APT / THREAT GROUP
SAD
1
aliases
Intelligence Profile
ransomware
Threat Analysis
SAD is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
Intelligence Reports Mentioning SAD
Continuing Scans for swagger.json, (Wed, Jun 3rd)
SANS ISC· Jun 3, 2026
Trump’s cyber ambassador nominee advances to full Senate vote
The Record· Apr 30, 2026
This old-school scam is still working
Malwarebytes Labs· Apr 17, 2026
A Little Bit Pivoting: What Web Shells are Attackers Looking for?, (Tue, Apr 7th)
SANS ISC· Apr 7, 2026
US seizes domains and infrastructure used in sprawling botnet campaigns
The Record· Mar 20, 2026
International joint action disrupts world’s largest DDoS botnets
BleepingComputer· Mar 20, 2026
Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation
SecurityWeek· Mar 20, 2026
DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
The Hacker News· Mar 20, 2026
Quick Facts
TypeAPT / Threat Group
Aliases1
Also Known As
SAD
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.