Lily Spider

Details

LILY SPIDER likely operates as a private access broker for other adversaries, most commonly Ransomware-as-a-Service (RaaS) operators. LILY SPIDER registers domains that mimic real companies and uses them as part of social-engineering campaigns against victims. LILY SPIDER poses as a potential customer to entice victims into opening malicious files sent from file-sharing services such ...

Community Identifiers

kxi7H4Lo2N9wRbX

Objective

  • fT9L0rokWOZnCRI

Motivation

  • 7PHTWux6

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo