CrowdStrike named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. Download report

Apothecary Spider

Discover the adversaries targeting your industry

Back to Adversary Universe
spideralt

APOTHECARY SPIDER—active since at least March 2021—develops and rents EugenLoader, an initial infection chain loader that has been delivered via malvertising campaigns and through SMOKY SPIDER’s SmokeBot downloader. In June 2025, the adversary announced they privatized the EugenLoader project and were not accepting new customers. APOTHECARY SPIDER currently advertises and provides updates about th...

  • Apothecary Spider

  • eCrime

Community Identifiers

Payk_34, Storm-1113, Ghost_Pulse, eugenfest

Objective

Financial Gain

Motivation

Criminal

Contact sales

Thank you for your request!

A member of our team will be in touch shortly

Contact our team about IOCs for this adversary

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.
Contact us
Adversaries Map

Who's targeting your industry?

Today's adversaries are faster, smarter, and better resourced. Know who they are and how to stop them.

View adversaries
Threat Hunting report spread

CrowdStrike 2025 Threat Hunting Report


Adversaries weaponize and target AI at scale.
Learn more