Winnti: More than just Windows and Gates
released on 2019-05-15 @ 06:04:58 PM
In April 2019, reports emerged of an intrusion involving Winnti⁴malware at a German Pharmaceutical company. Following these reports, Chronicle researchers doubled down on efforts to try to unravel the various campaigns where Winnti was leveraged. Analysis of these larger convoluted clusters is ongoing. While reviewing a 2015 report⁵ of a Winnti intrusion at a Vietnamese gaming company, Chronicle identified a small cluster of Winnti⁶ samples designed specifically for Linux⁷.