Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Also known as: DEV-0237, Gold Blackburn, ITG23, GOLD ULRICK, TEMP.MixMaster, Periwinkle Tempest, FIN12, UNC2053, Storm-0193, GOLD BLACKBURN, Gold Ulrick, Wizard Spider, DEV-0193, Grim Spider, UNC1878, Pistachio Tempest, Storm-0230, G0102, Trickbot LLC
Wizard Spider is reportedly associated with Grim Spider and Lunar Spider. The WIZARD SPIDER threat group is the Russia-based operator of the TrickBot banking malware. This group represents a growing criminal enterprise of which GRIM SPIDER appears to be a subset. The LUNAR SPIDER threat group is the Eastern European-based operator and developer of the commodity banking malware called BokBot (aka IcedID), which was first observed in April 2017. The BokBot malware provides LUNAR SPIDER affiliates with a variety of capabilities to enable credential theft and wire fraud, through the use of webinjects and a malware distribution function. GRIM SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER, a criminal enterprise of which GRIM SPIDER appears to be a cell. The WIZARD SPIDER threat group, known as the Russia-based operator of the TrickBot banking malware, had focused primarily on wire fraud in the past.
| CVE ID | Action |
|---|
| CVE-2014-7169 | View Details |
| CVE-2020-1472 | View Details |
| CVE-2017-0176 | View Details |
| CVE-2016-6662 | View Details |