Knockout Spider


KNOCKOUT SPIDER is a targeted eCrime adversary that historically conducted multi-year operations exhibiting consistent tactics, techniques, and procedures (TTPs), but also the ability to develop and integrate new tools and tactics over time. The adversary has used custom malware tools such as EVILNK, EVILDR, and EVILPY to target entities in the financial, retail, and entertainment sectors.  Public...

Community Identifiers



  • GJmvuIVqirA5ZQX


  • OSRqrtWI

Contact our team about
IOCs for this adversary


During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.