APT / THREAT GROUP
Matanbuchus
2
aliases
Last seen:Mar 17, 2026
Intelligence Profile
According to PCrisk, Matanbuchus is a loader-type malicious program offered by its developers as Malware-as-a-Service (MaaS). This piece of software is designed to cause chain infections.
Since it is used as a MaaS, both the malware it infiltrates into systems, and the attack reasons can vary - depending on the cyber criminals operating it. Matanbuchus has been observed being used in attacks against US universities and high schools, as well as a Belgian high-tech organization.
Threat Analysis
Matanbuchus is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
Intelligence Reports Mentioning Matanbuchus
A New RAT and a Hands-on-Keyboard Intrusion
Huntress Blog· Feb 16, 2026
External References
Quick Facts
TypeAPT / Threat Group
Aliases2
Also Known As
win.matanbuchusMatanbuchus
External Intelligence
Malpedia: win.matanbuchusResearch Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.