublicGermanyHungaryIndiaJapanRomaniaSerbiaSingaporeSouth KoreaSpainThailandTurkeyUnited KingdomUnited States

MITRE ATT&CK Techniques

T1027.002T1027T1087T1087.003T1583T1583.001T1071T1071.001T1059T1059.001T1059.003T1059.005T1059.007T1555T1555.003 +37 more

Related Threat Reports

Premium
APT Campaign Analysis - Q4 2025Dec 2025
New Tactics Observed in WildDec 2025
Infrastructure Mapping ReportDec 2025
Stay Updated

Get alerts when new intel on TA505 is published.

Actor Details

Primary Name
TA505
Known Aliases
SectorJ04, SectorJ04 Group, GRACEFUL SPIDER, GOLD TAHOE, Dudear, G0092, ATK103, Hive0065, CHIMBORAZO, Spandex Tempest
Data Source
Precursor Intelligence
Need API Access?

Integrate threat actor data into your SIEM or SOAR.

View Plans →