SYMBOLCOMMON_NAMEaka. SYNONYMS

TRAVELING SPIDER  (Back to overview)


Crowdstrike Tracks the criminal developer of Nemty ransomware as TRAVELING SPIDER. The actor has been observed to take advantage of single-factor authentication to gain access to victim organizations through Citrix Gateway and send extortion-related emails using the victim’s own Microsoft Office 365 instance.


Associated Families

There are currently no families associated with this actor.


References
2021-04-27CrowdStrikeEben Kaplan, Josh Dalman, Kamil Janton
Ransomware Preparedness: A Call to Action
Dharma GlobeImposter Maze Phobos CIRCUS SPIDER TRAVELING SPIDER
2020-06-24CyberScoopShannon Vavra
Hackers are still running coronavirus-related campaigns, CrowdStrike warns
TRAVELING SPIDER
2020-01-01CrowdStrikeCrowdStrike
Cyber Front Lines Report
OUTLAW SPIDER TRAVELING SPIDER

Credits: MISP Project