🏆

Winnti

Aliases

APT17

Tags

Attribution

🇨🇳

Incidents

PHP Targeted with Glutton backdoor RevivalStone Campaign by Winnti

References

https://attack.mitre.org/groups/G0044/

Last edited

Dec 25, 2024 12:03 PM

Status

Stub

Cloud-fluent

Targeted industries

Gaming

The Winnti Group, a Chinese-origin threat actor, has been active since at least 2010. Initially focused on the gaming industry, the group has since broadened its range of targets. Reports indicate potential links between Winnti and other groups such as Axiom, APT17, and Ke3chang.