How CrowdStrike Tracked INDRIK SPIDER from Origin to Takedown

Update: 2024-10-10

Description

On Oct. 1, 2024, an international law enforcement coalition announced the disruption of a senior member of INDRIK SPIDER, who was also an affiliate of the BITWISE SPIDER ransomware as a service operation. CrowdStrike often works with law enforcement to identify, track and stop cyber threats, and we played a key role in this operation.

In this episode, Adam and Cristian are joined by a member of CrowdStrike’s intelligence collection team to dive into the takedown, the years of cybercrime evolution that led to it and how CrowdStrike collects the intel that informs organizations and aids law enforcement activity. Their conversation takes us back to the early days of INDRIK SPIDER and traces the emergence and transformation of enterprise malware as it relates to this prolific threat actor. The story underscores how adversaries operate like businesses — and why they’re so hard to bring down.

Tune in to learn the background and significance of INDRIK SPIDER and its takedown, its connections to Russian intelligence, the techniques used to investigate and attribute adversaries, what this means for the future of law enforcement against cybercrime and where cheese-covered sushi fits into the picture.

Comments

Top Podcasts

The Best New Comedy Podcast Right Now – June 2024 The Best News Podcast Right Now – June 2024 The Best New Business Podcast Right Now – June 2024 The Best New Sports Podcast Right Now – June 2024 The Best New True Crime Podcast Right Now – June 2024 The Best New Joe Rogan Experience Podcast Right Now – June 20 The Best New Dan Bongino Show Podcast Right Now – June 20 The Best New Mark Levin Podcast – June 2024

In Channel

The Latest in China-Taiwan Cyber Tensions

2024-10-2433:30

How CrowdStrike Tracked INDRIK SPIDER from Origin to Takedown

2024-10-1053:35

Small But Mighty: The Kernel’s Essential Role in Cybersecurity Defense

2024-10-0135:24

Coming Soon to Las Vegas: Adversary Universe Previews #FalCon2024

2024-09-1214:12

Intern Spotlight: Starting A Cyber Career with CrowdStrike

2024-08-2936:57

Hunting the Rogue Insiders Operating for FAMOUS CHOLLIMA

2024-08-2131:17

Talking OT Security with Fernando Madureira, Global CISO of Cosan

2024-07-1120:54

How Adversaries Respond to Law Enforcement Takedowns

2024-06-2743:21

When the Adversary Knows They’re Caught

2024-06-1334:52

Unpacking China-India Cyber Tensions

2024-05-3036:32

Understanding Social Engineering with Shelly Giesbrecht, Director, Professional Services

2024-05-2342:47

Hacktivism and the JACKALs Behind It

2024-05-0937:19

Building a Strong Threat Hunting Program with Andrew Munchbach

2024-04-2536:24

Adversary Attribution: What It Means and How It Works

2024-04-1149:45

LIVE from Gov Threat Summit: A Chat with Morgan Adamski, Chief of the NSA’s Cybersecurity Collaboration Center

2024-03-2825:52

CrowdStrike CSO Shawn Henry on Election Security, Nation-State Threats and His FBI Career

2024-03-1444:27

A Human at the Keyboard: CrowdStrike Reports 60% Jump in Interactive Intrusions

2024-02-2212:16

The Dark Personality Traits Fueling Cybercrime

2024-02-1545:06

Demystifying North Korea: Why the "Hermit Kingdom" Is a Cyber Threat to Watch

2024-02-0139:22

AI Through the Defender’s Lens: A Chat with CrowdStrike’s Global CTO

2024-01-1841:36

00:00

How CrowdStrike Tracked INDRIK SPIDER from Origin to Takedown

#box-pro-ellipsis-173082417943786{-webkit-line-clamp:2;}How CrowdStrike Tracked INDRIK SPIDER from Origin to Takedown

How CrowdStrike Tracked INDRIK SPIDER from Origin to Takedown

CrowdStrike

How CrowdStrike Tracked INDRIK SPIDER from Origin to Takedown