diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 32c1f57..c1f8780 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -16272,6 +16272,17 @@
       },
       "uuid": "06a615dc-fa13-4d6a-ac8b-3d2a8c9501c4",
       "value": "BlueHornet"
+    },
+    {
+      "description": "Hellhounds is an APT group targeting organizations in Russia, using a modified version of Pupy RAT called Decoy Dog. They gain initial access through vulnerable web services and trusted relationships, with a focus on the public sector and IT companies. The group has been active since at least 2019, maintaining covert presence inside compromised organizations by modifying open-source projects to evade detection. Hellhounds have successfully targeted at least 48 victims, including a telecom operator where they disrupted services.",
+      "meta": {
+        "refs": [
+          "https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/hellhounds-operation-lahat-part-2/",
+          "https://ics-cert.kaspersky.com/publications/reports/2024/04/02/apt-and-financial-attacks-on-industrial-organizations-in-h2-2023/"
+        ]
+      },
+      "uuid": "46ef6903-deac-415a-afaf-97e3ce067d7e",
+      "value": "HellHounds"
     }
   ],
   "version": 312