Continer 7
Threat Card Hub
Scattered Spider
85
Sophistication
2022
First Seen
90
Notoriety
77
Stealth
86
Immersive Rating
90
Impact
48
Tactics Variety
Anthropomorphic spider in a hoodie using laptop with spider logo in a dark office with cityscape outside.

Scattered Spider

English-speaking group thought to be comprised of British and American nationals. Known for high-profile breaches via social engineering. Compromised MGM Resorts in 2023, causing major outages. Uses SIM swapping and MFA fatigue to bypass security.

Key behaviours to watch:

  • Targeted spear-phishing leading to domain compromise and lateral movement.
  • Bulk exfiltration of archives via RAR compression and custom utilities (GETMAIL, MAPIGET).
  • Long dwell-time persistence with scheduled tasks, reused credentials, and stealthy C2.

Immersive coverage includes:

  • Threat Actors and Threats > APT Campaigns
  • Threat Hunting > APT29 / FIN7 analogues
  • Incident Response > Containment & Eradication
Try a Lab Now
Blog

Releated Content

Close-up of a denim jacket sleeve with a beige patch labeled C7 sewn on it.
Research
April 15, 2026

Patch Tuesday April 2026 - Critical Microsoft Security Patches

Read more
A man points ahead while holding a laptop, speaking to a woman in a dimly lit industrial setting.
Research
March 12, 2026

OpenClaw: Hunting Season is Open

Read more
Close-up of a beige knitted beanie with a rectangular C7 patch on a black background.
Research
March 11, 2026

Patch Tuesday March 2026 - Critical Microsoft Security Patches

Read more
Sort By :
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Anonymous hacktivist card with Guy Fawkes mask and stats on cyber attacks and operations.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
Anonymous
40
2003
95
30
55
60
70
Graphic of a panda in Chinese military uniform using a laptop with Chinese flag background, about APT1 cyberespionage.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
APT1
85
2004
80
45
72
88
70
Illustration of a robotic panda in a robe holding a flaming earth, labeled APT10 with espionage stats and info.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
APT10
92
2006
78
90
90
94
88
Illustration of a buffalo-headed figure in military gear at a computer with tech monitors and a star background.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
APT32
88
2014
70
79
83
87
83
APT34 intel card shows a cheetah in jacket and scores for malware, espionage, and financial crime stats.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
APT34
84
2014
68
74
88
82
86
Illustration of a cheetah in a suit holding a rose and USB, labeled APT35, an Iranian state hacker group.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
APT35
73
2014
65
65
81
74
80
Digital chimera with lion and goat heads, blue and purple cybernetic style representing cyber threat group.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
Chimera
68
2019
55
63
69
72
61
Cozy Bear intel card with a bear in Russian hat, holding USB, describing it as a Russian cyber-espionage group.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
Cozy Bear
70
2012
57
71
64
64
58