ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool Spyder

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Spyder

NamesSpyder
CategoryMalware
TypeBackdoor, Loader
Description(Dr.Web) In December 2020, the Doctor Web virus laboratory was contacted by a telecommunications company based in Central Asia after its employees discovered suspicious files on their corporate network. During the examination, our analysts extracted and studied a malicious sample, which turned out to be one of the backdoors used by the hacker group known as Winnti.
Information<https://news.drweb.com/show/?i=14154&lng=en>
<https://www.recordedfuture.com/chinese-group-tag-22-targets-nepal-philippines-taiwan/>
<https://hello.global.ntt/-/media/ntt/global/insights/white-papers/the-operations-of-winnti-group.pdf>
<https://securitynews.sonicwall.com/xmlpost/chinas-winnti-spyder-module/>
<https://www.cybereason.com/blog/operation-cuckoobees-a-winnti-malware-arsenal-deep-dive>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.spyder>
AlienVault OTX<https://otx.alienvault.com/browse/global/pulses?q=tag:spyder>

Last change to this tool card: 19 July 2022

Download this tool card in JSON format

All groups using tool Spyder

ChangedNameCountryObserved

APT groups

XAPT 41China2012-Aug 2021X
 TAG-22China2021 

2 groups listed (2 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]