radiant group
Ransomware group profile
8Victims
South KoreaSource country
57Impact score
Also Known As
radiand group
Description
Radiant is a ransomware group that emerged in September 2025, known for its aggressive double extortion tactics. They particularly target sensitive data related to children and have been implicated in high-profile attacks such as the Kido International nursery chain incident.
Key insights
- •Employs a double extortion model, encrypting data and threatening to publish stolen information.
- •Initially gains access through vulnerabilities in third-party software or purchased access from brokers.
- •Targets sensitive data, including that of children, leading to public backlash and unusual public apologies.
- •Uses dark web leak sites to apply pressure and publicize stolen data.
- •Directly contacts individual victims, escalating extortion tactics through personalized demands.
Threat Level & Status Breakdown
For radiant group · Based on incidents in selected period
2threat level
Aggressiveness2/ 10
Lethality0/ 10
Criticality4.2/ 10
Status Breakdown
Claimed25.0%2
First seenSep 2025
Last seenOct 2025
Avg ransom—
Payment rate—
Statusactive
Sophistication0
Last updatedJun 18, 2026
Recent activity
Monthly attack count for radiant group in the selected period
8Total attacks
7peak in Oct
4avg / month
↑ 6 vs first month
No intelligence data for this group.
TTPs & Attack Vectors
Tools, initial access, and MITRE ATT&CK techniques for radiant group
Other
T1486
T1486
T1490
T1490
T1021
T1021
T1562
T1562
T1080
T1080
T1078
T1078
T1547
T1547
T1059
T1059
T1021.001
T1021.001
T1046
T1046
T1105
T1105
T1040
T1040
Victims(8)
| Company | Domain | Country | Industry | Status | Discovered | |
|---|---|---|---|---|---|---|
| Spijkermat | — | — | Retail & E-Commerce | Claimed | 8 months ago | |
| Docurail | — | — | Transportation | Unknown | 8 months ago | |
| Dutch ??? | — | NL Netherlands | — | Unknown | 8 months ago | |
| Retail Texas | — | US United States | Retail & E-Commerce | Unknown | 8 months ago | |
| UK Rail Services | — | GB United Kingdom | Transportation | Unknown | 8 months ago | |
| Magna Foodservice | — | — | Hospitality | Claimed | 9 months ago | |
| Minnesota Hospital | — | US United States | Healthcare | Unknown | 9 months ago | |
| Kido Schools | — | — | Education | Unknown | 9 months ago |
Affected countries(7)
Countries where this group has been reported to target or leak victims.