![](https://www.crowdstrike.com/wp-content/uploads/2023/02/GEN-SPIDER_AU_500px-1.png)
Distant Spider
Details
DISTANT SPIDER—active since at least February 2022—is an eCrime actor who has exploited vulnerable ManageEngine and KACE servers. The adversary consistently deploys the legitimate Remote Management and Monitoring (RMM) tool ConnectWise Control to maintain persistent access. Despite maintaining an opportunistic target scope, DISTANT SPIDER searches environments for automated checking (ACH)- and ban...
Objective
- 7eaybTxhMlc6gt1
Motivation
- BIWZ82Q9
Contact our team about
IOCs for this adversary
?