Donut Spider


DONUT SPIDER is a financially motivated Big Game Hunting (BGH) adversary that has developed the HelloXD and D0nut ransomware families. The adversary has been active on underground communities since 2021 and developed the HelloXD ransomware prior to D0nut ransomware. DONUT SPIDER operates the D#nut Ransomware Team (a.k.a. Donut) private Ransomware-as-a-Service (RaaS) affiliate program. The adversar...

Community Identifiers



  • UV52Ds3IAqYmgn4


  • TLcQCBqN

Contact our team about
IOCs for this adversary


During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.