SYMBOLCOMMON_NAMEaka. SYNONYMS

ZOMBIE SPIDER  (Back to overview)


On April 7, 2017, Pytor Levashov — who predominantly used the alias Severa or Peter Severa and whom Falcon Intelligence tracks as ZOMBIE SPIDER — was arrested in an international law enforcement operation led by the FBI. ZOMBIE SPIDER’s specialty was large-scale spam distribution, a fundamental component of cybercrime operations. Levashov was the primary threat actor behind a botnet known as Kelihos and its predecessors, Waledac and Storm. In addition to Levashov’s arrest, there was a technical operation conducted by Falcon Intelligence to seize control of the Kelihos botnet.


Associated Families

There are currently no families associated with this actor.


References
2019-03-06CrowdStrikeBrendon Feeley, Bex Hartley, Sergei Frankoff
@online{feeley:20190306:pinchy:f5060bd, author = {Brendon Feeley and Bex Hartley and Sergei Frankoff}, title = {{PINCHY SPIDER Affiliates Adopt “Big Game Hunting” Tactics to Distribute GandCrab Ransomware}}, date = {2019-03-06}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/pinchy-spider-adopts-big-game-hunting/}, language = {English}, urldate = {2019-12-20} } PINCHY SPIDER Affiliates Adopt “Big Game Hunting” Tactics to Distribute GandCrab Ransomware
Gandcrab Phorpiex PINCHY SPIDER ZOMBIE SPIDER
2018-12-05CrowdStrikeBrett Stone-Gross, Tillmann Werner, Bex Hartley
@online{stonegross:20181205:farewell:54e18a4, author = {Brett Stone-Gross and Tillmann Werner and Bex Hartley}, title = {{Farewell to Kelihos and ZOMBIE SPIDER}}, date = {2018-12-05}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/farewell-to-kelihos-and-zombie-spider/}, language = {English}, urldate = {2021-05-31} } Farewell to Kelihos and ZOMBIE SPIDER
Kelihos ZOMBIE SPIDER
2018CrowdStrikeCrowdStrike
@techreport{crowdstrike:2018:2018:5ba6206, author = {CrowdStrike}, title = {{2018 Global Threat Report}}, date = {2018}, institution = {CrowdStrike}, url = {https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2018GlobalThreatReport.pdf}, language = {English}, urldate = {2019-12-17} } 2018 Global Threat Report
Mangzamel BAMBOO SPIDER HOUND SPIDER ZOMBIE SPIDER
2017-04-13CrowdStrikeFalcon Intelligence Team
@online{team:20170413:inside:c7362e6, author = {Falcon Intelligence Team}, title = {{Inside the Takedown of ZOMBIE SPIDER and the Kelihos Botnet}}, date = {2017-04-13}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/inside-the-takedown-of-zombie-spider-and-the-kelihos-botnet/}, language = {English}, urldate = {2019-12-20} } Inside the Takedown of ZOMBIE SPIDER and the Kelihos Botnet
Kelihos ZOMBIE SPIDER
2017-04-10US Department of JusticeUS Department of Justice
@online{justice:20170410:justice:f1767d7, author = {US Department of Justice}, title = {{Justice Department Announces Actions to Dismantle Kelihos Botnet}}, date = {2017-04-10}, organization = {US Department of Justice}, url = {https://www.justice.gov/opa/pr/justice-department-announces-actions-dismantle-kelihos-botnet-0}, language = {English}, urldate = {2019-12-03} } Justice Department Announces Actions to Dismantle Kelihos Botnet
ZOMBIE SPIDER

Credits: MISP Project