Monthly Threat Actor Group Intelligence Report, May 2025
Contents
Monthly Threat Actor Group Intelligence Report, May 2025
This is a summary of the activities of hacking groups (Threat Actor Groups) analyzed based on data and information collected by the NSHC Threat Research Lab from April 21, 2025, to May 20, 2025.
In May of this year, activities of a total of 74 hacking groups were identified, with unidentified groups making up the largest portion at 60%, followed by the activities of SectorJ and SectorA groups.
The hacking activities of hacking groups discovered this May primarily targeted individuals or systems in the manufacturing and financial sectors, with the most attacks carried out against countries located in North America and Europe.
In May 2025, APT and cybercrime groups conducted sophisticated infiltration operations targeting various industries and regions. They employed complex methods such as phishing, vulnerability exploitation, supply chain infiltration, information theft, and ransomware distribution. Advanced detection evasion techniques and the exploitation of open-source infrastructure were …
This is a summary of the activities of hacking groups (Threat Actor Groups) analyzed based on data and information collected by the NSHC Threat Research Lab from April 21, 2025, to May 20, 2025.
In May of this year, activities of a total of 74 hacking groups were identified, with unidentified groups making up the largest portion at 60%, followed by the activities of SectorJ and SectorA groups.
The hacking activities of hacking groups discovered this May primarily targeted individuals or systems in the manufacturing and financial sectors, with the most attacks carried out against countries located in North America and Europe.
In May 2025, APT and cybercrime groups conducted sophisticated infiltration operations targeting various industries and regions. They employed complex methods such as phishing, vulnerability exploitation, supply chain infiltration, information theft, and ransomware distribution. Advanced detection evasion techniques and the exploitation of open-source infrastructure were …