HOMETHREATSBlue Tsunami
APT / THREAT GROUP

Blue Tsunami

🇮🇱Israel-attributed
1
campaigns
2
aliases
Last seen:Mar 17, 2026

Intelligence Profile

Blue Tsunami, also known as Black Cube, is a cyber mercenary group associated with the private intelligence firm Black Cube. They target individuals in various industries, including human rights, finance, and consulting. Blue Tsunami engages in social engineering and uses techniques such as honeypot profiles, fake jobs, and fake companies to gather human intelligence for their clients. LinkedIn and Microsoft recently took down numerous fake accounts and company pages linked to Blue Tsunami.

Threat Analysis

Blue Tsunami is a known-sophistication threat actor attributed to Israel, engaged in cyber operations with a primary motivation of unknown activity patterns.

Known Campaigns

Blue Tsunami — Active Operations March 2026

Blue Tsunami is a unknown-motivation threat actor attributed to IL. Blue Tsunami, also known as Black Cube, is a cyber mercenary group associated with the private intelligence firm Black Cube. They target individuals in various industries, including human rights, finance, and consulting. Blue Tsunami engages in social engineering and uses techniq...

ACTIVEMEDIUM2026

External References

Quick Facts

TypeAPT / Threat Group
Origin🇮🇱 Israel
Aliases2
SourceMalpedia

Also Known As

Blue TsunamiBlack Cube

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.