EXOTIC LILY
MISP
Tipo:
Unknown
Unknown
Paese:
Unknown
Unknown
Prima attivita:
Unknown
Unknown
Dettagli:
[EXOTIC LILY](https://attack.mitre.org/groups/G1011) is a financially motivated group that has been closely linked with [Wizard Spider](https://attack.mitre.org/groups/G0102) and the deployment of ransomware including [Conti](https://attack.mitre.org/software/S0575) and [Diavol](https://attack.mitre.org/software/S0659). [EXOTIC LILY](https://attack.mitre.org/groups/G1011) may be acting as an initial access broker for other malicious actors, and has targeted a wide range of industries including IT, cybersecurity, and healthcare since at least September 2021.(Citation: Google EXOTIC LILY March 2022)
MITRE ATT&CK:
View on MITRE
Tecniche Utilizzate (15)
| ID | ATT&CK | Tattiche |
|---|---|---|
| T1102 | Web Service | - |
| T1203 | Exploitation for Client Execution | - |
| T1204.001 | Malicious Link | - |
| T1204.002 | Malicious File | - |
| T1566.001 | Spearphishing Attachment | - |
| T1566.002 | Spearphishing Link | - |
| T1566.003 | Spearphishing via Service | - |
| T1583.001 | Domains | - |
| T1585.001 | Social Media Accounts | - |
| T1585.002 | Email Accounts | - |
| T1589.002 | Email Addresses | - |
| T1593.001 | Social Media | - |
| T1594 | Search Victim-Owned Websites | - |
| T1597 | Search Closed Sources | - |
| T1608.001 | Upload Malware | - |
Alias (196)
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
DEV-0413
Malware Utilizzato (2)
Metadata
| ID: | 363 |
| Created: | 13/01/2026 17:48 |
| Updated: | 21/04/2026 16:00 |