Threat Actor

A threat actor is any individual, group, state-sponsored organization, or automated system with the capability and intent to conduct malicious cyber operations targeting digital systems, networks, and data. Threat actors range from lone amateur hackers and organized cybercriminal syndicates to well-funded nation-state intelligence agencies and terrorist organizations. Their motivations vary widely, including financial gain through theft or extortion, espionage and intelligence gathering, activism and ideology, competitive advantage, or disruption. In the cryptocurrency and blockchain space, threat actors specifically target exchanges, wallets, smart contracts, and user credentials to steal digital assets, with techniques including phishing, malware, social engineering, and protocol exploits. Example: North Korean state-sponsored threat actors stole approximately $625 million from the Ronin bridge in March 2022, one of the largest crypto heists ever, using a combination of social engineering and supply chain compromise to gain network access. Why it matters for compliance: Understanding threat actor profiles, motivations, and tactics enables crypto platforms to implement appropriate security controls, threat detection systems, and incident response procedures to protect user assets and maintain regulatory compliance.

Category: compliance, regulatory frameworks

Explore the full Web3 Glossary — 2,062+ expert-curated definitions. Need guidance? Talk to our consultants.