Smoky Spider

Russian Federation

Details

SMOKY SPIDER is the criminal actor behind the development of the criminal loader most commonly known as Smoke Bot (a.k.a. Smoke Loader and Dofoil). Smoke Bot has been available on underground forums since 2011, and has gone through various changes since. The loader is primarily used to download and execute modules sold by SMOKY SPIDER or third-party malware provided by the criminal operator. In ea...

Community Identifiers

DQgUpPfYJ1bSqAC

Objective

  • Ra7ec1qd4ibfUM6

Motivation

  • gX5ihSO8

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Resources

2023 Global Threat Report

laptop with ransomware attack message

Targeted Dharma Ransomware Intrusions Exhibit Consistent Techniques

Unlock the adversary universe