CrowdStrike Intelligence first observed RECESS SPIDER in June 2022. The adversary has continuously evolved their Tactics, Techniques, and Procedures (TTPs) since their discovery. While RECESS SPIDER initially exploited vulnerable WordPress instances to achieve initial access, the actor eventually moved on to a new exploit method: Outlook Web Application Server-Side Request Forgery (OWASSRF). This ...
Contact our team about
IOCs for this adversary