SOLAR SPIDER  (Back to overview)

SOLAR SPIDER’s phishing campaigns deliver the JSOutProx RAT to financial institutions across Africa, the Middle East, South Asia and Southeast Asia.

---

Associated Families

---

References

2022-04-01 ⋅ Quick Heal ⋅ Quick Heal @techreport{heal:20220401:multistaged:ca03aba, author = {Quick Heal}, title = {{Multi-Staged JSOutProx RAT Target Indian Co-Operative Banks and Finance Companies}}, date = {2022-04-01}, institution = {Quick Heal}, url = {https://www.seqrite.com/documents/en/white-papers/whitepaper-multi-staged-jsoutprox-rat-target-indian-co-operative-banks-and-finance-companies.pdf}, language = {English}, urldate = {2022-04-05} } Multi-Staged JSOutProx RAT Target Indian Co-Operative Banks and Finance Companies JSOutProx

2021-10-21 ⋅ Quick Heal ⋅ Sameer Patil @online{patil:20211021:multistaged:7dcd0d7, author = {Sameer Patil}, title = {{Multi-Staged JSOutProx RAT Targets Indian Co-operative Banks and Finance Companies}}, date = {2021-10-21}, organization = {Quick Heal}, url = {https://blogs.quickheal.com/multi-staged-jsoutprox-rat-targets-indian-cooperative-banks-and-finance-companies/}, language = {English}, urldate = {2021-11-02} } Multi-Staged JSOutProx RAT Targets Indian Co-operative Banks and Finance Companies JSOutProx

2021-08-31 ⋅ Yoroi ⋅ Luigi Martire, Luca Mella, Yoroi @online{martire:20210831:financial:e78f0cc, author = {Luigi Martire and Luca Mella and Yoroi}, title = {{Financial Institutions in the Sight of New JsOutProx Attack Waves}}, date = {2021-08-31}, organization = {Yoroi}, url = {https://yoroi.company/research/financial-institutions-in-the-sight-of-new-jsoutprox-attack-waves/}, language = {English}, urldate = {2021-09-09} } Financial Institutions in the Sight of New JsOutProx Attack Waves JSOutProx

2021-02-23 ⋅ CrowdStrike ⋅ CrowdStrike @techreport{crowdstrike:20210223:2021:bf5bc4f, author = {CrowdStrike}, title = {{2021 Global Threat Report}}, date = {2021-02-23}, institution = {CrowdStrike}, url = {https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2021GTR.pdf}, language = {English}, urldate = {2021-02-25} } 2021 Global Threat Report RansomEXX Amadey Anchor Avaddon BazarBackdoor Clop Cobalt Strike Conti Cutwail DanaBot DarkSide DoppelPaymer Dridex Egregor Emotet Hakbit IcedID JSOutProx KerrDown LockBit Mailto Maze MedusaLocker Mespinoza Mount Locker NedDnLoader Nemty Pay2Key PlugX Pushdo PwndLocker PyXie QakBot Quasar RAT RagnarLocker Ragnarok RansomEXX REvil Ryuk Sekhmet ShadowPad SmokeLoader Snake SUNBURST SunCrypt TEARDROP TrickBot WastedLocker Winnti Zloader KNOCKOUT SPIDER OUTLAW SPIDER RIDDLE SPIDER SOLAR SPIDER VIKING SPIDER

2020-12-16 ⋅ Fortinet ⋅ Fred Gutierrez, Val Saengphaibul @online{gutierrez:20201216:adversary:3b3781a, author = {Fred Gutierrez and Val Saengphaibul}, title = {{Adversary Playbook: JavaScript RAT Looking for that Government Cheese}}, date = {2020-12-16}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/adversary-playbook-javascript-rat-looking-for-that-government-cheese}, language = {English}, urldate = {2021-01-18} } Adversary Playbook: JavaScript RAT Looking for that Government Cheese JSOutProx

2020-05-11 ⋅ Zscaler ⋅ Sudeep Singh @online{singh:20200511:targeted:cf94e5a, author = {Sudeep Singh}, title = {{Targeted Attacks on Indian Government and Financial Institutions Using the JsOutProx RAT}}, date = {2020-05-11}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/research/targeted-attacks-indian-government-and-financial-institutions-using-jsoutprox-rat}, language = {English}, urldate = {2020-05-23} } Targeted Attacks on Indian Government and Financial Institutions Using the JsOutProx RAT JSOutProx

2019-12-21 ⋅ Twitter (@zlab_team) ⋅ Z-Lab @online{zlab:20191221:possible:330f06e, author = {Z-Lab}, title = {{Tweet on Possible New Threatactor}}, date = {2019-12-21}, organization = {Twitter (@zlab_team)}, url = {https://twitter.com/zlab_team/status/1208022180241530882}, language = {English}, urldate = {2020-01-08} } Tweet on Possible New Threatactor JSOutProx

2019-12-20 ⋅ Yoroi ⋅ Antonio Farina, Luca Mella, Antonio Pirozzi @online{farina:20191220:unveiling:0abaa1d, author = {Antonio Farina and Luca Mella and Antonio Pirozzi}, title = {{Unveiling JsOutProx: A New Enterprise Grade Implant}}, date = {2019-12-20}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/unveiling-jsoutprox-a-new-enterprise-grade-implant/}, language = {English}, urldate = {2021-06-16} } Unveiling JsOutProx: A New Enterprise Grade Implant JSOutProx

---

Credits: MISP Project