Wicked Spider



WICKED SPIDER is a suspected China-based adversary that appears to conduct exploitation operations as a group-for-hire service. This adversary was observed exploiting a number of Asian gaming companies and stealing code-signing certificates for use in future malicious activity using malware known as Winnti. Following a shift in targeting from the gaming to the engineering sector along with differ...

Community Identifiers



  • wTIgaRhS3CJF57E
  • LhHkTt56

Contact our team about
IOCs for this adversary


During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.