| SYMBOL | COMMON_NAME | aka. SYNONYMS |
VENOM SPIDER is the developer of a large toolset that includes SKID, VenomKit and Taurus Loader. Under the moniker 'badbullzvenom', the adversary has been an active member of Russian underground forums since at least 2012, specializing in the identification of vulnerabilities and the subsequent development of tools for exploitation, as well as for gaining and maintaining access to victim machines and carding services. Recent advertisements for the malware indicate that VENOM SPIDER limits the sale and use of its tools, selling modules only to trusted affiliates. This preference can be seen in the fact that adversaries observed using the tools include the targeted criminal adversary COBALT SPIDER and BGH adversaries WIZARD SPIDER and PINCHY SPIDER.
| 2025-05-01
⋅
Recorded Future
⋅
TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered TerraStealer |
| 2024-06-10
⋅
The Hacker News
⋅
More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack More_eggs |
| 2023-12-12
⋅
Proofpoint
⋅
Security Brief: TA4557 Targets Recruiters Directly via Email More_eggs FIN6 |
| 2023-05-22
⋅
eSentire
⋅
The Hunt for VENOM SPIDER PART 2 VENOM SPIDER |
| 2023-04-20
⋅
Securonix
⋅
New OCX#HARVESTER Attack Campaign Leverages a Modernized More_eggs Suite to Target Victims More_eggs |
| 2023-03-10
⋅
Security0wnage
⋅
How Do You Like Dem Eggs? I like Mine Scrambled, Really Scrambled - A Look at Recent more_eggs Samples More_eggs |
| 2023-01-24
⋅
eSentire
⋅
Unmasking Venom Spider More_eggs TerraPreter TerraLoader VenomLNK |
| 2022-08-25
⋅
Expel
⋅
MORE_EGGS and Some LinkedIn Resumé Spearphishing More_eggs |
| 2022-04-21
⋅
eSentire
⋅
Hackers Spearphish Corporate Hiring Managers with Poisoned Resumes, Infecting Them with the More_Eggs Malware, Warns eSentire More_eggs TerraLoader VenomLNK |
| 2021-07-22
⋅
Minerva
⋅
Taurus Loader: User-Guided Infection TerraTV |
| 2021-04-05
⋅
eSentire
⋅
Hackers Spearphish Professionals on LinkedIn with Fake Job Offers, Infecting them with Malware, Warns eSentire More_eggs TerraPreter TerraLoader VenomLNK |
| 2020-09-03
⋅
Twitter (@Arkbird_SOLG)
⋅
Tweet on development in more_eggs More_eggs |
| 2020-07-20
⋅
Golden Chickens: Evolution Oof the MaaS More_eggs TerraLoader TerraStealer VenomLNK |
| 2020-07-10
⋅
Github (eset)
⋅
Evilnum — Indicators of Compromise EVILNUM More_eggs EVILNUM TerraStealer |
| 2020-07-09
⋅
ESET Research
⋅
More evil: A deep look at Evilnum and its toolset EVILNUM More_eggs EVILNUM TerraPreter TerraStealer TerraTV Evilnum |
| 2020-06-24
⋅
Twitter (@3xp0rtblog)
⋅
Tweet on new version of TaurusStealer (v1.4) TerraStealer |
| 2020-06-04
⋅
⋅
脚本系贼寇之风兴起,买卖体系堪比勒索软件 EVILNUM More_eggs |
| 2020-04-07
⋅
SecurityIntelligence
⋅
ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework More_eggs Anchor TrickBot |
