Storm-1113Storm-1113

Also known as: APOTHECARY SPIDER · Storm-1113

Known aliases
2

Profile

Storm-1113 is a threat actor that acts both as an access broker focused on malware distribution through search advertisements and as an “as-a-service” entity providing malicious installers and landing page frameworks. In Storm-1113 malware distribution campaigns, users are directed to landing pages mimicking well-known software that host installers, often MSI files, that lead to the installation of malicious payloads. Storm-1113 is also the developer of EugenLoader, a commodity malware first observed around November 2022.

Aliases· 2

APOTHECARY SPIDERStorm-1113

References

  1. https://www.microsoft.com/en-us/security/blog/2023/12/28/financially-motivated-threat-actors-misusing-app-installer/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Storm-1167
Actor
Storm-1101
Actor
Storm-1133
Actor
Storm-1044
Actor
Storm-1283
Actor
Storm-0249
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.