EXOTIC LILY

Techniques (MITRE ATT&CK)15

SourceMITRE ATT&CK

Vexday analysis

EXOTIC LILY é um grupo de ameaça (identificador MITRE ATT&CK G1011) com motivação financeira, estreitamente associado ao Wizard Spider e à implantação de ransomwares como Conti e Diavol. O grupo atua possivelmente como broker de acesso inicial para outros agentes maliciosos, tendo visado setores variados — incluindo TI, segurança cibernética e saúde — ao menos desde setembro de 2021. Ao grupo são atribuídas 15 técnicas documentadas no framework MITRE ATT&CK e 1 CVE de exploração conhecida.

Techniques (MITRE ATT&CK) 15

How the group operates, mapped to the MITRE ATT&CK matrix and organized by the phases of an attack.

Reconnaissance

Email Addresses Social Media Search Victim-Owned Websites Search Closed Sources

Resource development

Domains Social Media Accounts Email Accounts Upload Malware

Initial access

Spearphishing Attachment Spearphishing Link Spearphishing via Service

Execution

Exploitation for Client Execution Malicious Link Malicious File

Command and control

Web Service

Exploited vulnerabilities 1

CVEs this group is known to exploit, per MITRE ATT&CK. Ordered by real-world severity.

CVE-2021-40444HIGHEPSS 97%KEV

EXOTIC LILY uses real techniques and exploits real flaws. TrueHacking's AI Autonomous Pentest simulates these attacks against your infrastructure and brings more security to your application.

Explore the AI Autonomous Pentest →