Hacking has come a long way from the days of maladjusted teenagers wreaking digital havoc from their basements. As Fortune explains in the cover story of our Jul. 1 issue, today the biggest and baddest hacker groups are backed by nation-states. They’re called “advanced persistent threats” or APTs, in the cyber jargon, a phrase meant to convey their supreme and underlying quality: ferocity. Below are a few of the most notorious—and feared—state-affiliated hacking groups around. (Links to specific hacks below are based on leading theories put forward by top computer forensic firms.)

Fancy Bear (a.k.a. Sofacy, Pawn Storm) / Cozy Bear (a.k.a. CozyDuke, Office Monkeys)

Rival agencies in the Russian spy services, the two “Bears” were thrust into the spotlight during last year’s U.S. presidential election for their roles in allegedly breaching the Democratic National Committee’s system. Fancy Bear, which comes out of the GRU, Russia’s military intelligence agency, has been meddling in European elections since then. Cozy Bear, which represents the FSB, Russia’s successor to the Soviet-era KGB, has hit U.S. think tanks.

Lazarus Group (a.k.a. DarkSeoul, Guardians of Peace)

Widely believed to be associated with North Korea, this gang refuses to die. Lazarus got its start by pummeling American and South ¬Korean websites with denial-of-¬service attacks in 2009. Five years later, it perpetrated a massive hack of Sony Pictures Entertainment. In 2016, Lazarus stole $81 million in a heist targeting Bangladesh’s central bank and the SWIFT financial network. And it has been linked to the ¬WannaCry ransomware worm that ground businesses around the globe to a halt in May.

Equation Group

This is the nickname given by Russian antivirus firm Kaspersky to a team believed to be associated with the U.S. National Security Agency—specifically the NSA’s Tailored Access Operations unit, or TAO. They’re the good guys, right? Not in everyone’s eyes. Many experts believe the Equation Group successfully attacked Iran’s nuclear program in the mid-aughts. But recently a selection of the squad’s hacking tools were stolen and leaked by the Shadow Brokers, another mysterious hacker group (believed to be Russia-affiliated), and are now being used to cause mayhem.

Sandworm (a.k.a. Electrum)

Named for allusions to the sci-fi classic Dune found in its code, Sandworm is another group believed to be associated with the Russians. The crew has hacked people affiliated with NATO and the Ukrainian government, presumably to gather intelligence. Sandworm is also known for breaking into companies that deal with critical infrastructure. Last year the group shut down a power grid in Ukraine.

早期的黑客攻击多是顽皮少年躲在自家地下室，用电脑上网恶作剧，早已今非昔比，现在最大也最恶劣的黑客组织背后可能有国家支持。黑客组织在网络黑话中被称为“高级持续威胁”，简称APT，从名字就能看出其最大也最根本的特点：凶猛。以下列出了几个名声最差，同时也最可怕的政府支持黑客集团。（对一些特定黑客推断的根据为顶尖计算机证据收集公司。）

奇幻熊（又名Sofacy， Pawn Storm）/安逸熊（又名CozyDuke、办公猴子）

这两只“熊”都来自俄罗斯，因去年美国大选期间号称突破了民主党全国委员会的电脑系统为人关注。奇幻熊源自俄罗斯军方情报机构格鲁乌，自成立起就开始干涉欧洲的大选。安逸熊则代表俄罗斯联邦安全局，也即前苏联时代的克格勃，主要攻击目标是美国的智库。

Lazarus Group（又名黑暗首尔、和平卫士）

Lazarus Group团伙作战顽强，一般认为是朝鲜的黑客组织。2009年Lazarus初露面就对美国和韩国的网站发动了拒绝服务攻击。五年后，Lazarus对索尼影业发动了大规模攻击，2016年又从孟加拉国中央银行和环球同业银行金融电讯协会盗得8100万美元。此外今年5月肆虐全球的¬WannaCry勒索病毒据称也与之有关。

方程式组织

俄罗斯杀毒软件公司卡巴斯基有次发现一个黑客团伙，起了这个名字。据称该团伙与美国国家安全局有关，尤其是获取特定情报行动办公室，简称TAO。这些不是好人，是吧？倒也不是每个人都这么想。很多专家相信方程式组织曾成功破解伊朗的核项目。最近该组织不少黑客工具被另一个神秘的黑客集团Shadow Brokers（据称跟俄罗斯有关系）盗取，还在网上公布，引发了不小的骚乱。

Sandworm（又名Electrum）

Sandworm因代码中提到经典科幻小说《沙丘》而得名，人们相信该组织也与俄罗斯有关。Sandworm曾攻击与北约和乌克兰政府相关人士，很可能是为了收集情报。此外Sandworm还喜欢攻击与关键基础设施相关的公司。去年这帮黑客关闭了乌克兰的电网。（财富中文网）

译者：Charlie

审稿：夏林