Shining Spider


SHINING SPIDER is an eCrime adversary who has conducted ransomware operations since at least December 2020, relying on encryption and data exfiltration to extort payment from victims. The group is likely a previous affiliate of CIRCUS SPIDER’s Netwalker Ransomware-as-a-Service (RaaS) scheme, and has used ThunderCrypt ransomware as well as the legitimate Microsoft security tool BitLocker to encrypt...

Community Identifiers



  • sk1HqJKSw6vl5py


  • uPyGTZYD

Contact our team about
IOCs for this adversary


During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.