Graceful Spider

Russian Federation


Adversary Overview GRACEFUL SPIDER is a financially-motivated eCrime group that uses the CIop ransomware (spelled with an uppercase 'i'), which is a variant of the Clop ransomware (spelled with a lowercase 'l'). The adversary has published victim data from ransom campaigns to the "Clop Leaks" site.   In addition to the combination of CIop ransomware and data-theft, GR...

Community Identifiers



  • 53hB0VAgNJYtK2u


  • hZQobUT3

Contact our team about
IOCs for this adversary


During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.