APT / THREAT GROUP
Nexus
2
aliases
Last seen:Mar 17, 2026
Intelligence Profile
Malware family tracked by Malpedia. ID: apk.nexus
Threat Analysis
Nexus is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
Intelligence Reports Mentioning Nexus
Iran-Nexus TAG-182 Disseminates MarkiRAT Surveillance Tool
Recorded Future Blog· Jun 30, 2026
Public and Private Medical Community Targeted by China-Nexus Threat Actor Pursuing Artificial Intelligence, Cyber, Medical, and National Defense Research
Mandiant Blog· Jun 15, 2026
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
The Hacker News· Jun 12, 2026
China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance
The Hacker News· Jun 10, 2026
VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances
The Hacker News· Jun 8, 2026
Fast and Furious – Nimbus Manticore Operations During the Iranian Conflict
Check Point Research· May 22, 2026
China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
The Hacker News· May 5, 2026
UAT-8302 and its box full of malware
Cisco Talos Blog· May 5, 2026
External References
Quick Facts
TypeAPT / Threat Group
Aliases2
Also Known As
Nexusapk.nexus
External Intelligence
Malpedia: apk.nexusResearch Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.