Wizard Spider Group: In-depth Analysis
The PRODAFT Threat Intelligence (PTI) team has assembled this report to provide in-depth knowledge about Wizard Spider.
This report provides unprecedented visibility into the structure, background, and motivations of Wizard Spider. We’ve obtained command statistics, target country statistics, command execution patterns, and other information on the group’s tactics, techniques, and procedures. These include novel post-exploitation cracking solutions and psychological tactics.
Most of Wizard Spider’s efforts go into hacking European and US businesses, with a special cracking tool used by some of their attackers to breach high-value targets. Some of the money they get is put back into the project to develop new tools and talent.
More reports from the PTI Team
PRODAFT Threat Intelligence (also known as "PTI") Team has analyzed critical LockBit ransomware infrastructure and gained in-depth knowledge about the threat actors who operate LockBit ransomware.Read now
TA505 is a financially motivated threat group that has been active since 2014. The group frequently changes its malware attack strategies in response to global cybercrime trends.