Skip to content
The Nexus
DossierENTITY

Cordial Spider

Coverage of Cordial Spider in the Nexus archive.

Earliest in view: Apr 27 · 14:18 UTCMost recent: May 1 · 14:26 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 1 · 14:26 UTCTHE HACKER NEWS
    Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks

    Cybersecurity researchers have identified two cybercrime groups, Cordial Spider and Snarky Spider, using vishing and SSO abuse to conduct rapid, high-impact SaaS extortion attacks. These groups operate within SaaS environments, stealing data quickly while leaving minimal traces.

  • SECURITYApr 30 · 15:00 UTCCYBERSCOOP
    Two new extortion crews are speedrunning the Scattered Spider playbook

    CrowdStrike reports two financially-motivated threat groups, Cordial Spider and Snarky Spider, are targeting U.S. organizations in critical sectors using voice-phishing and social engineering to steal data and conduct extortion campaigns. These groups, linked to Scattered Spider and The Com, exploit identity platforms and SaaS environments, with extortion demands often reaching seven figures.

  • SECURITYApr 27 · 14:18 UTCCYBERSCOOP
    BlackFile actively extorting data-theft victims in retail and hospitality sector

    BlackFile, a cyber extortion group linked to The Com, is targeting retail and hospitality organizations via voice-phishing and social engineering to steal data and demand ransoms. The group, tracked under aliases like CL-CRI-1116 and Cordial Spider, uses SaaS environments and data-leak sites to pressure victims, with attacks ongoing since February 2025.

Cordial Spider · Dossier · The Nexus