| 2020-03-04
⋅
CrowdStrike
⋅
2020 CrowdStrike Global Threat Report MESSAGETAP More_eggs 8.t Dropper Anchor BabyShark BadNews Clop Cobalt Strike CobInt Cobra Carbon System Cutwail DanaBot Dharma DoppelDridex DoppelPaymer Dridex Emotet FlawedAmmyy FriedEx Gandcrab Get2 IcedID ISFB KerrDown LightNeuron LockerGoga Maze MECHANICAL Necurs Nokki Outlook Backdoor Phobos Predator The Thief QakBot REvil RobinHood Ryuk SDBbot Skipper SmokeLoader TerraRecon TerraStealer TerraTV TinyLoader TrickBot Vidar Winnti ANTHROPOID SPIDER APT23 APT31 APT39 APT40 BlackTech BuhTrap Charming Kitten CLOCKWORK SPIDER DOPPEL SPIDER FIN7 Gamaredon Group GOBLIN PANDA MONTY SPIDER MUSTANG PANDA NARWHAL SPIDER NOCTURNAL SPIDER PINCHY SPIDER SALTY SPIDER SCULLY SPIDER SMOKY SPIDER Thrip VENOM SPIDER VICEROY TIGER |
| 2020-02-13
⋅
Qianxin
⋅
APT Report 2019 Chrysaor Exodus Dacls VPNFilter DNSRat Griffon KopiLuwak More_eggs SQLRat AppleJeus BONDUPDATER Agent.BTZ Anchor AndroMut AppleJeus BOOSTWRITE Brambul Carbanak Cobalt Strike Dacls DistTrack DNSpionage Dtrack ELECTRICFISH FlawedAmmyy FlawedGrace Get2 Grateful POS HOPLIGHT Imminent Monitor RAT jason Joanap KerrDown KEYMARBLE Lambert LightNeuron LoJax MiniDuke PolyglotDuke PowerRatankba Rising Sun SDBbot ServHelper Snatch Stuxnet TinyMet tRat TrickBot Volgmer X-Agent Zebrocy |
| 2020-01-27
⋅
QuoScient
⋅
The Chicken Keeps Laying New Eggs: Uncovering New GC MaaS Tools Used By Top-tier Threat Actors TerraRecon TerraStealer TerraTV VenomLNK |
| 2020-01-01
⋅
Secureworks
⋅
GOLD KINGSWOOD More_eggs ATMSpitter Cobalt Strike CobInt MimiKatz Cobalt |
| 2020-01-01
⋅
Secureworks
⋅
GOLD KINGSWOOD More_eggs ATMSpitter Cobalt Strike CobInt MimiKatz |
| 2019-08-29
⋅
Security Intelligence
⋅
More_eggs, Anyone? Threat Actor ITG08 Strikes Again More_eggs FIN6 |
| 2019-06-04
⋅
Bitdefender
⋅
An APT Blueprint: Gaining New Visibility into Financial Threats More_eggs Cobalt Strike |
| 2019-02-21
⋅
Proofpoint
⋅
Fake Jobs: Campaigns Delivering More_eggs Backdoor via Fake Job Offers More_eggs FIN6 |
| 2018-10-17
⋅
MITRE ATT&CK
⋅
Software Description: More_eggs More_eggs |
| 2018-10-08
⋅
Morphisec
⋅
Cobalt Group 2.0 More_eggs |
| 2018-09-27
⋅
Secureworks
⋅
Cybercriminals Increasingly Trying to Ensnare the Big Financial Fish More_eggs Cobalt |
| 2018-08-30
⋅
NetScout
⋅
Double the Infection, Double the Fun More_eggs CobInt |
| 2018-07-31
⋅
Cisco Talos
⋅
Multiple Cobalt Personality Disorder More_eggs |
| 2018-03-02
⋅
Reaqta
⋅
Spear-phishing campaign leveraging on MSXSL More_eggs |
| 2017-11-20
⋅
Trend Micro
⋅
Cobalt Strikes Again: Spam Runs Use Macros and CVE-2017-8759 Exploit Against Russian Banks More_eggs Cobalt |
| 2017-08-07
⋅
Trend Micro
⋅
Backdoor-carrying Emails Set Sights on Russian-speaking Businesses More_eggs |