ANTHROPOID SPIDERANTHROPOID SPIDER

Also known as: Empire Monkey · CobaltGoblin · ANTHROPOID SPIDER

Known aliases
3

Profile

Publicly known as 'EmpireMonkey', ANTHROPOID SPIDER conducted phishing campaigns in February and March 2019, spoofing French, Norwegian and Belizean financial regulators and institutions. These campaigns used macro-enabled Microsoft documents to deliver the PowerShell Empire post-exploitation framework. ANTHROPOID SPIDER likely enabled a breach that allegedly involved fraudulent transfers over the SWIFT network.

Aliases· 3

Empire MonkeyCobaltGoblinANTHROPOID SPIDER

References

  1. https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf
  2. https://www.kaspersky.com/about/press-releases/2019_fin7-hacking-group-targets-more-than-130-companies-after-leaders-arrest
  3. https://fortiguard.com/encyclopedia/botnet/7630456

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
SOLAR SPIDER
Actor
TRAVELING SPIDER
Actor
LUNAR SPIDER
Actor
MIMIC SPIDER
Actor
Alpha Spider
Actor
GURU SPIDER
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.