Recess Spider


CrowdStrike Intelligence first observed RECESS SPIDER in June 2022. The adversary has continuously evolved their Tactics, Techniques, and Procedures (TTPs) since their discovery. While RECESS SPIDER initially exploited vulnerable WordPress instances to achieve initial access, the actor eventually moved on to a new exploit method: Outlook Web Application Server-Side Request Forgery (OWASSRF). This ...

Community Identifiers



  • fxAZrY02nsOXI7h


  • H7xD5OQG

Contact our team about
IOCs for this adversary


During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.