Lunar Spider

Russian Federation


LUNAR SPIDER is a criminal group behind the core development of the commodity banking malware called BokBot (a.k.a. IcedID), which was first observed in April 2017. This adversary develops the BokBot malware in order to provide customers with a high-level of capabilities to enable credential theft, wire fraud (through the use of webinjects targeting online banking URLs) and malware distribution. A...

Community Identifiers



  • FL24wtdRalc9PQA


  • dnmyCq5b

Contact our team about
IOCs for this adversary


During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.