Venom Spider Spins Web of New Malware for MaaS Platform

The threat actor "Venom Spider," known for its malware-as-a-service (MaaS) platform, has introduced new tools, including a backdoor named RevC2 and a loader called Venom Loader, used in attacks observed between August and October 2024. RevC2 communicates via WebSockets with its command-and-control (C2) server, enabling cookie and password theft, network traffic proxying, and remote code execution (RCE). Venom Loader encodes payloads using victims' computer names for personalized attacks. Venom Spider’s platform, used by groups like FIN6 and Cobalt, also includes tools such as VenomLNK, TerraLoader, and TerraStealer, with FIN6 recently deploying its MaaS platform in spear-phishing campaigns to deliver secondary malware payloads.

‍

Home >News

Venom Spider Spins Web of New Malware for MaaS Platform

Solutions

Quick Links

Services

Knowledge

Solutions

Industries

Contact us

Invinsense

About us

Address

INDIA | Ahmedabad

INDIA | Chennai

INDIA | Kochi

INDIA | Thane

UK | London

USA | New York

KUWAIT

SRI LANKA