Skip to content

STATS.md

Latest commit

 

History

History
126 lines (107 loc) · 3.05 KB

STATS.md

File metadata and controls

126 lines (107 loc) · 3.05 KB

OAK — Stats Snapshot

Auto-generated by tools/build_stats.py at 2026-05-15 19:13 UTC.

Catalogue

  • 17 Tactics · 136 Techniques · 18 Threat Actors · 40 Mitigations · 40 Software · 12 Data Sources
  • 624 Worked Examples · 1486 bibtex entries

Examples by Tactic

Tactic Count
T1 (Token Genesis) 41
T2 (Liquidity Establishment) 32
T3 (Holder Capture) 36
T4 (Access Acquisition) 71
T5 (Value Extraction) 111
T6 (Defense Evasion) 50
T7 (Laundering) 147
T8 (Operator Continuity / Attribution Signals) 81
T9 (Smart-Contract Exploit) 190
T10 (Bridge / Cross-Chain) 45
T11 (Custody / Signing) 131
T12 (NFT-Specific) 33
T13 (Account Abstraction) 20
T14 (Validator / Staking) 39

Examples by Year

Year Count
2010 4
2011 7
2012 5
2013 10
2014 8
2015 6
2016 5
2017 10
2018 13
2019 10
2020 30
2021 46
2022 99
2023 106
2024 152
2025 77
2026 36

Examples by Year-Month (recent dense window)

Year-Month Count
2024-06 17
2024-07 10
2024-08 11
2024-09 12
2024-10 6
2024-11 2
2024-12 6
2025-01 13
2025-02 7
2025-03 8
2025-04 9
2025-05 3
2025-06 3
2025-07 6
2025-08 3
2025-09 6
2025-10 4
2025-11 3
2025-12 4
2026-01 4
2026-02 1
2026-03 5
2026-04 11
2026-05 5

Attribution-strength Distribution

Strength Count
pseudonymous 278 (44.6%)
unattributed 140 (22.4%)
confirmed 136 (21.8%)
inferred-strong 68 (10.9%)
inferred-weak 2 (0.3%)

Threat Actors

  • 18 of 18 actors have at least one attributed example
Actor Examples
OAK-G01 (lazarus) 112
OAK-G02 (drainer-services) 11
OAK-G03 (russian-laundering-infrastructure) 6
OAK-G10 (alphv-blackcat) 5
OAK-G05 (lockbit) 4
OAK-G04 (dprk-it-worker-scheme) 3
OAK-G14 (clop-cl0p) 2
OAK-G12 (scattered-spider) 2
OAK-G15 (ransomhub) 2
OAK-G07 (apt43-kimsuky) 1
OAK-G13 (iranian-crypto-operators) 1
OAK-G06 (evil-corp) 1
OAK-G08 (bluenoroff) 1
OAK-G09 (andariel) 1
OAK-G17 (blackbyte) 1
OAK-G18 (karakurt) 1
OAK-G11 (black-basta) 1
OAK-G16 (akira) 1

Coverage Gaps

  • Actors with empty ## Observed Examples anchor: 0 of 18
  • Techniques with empty ## Real-world examples anchor: 0 of 136

Open TAXONOMY-GAPS Proposals

40 candidate sub-Technique IDs referenced in TAXONOMY-GAPS.md.

T1.006 T1.007 T11.002 T11.004 T11.005 T11.005.001 T11.005.002 T11.005.003 T11.006 T11.006.001 T11.006.002 T11.007 T11.007.001 T11.007.002 T11.007.003 T11.008 T11.009 T13.002 T13.003 T13.004 T14.001 T14.003 T14.003.001 T3.004 T4.001 T4.002 T4.007 T4.008 T5.007 T6.002 T6.005 T6.006 T6.007 T9.001 T9.006 T9.006.001 T9.006.002 T9.006.003 T9.006.004 T9.006.005