RADIANT SPIDER Unveiled: Insights into a Chinese eCrime Actor’s Tradecraft, from Exploitation to Formjacking

Eric Loui

While ransomware groups dominate headlines, Chinese-origin eCrime actors often operate in the shadows, presenting an overlooked threat to many organizations. This presentation examines RADIANT SPIDER, a Chinese eCrime group that has targeted organizations across North America and East Asia since 2022, primarily focusing on eCommerce and technology sectors. Based on analysis of CrowdStrike’s own threat hunting and incident response data, this presentation reveals RADIANT SPIDER's intrusion tradecraft, as well as information supporting an assessment that RADIANT SPIDER is likely a Chinese-origin eCrime adversary.