Threat Actor Profile
Outrider Tiger
Outrider Tiger is a financially motivated cyber threat actor, first identified in June 2023. Known for its development and operation of the Nitrogen loader and LukaLocker ransomware, Outrider Tiger initially operated as an affiliate of the Alphv Ransomware-as-a-Service (RaaS) program until its closure in March 2024.
Threat Actor Profile
Outrider Tiger
Country of Origin
Members
Leadership
Outrider Tiger TTPs
Tactics
The group primarily focuses on credential harvesting and targeted intrusions to support intelligence collection.
Techniques
Outrider Tiger employs adversary emulation frameworks like Sliver, Cobalt Strike, and Havoc, alongside custom malware families such as WarHawk and RedThreat.
Procedures
Their methods include phishing campaigns, exploitation of vulnerabilities, and deployment of custom malware to infiltrate and exfiltrate sensitive data.
Want to Shut Down Threats Before They Start?
Notable Cyberattacks
The group has been linked to several high-profile breaches, leveraging advanced tools to compromise sensitive systems and exfiltrate data.
Law Enforcement & Arrests
No arrests or law enforcement actions against Outrider Tiger have been reported to date.
How to Defend Against Outrider Tiger
Implement robust phishing defenses.
Regularly update and patch systems.
Huntress solutions help protect organizations by monitoring endpoints, detecting intrusions, and mitigating threats with enterprise-grade technology.
References
Detect, Respond, Protect
See how the global Huntress SOC can augment your team
with 24/7 coverage and unmatched human expertise.
Start your free trial today.
