CrowdStrike warns of ‘enterprising adversaries’ as eCrime surges across Asia-Pacific
CrowdStrike’s latest report reveals how Asia-Pacific’s cybercriminals are evolving into organised, profit-driven operations with corporate-like precision.
- Oct 23, 2025,
- Updated Oct 23, 2025 10:49 AM IST
CrowdStrike’s 2025 APJ eCrime Landscape Report has highlighted a sharp rise in structured, business-minded cybercriminals across Asia-Pacific and Japan (APJ). These so-called “enterprising adversaries” are using AI, scalable infrastructure, and disciplined strategies to execute attacks with the precision of legitimate enterprises.
The cybersecurity firm found that from January 2024 to April 2025, 763 victims in the APJ region were listed on ransomware and data extortion leak sites. India, Australia, Japan, Taiwan, and Singapore were the most affected. Manufacturing, technology, and financial services were the top targeted sectors.
CrowdStrike identified several major ransomware operators, including OCULAR SPIDER, BITWISE SPIDER, and PUNK SPIDER, as the most active in the region. Interestingly, many of these groups avoid targeting China despite its size, suggesting internal restrictions among cybercriminals.
Emerging ransomware-as-a-service (RaaS) groups such as FunkLocker and KillSec also named a disproportionately high number of APJ-based victims, with India being hit hardest. FunkLocker’s leader, known as Scorpion, previously admitted to targeting organisations based on their revenue and weak security defences.
The report also shines a light on the underground Chinese-language eCrime markets that continue to thrive despite government crackdowns. Marketplaces like Chang’an and FreeCity have become hubs for stolen data, carding, and hacking tools, while Telegram-based platforms such as Huione Guarantee have been linked to large-scale money laundering and cryptocurrency fraud before being shut down earlier this year.
Vietnam has emerged as another cybercrime hotspot, particularly for attacks targeting social media business accounts with large ad budgets. Local malware such as Ailurophile Stealer and FatStealer have been used to compromise thousands of accounts globally.
In addition, threat groups like SOLAR SPIDER have focused on financial institutions in South Asia and Southeast Asia, using fake payment transaction emails to distribute malware like JsOutProx RAT.
CrowdStrike’s report recommends that organisations in APJ adopt “agentic AI” to counter adversaries using artificial intelligence, secure digital identities, and close cross-domain visibility gaps through modern extended detection and response (XDR) systems. It also stresses the need for proactive threat hunting and cloud-native protection measures.
CrowdStrike concluded that ransomware and data extortion will remain the biggest eCrime threats for major economies such as India, Japan, and Australia, even as cybercriminals continue to innovate through underground ecosystems and AI-powered attacks.
For Unparalleled coverage of India's Businesses and Economy – Subscribe to Business Today Magazine
CrowdStrike’s 2025 APJ eCrime Landscape Report has highlighted a sharp rise in structured, business-minded cybercriminals across Asia-Pacific and Japan (APJ). These so-called “enterprising adversaries” are using AI, scalable infrastructure, and disciplined strategies to execute attacks with the precision of legitimate enterprises.
The cybersecurity firm found that from January 2024 to April 2025, 763 victims in the APJ region were listed on ransomware and data extortion leak sites. India, Australia, Japan, Taiwan, and Singapore were the most affected. Manufacturing, technology, and financial services were the top targeted sectors.
CrowdStrike identified several major ransomware operators, including OCULAR SPIDER, BITWISE SPIDER, and PUNK SPIDER, as the most active in the region. Interestingly, many of these groups avoid targeting China despite its size, suggesting internal restrictions among cybercriminals.
Emerging ransomware-as-a-service (RaaS) groups such as FunkLocker and KillSec also named a disproportionately high number of APJ-based victims, with India being hit hardest. FunkLocker’s leader, known as Scorpion, previously admitted to targeting organisations based on their revenue and weak security defences.
The report also shines a light on the underground Chinese-language eCrime markets that continue to thrive despite government crackdowns. Marketplaces like Chang’an and FreeCity have become hubs for stolen data, carding, and hacking tools, while Telegram-based platforms such as Huione Guarantee have been linked to large-scale money laundering and cryptocurrency fraud before being shut down earlier this year.
Vietnam has emerged as another cybercrime hotspot, particularly for attacks targeting social media business accounts with large ad budgets. Local malware such as Ailurophile Stealer and FatStealer have been used to compromise thousands of accounts globally.
In addition, threat groups like SOLAR SPIDER have focused on financial institutions in South Asia and Southeast Asia, using fake payment transaction emails to distribute malware like JsOutProx RAT.
CrowdStrike’s report recommends that organisations in APJ adopt “agentic AI” to counter adversaries using artificial intelligence, secure digital identities, and close cross-domain visibility gaps through modern extended detection and response (XDR) systems. It also stresses the need for proactive threat hunting and cloud-native protection measures.
CrowdStrike concluded that ransomware and data extortion will remain the biggest eCrime threats for major economies such as India, Japan, and Australia, even as cybercriminals continue to innovate through underground ecosystems and AI-powered attacks.
For Unparalleled coverage of India's Businesses and Economy – Subscribe to Business Today Magazine