LUNAR SPIDER Launches Ransomware Campaign Targeting Financial Sector

LUNAR SPIDER Targets Financial Sector with Advanced Ransomware Techniques. The cybercrime group LUNAR SPIDER has launched a campaign utilizing the Latrodectus JavaScript loader to deploy Brute Ratel C4 (BRc4) payloads aimed at the financial industry. Their tactics include malvertising and SEO poisoning to lure victims into downloading malicious scripts disguised as legitimate software. The BRc4 payload establishes persistent access by modifying the Windows registry and communicates with multiple command and control domains, indicating a sophisticated infrastructure shared with other ransomware groups.