Our website uses cookies to enhance your browsing experience.


CrowdStrike Intelligence Report: A Technical Analysis of the NetWalker Ransomware

Get an in-depth report of the operations behind CIRCUS SPIDER’s NetWalker ransomware attacks

An exclusive CrowdStrike® Intelligence Report offers a detailed analysis of the NetWalker ransomware that is being developed and operated by the criminal adversary designated as CIRCUS SPIDER. Initially discovered in September 2019 and having a compilation timestamp dating back to August 28, 2019, NetWalker has been found to be used in Big Game Hunting (BGH) operations while also being distributed via spam. 

The recent use of COVID-19 lures and targeting entities in the healthcare sector indicate that the operators of NetWalker are taking advantage of the global pandemic in order to gain notoriety and increase their customer base.

Download this report to learn:

  • The tactics and techniques CIRCUS SPIDER used to lure victims and launch the NetWalker ransomware
  • A deep analysis of how NetWalker moves through local systems and mapped network shares to spread to additional systems
  • How the ransom portal set up by CIRCUS SPIDER works and why NetWalker has proven to be such successful ransomware-as-a-service (RaaS)


  • OS icon
  • deployment icon
  • installation icon

For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Center.

Visit the Tech Center