Apothecary Spider


APOTHECARY SPIDER—active since at least March 2021—develops and rents EugenLoader, an initial infection chain loader that has been delivered via malvertising campaigns and through SMOKY SPIDER’s SmokeBot downloader. APOTHECARY SPIDER currently advertises and provides updates about the malware on multiple underground criminal forums. The adversary communicates in Russian, indicating the adversary i...

Community Identifiers



  • lVqrSI7AGZy6gL4


  • JnmYaBe9

Contact our team about
IOCs for this adversary


During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.