Knockout Spider


KNOCKOUT SPIDER is a targeted eCrime adversary that has conducted multi-year operations exhibiting consistent tactics, techniques, and procedures (TTPs), but also the ability to develop and integrate new tools and tactics over time. This adversary’s most recent activity has used custom malware tools such as EVILNK and EVILDR to target entities in the financial, retail, and entertainment sectors. P...

Community Identifiers



  • 6Wu8JqTXVE0pfy2


  • RDq0eHGK

Contact our team about
IOCs for this adversary


During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.