DISTANT SPIDER—active since at least February 2022—is a probable eCrime actor who has exploited vulnerable ManageEngine and KACE servers. The adversary consistently deploys the legitimate Remote Management and Monitoring (RMM) tool ConnectWise Control to maintain persistent access. Despite maintaining an opportunistic target scope, DISTANT SPIDER searches environments for automated checking (ACH)-...
Contact our team about
IOCs for this adversary