Cert2Connect

LUNAR SPIDER Enabling Ransomware Attacks on Financial Sector with Brute Ratel C4 and Latrodectus

LUNAR SPIDER a Russian-speaking financially motivated threat group has resumed operations following law enforcement disruptions. Theyve shifted from using IcedID to leveraging Latrodectus and Brute Ratel C4 malware targeting financial services through SEO poisoning malvertising campaigns. The group maintains affiliations with ransomware operators like ALPHV/BlackCat sharing infrastructure and tools. LUNAR SPIDERs adaptability is evident in their use of over 200 malicious infrastructures across different malware families. Their latest campaign employed obfuscated JavaScript to deliver Brute Ratel C4 establishing persistence and command-and-control communication.
Overview

WILT U WETEN HOE DIT RISICO
UITGEBANNEN KAN WORDEN?

Wij helpen je graag. Indien gewenst geven we graag een presentatie of demo van onze oplossingsaanpak. Je vindt ons ook regelmatig op beurzen en events. Volg de evenementenpagina op deze site of meld je aan via de contactpagina voor onze nieuwsbrief.

Maak een afspraak