Cyber Resilience

Threat actor · all actors

TA505G0092 unknown

aka TA505, Hive0065, Spandex Tempest, CHIMBORAZO

Last updated: 2026-07-03

1attributed CVEs
51ATT&CK techniques
3.2IDF score (tooling uniqueness)
0exclusive CVEs
2026years active

About this actor

[TA505](https://attack.mitre.org/groups/G0092) is a cyber criminal group that has been active since at least 2014. [TA505](https://attack.mitre.org/groups/G0092) is known for frequently changing malware, driving global trends in criminal malware distribution, and ransomware campaigns involving [Clop](https://attack.mitre.org/software/S0611).(Citation: Proofpoint TA505 Sep 2017)(Citation: Proofpoint TA505 June 2018)(Citation: Proofpoint TA505 Jan 2019)(Citation: NCC Group TA505)(Citation: Korean FSI TA505 2020)

Source: MITRE ATT&CK

Activity timeline

Profile

CVERiskCVSSEPSSPublishedProducts
CVE-2026-21236 5.57.80.00422026-02-10see CVE

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
SI-435 / 5169%
CM-630 / 5159%
SI-327 / 5153%
CM-226 / 5151%
CM-722 / 5143%
AC-621 / 5141%
CA-720 / 5139%
SC-718 / 5135%
AC-317 / 5133%
SI-217 / 5133%
SI-717 / 5133%
AC-216 / 5131%
AC-415 / 5129%
SI-1013 / 5125%
RA-512 / 5124%

Co-occurring actors

Similar actors

Similar TTPs

Overlapping CVEs