Vice Spider


VICE SPIDER is an eCrime adversary that has conducted ransomware operations since at least April 2021. The group began using the commodity Zeppelin ransomware and likely acquired the source code to the Linux version of FERAL SPIDER's DeathKitty in May 2021. In November 2022, a security vendor announced the availability of a decryption service for victims of Zeppelin ransomware. The adversary subse...

Community Identifiers



  • XmHtqKgJ82yR9ZM


  • DbkBY7p6

Contact our team about
IOCs for this adversary


During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.