Viking Spider

Eastern Europe


VIKING SPIDER is the criminal group behind the development and distribution of the Ragnar Locker ransomware. Ragnar Locker was first identified in December 2019, and has been deployed in operations involving big game hunting (BGH) tactics, techniques and procedures (TTPs). There is no indication the ransomware is currently available as a service (RaaS). The exact method used to secure initial acce...

Community Identifiers



  • DrWJc6Gtpm0KZUQ


  • WpjcKvqE

Contact our team about
IOCs for this adversary


During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.