BOSS SPIDERBOSS SPIDER

Also known as: GOLD LOWELL · BOSS SPIDER

Known aliases
2

Profile

Throughout 2018, CrowdStrike Intelligence tracked BOSS SPIDER as it regularly updated Samas ransomware and received payments to known Bitcoin (BTC) addresses. This consistent pace of activity came to an abrupt halt at the end of November 2018 when the U.S. DoJ released an indictment for Iran-based individuals Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri, alleged members of the group.

Aliases· 2

GOLD LOWELLBOSS SPIDER

References

  1. https://www.crowdstrike.com/resources/reports/2019-crowdstrike-global-threat-report/
  2. https://www.secureworks.com/research/threat-profiles/gold-lowell
  3. https://www.secureworks.com/blog/samsam-converting-opportunity-into-profit
  4. https://www.secureworks.com/blog/samas-ransomware
  5. https://www.secureworks.com/blog/ransomware-deployed-by-adversary
  6. https://www.secureworks.com/research/samsam-ransomware-campaigns

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
SALTY SPIDER
Actor
DOPPEL SPIDER
Actor
GURU SPIDER
Actor
LUNAR SPIDER
Actor
GRIM SPIDER
Actor
HOUND SPIDER
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.