SPIDER

Scattered Spider Getting SaaS-y in the Cloud

Oct 2, 2023 by iHash Leave a Comment

LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as initial access into an environment with the goal of stealing Intellectual Property (IP) for extortion. LUCR-3 targets Fortune 2000 companies across various sectors, including but not limited to Software, … [Read more...] about Scattered Spider Getting SaaS-y in the Cloud

Researchers Expose Inner Workings of Billion-Dollar Wizard Spider Cybercrime Gang

May 18, 2022 by iHash Leave a Comment

The inner workings of a cybercriminal group known as the Wizard Spider have been exposed, shedding light on its organizational structure and motivations. "Most of Wizard Spider's efforts go into hacking European and U.S. businesses, with a special cracking tool used by some of their attackers to breach high-value targets," Swiss cybersecurity company PRODAFT said in a new … [Read more...] about Researchers Expose Inner Workings of Billion-Dollar Wizard Spider Cybercrime Gang

2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition

Apr 4, 2022 by iHash Leave a Comment

Threat actor groups like Wizard Spider and Sandworm have been wreaking havoc over the past few years – developing and deploying cybercrime tools like Conti, Trickbot, and Ryuk ransomware. Most recently, Sandworm (suspected to be a Russian cyber-military unit) unleashed cyberattacks against Ukranian infrastructure targets. To ensure cybersecurity providers are battle ready, … [Read more...] about 2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition

OverWatch Uncovers Ongoing NIGHT SPIDER Zloader Campaign

Mar 27, 2022 by iHash Leave a Comment

Over recent months, the CrowdStrike Falcon OverWatch™ team has tracked an ongoing, widespread intrusion campaign leveraging bundled .msi installers to trick victims into downloading malicious payloads alongside legitimate software. These payloads and scripts were used to perform reconnaissance and ultimately download and execute NIGHT SPIDER’s Zloader trojan, as detailed in … [Read more...] about OverWatch Uncovers Ongoing NIGHT SPIDER Zloader Campaign

PROPHET SPIDER Exploits Citrix ShareFile

Mar 8, 2022 by iHash Leave a Comment

At the start of 2022, CrowdStrike Intelligence and CrowdStrike Services investigated an incident in which PROPHET SPIDER exploited CVE-2021-22941 — a remote code execution (RCE) vulnerability impacting Citrix ShareFile Storage Zones Controller — to compromise a Microsoft Internet Information Services (IIS) web server. The adversary exploited the vulnerability to deploy a … [Read more...] about PROPHET SPIDER Exploits Citrix ShareFile

New Evidence Proves Ongoing WIZARD/LUNAR SPIDER Collaboration

Jul 22, 2019 by iHash Leave a Comment

On March 17, 2019, CrowdStrike® Intelligence observed the use of a new BokBot (developed and operated by LUNAR SPIDER) proxy module in conjunction with TrickBot (developed and operated by WIZARD SPIDER), which may provide WIZARD SPIDER with additional tools to steal sensitive information and conduct fraudulent wire transfers. This activity also provides further evidence to … [Read more...] about New Evidence Proves Ongoing WIZARD/LUNAR SPIDER Collaboration

Smart GPS Tracker for $21

The 2023 Leadership Essentials Master Class Bundle for $29

WisperSEO: Lifetime Subscription for $49

The 2023 Complete Linux E-Degree Training Bundle for $29

The Essential 2024 MBA Bundle for $39

Researchers Expose Inner Workings of Billion-Dollar Wizard Spider Cybercrime Gang

2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition

OverWatch Uncovers Ongoing NIGHT SPIDER Zloader Campaign

PROPHET SPIDER Exploits Citrix ShareFile

New Evidence Proves Ongoing WIZARD/LUNAR SPIDER Collaboration