
Scion Spider
Details
SCION SPIDER is a Ransomware-as-a-Service (RaaS) affiliate that achieves initial access by compromising servers running Microsoft SQL Server. The adversary typically leverages the built-in SQL extended procedure xp_cmdshell to run shell commands. SCION SPIDER uses either PowerShell (PS) commands directly or the Microsoft SQL Server-native sqlps utility to run PS commands for downloading payloads a...
Objective
- YjKmNV1qeUwxGr2
Motivation
- efoFkIwC
Contact our team about
IOCs for this adversary
?