Tunnel Spider

Details

TUNNEL SPIDER is a prolific Big Game Hunting adversary active since at least February 2022. Since that time, the adversary primarily used HIVE SPIDER’s Hive RaaS. After the Hive RaaS was disrupted by law enforcement in January 2023, TUNNEL SPIDER used BITWISE SPIDER’s LockBit RaaS, the Black Basta RaaS, and ROYAL SPIDER’s Royal RaaS, before adopting Cactus as their permanent ransomware payload. Ca...

Community Identifiers

qyFbhMJX3HrcvE9

Objective

  • ZQhKFmIuRw6Y2cB

Motivation

  • AgGNRLSk

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo