Lunar Spider

Russian Federation

Details

LUNAR SPIDER is a criminal group behind the core development of the commodity banking malware called BokBot (a.k.a. IcedID), which was first observed in April 2017. This adversary develops the BokBot malware in order to provide customers with a high-level of capabilities to enable credential theft, wire fraud (through the use of webinjects targeting online banking URLs) and malware distribution. A...

Community Identifiers

Fry9AGL537qxTKN

Objective

  • BopSDdN4k1ctEIV

Motivation

  • kJr2OpD6

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Resources

2023 Global Threat Report

“Sin”-ful SPIDERS: WIZARD SPIDER and LUNAR SPIDER Sharing the Same Web

Wizard Spider Graphic

New Evidence Proves Ongoing WIZARD SPIDER / LUNAR SPIDER Collaboration

Unlock the adversary universe