APT / THREAT GROUP
Done
1
aliases
Intelligence Profile
Ransomware
Threat Analysis
Done is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
Intelligence Reports Mentioning Done
New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks
The Hacker News· Jun 26, 2026
Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries
The Hacker News· Jun 22, 2026
⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
The Hacker News· Jun 15, 2026
Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About
The Hacker News· Apr 28, 2026
The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface
SecurityWeek· Apr 23, 2026
FBI takedown of W3LL phishing service leads to developer arrest
BleepingComputer· Apr 13, 2026
FBI, Indonesia take down W3LL phishing tool
The Record· Apr 13, 2026
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
The Hacker News· Apr 13, 2026
Quick Facts
TypeAPT / Threat Group
Aliases1
Also Known As
Done
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.