Uptime Hamster: 15d 5h 17mDeploy: 13 Jul 2026 08:04Updated: 2026-07-14
Logo del actor de amenaza VICE SPIDER

VICE SPIDER

0 incidentes 0 paises 0 sectores apt RU Ultimo: -
Aliases: DEV-0832, Vanilla Tempest, Vicesociety, PrintNightmare, HelloKitty, Zeppelin ransomware
Ver en IntelTracker → APTTrail →
VICE SPIDER is a Russian-speaking, financially motivated cybercriminal group active since at least April 2021. The group operates under a 'Big Game Hunting' model, focusing on high-value targets for significant ransom demands. While they initially used commodity ransomware variants like Zeppelin and Hello Kitty, the group has evolved to privately operate Rhysida and Interlock ransomware, and has been associated with BlackCat (ALPHV) and Quantum Locker. Uniquely, VICE SPIDER often utilizes modified versions of existing ransomware families rather than exclusively developing their own, and is notorious for disproportionately targeting the education sector. They are also recognized for their expertise in exploiting Kerberos authentication vulnerabilities, contributing to a rise in Kerberoasting incidents. The group is also known by several aliases, including Vice Society, DEV-0832, Vanilla Tempest, Rapid Brigantine, Arcane Mantis, and Nefarious Mantis.

Aliases del actor

DEV-0832Vanilla TempestVicesocietyPrintNightmareHelloKittyZeppelin ransomware

Actores similares

vicesocietyransomware · 188ViceSocietyransomware · 0Scattered Spideractor · 2Indrik Spideractor · 1doppel-spideractor · 1salty-spideractor · 1brain-spideractor · 1skeleton-spideractor · 1bamboo-spideractor · 1andromeda-spideractor · 1
CVEs relacionadas
CVE-2024-50623
Tipo
apt
Pais origen
RU
Motivacion
-
Impacto
22
Actualizado
Thu, 04 Se

Sectores objetivo (SOCRadar)

ManufacturingEducational ServicesHealthCare & Social AssistancePublic AdministrationRetailScientific Research and Development ServicesBusiness Schools and Computer and Management TrainingGrantmaking and Giving ServicesPeriodical PublishersData Processing, Hosting, and Related Services