Wicked Spider



WICKED SPIDER is a suspected China-based adversary that appears to conduct exploitation operations as a group-for-hire service. This adversary was observed exploiting a number of Asian gaming companies and stealing code-signing certificates for use in future malicious activity using malware known as Winnti. Following a shift in targeting from the gaming to the engineering sector along with differ...

Community Identifiers



  • 2ukE4YhxM53ZmOj
  • eChkMo7d

Contact our team about
IOCs for this adversary


During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.