HOMETHREATSDarkHydrus
APT / THREAT GROUP

DarkHydrus

4
aliases
Last seen:Mar 17, 2026

Intelligence Profile

[DarkHydrus](https://attack.mitre.org/groups/G0079) is a threat group that has targeted government agencies and educational institutions in the Middle East since at least 2016. The group heavily leverages open-source tools and custom payloads for carrying out attacks. (Citation: Unit 42 DarkHydrus July 2018) (Citation: Unit 42 Playbook Dec 2017)

Threat Analysis

DarkHydrus is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

External References

Quick Facts

TypeAPT / Threat Group
Aliases4
SourceMalpedia

Also Known As

Obscure SerpensDarkHydrusLazyMeerkatG0079

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.
DarkHydrus — APT / Threat Group | Threat Intelligence | CTIWATCH.COM