Aliases
APT17
Tags
Attribution
🇨🇳
Incidents
PHP Targeted with Glutton backdoorRevivalStone Campaign by Winnti
References
https://attack.mitre.org/groups/G0044/
Last edited
Dec 25, 2024 12:03 PM
Status
Stub
Cloud-fluent
Targeted industries
Gaming
The Winnti Group, a Chinese-origin threat actor, has been active since at least 2010. Initially focused on the gaming industry, the group has since broadened its range of targets. Reports indicate potential links between Winnti and other groups such as Axiom, APT17, and Ke3chang.