Winnti Malware: A Deep Dive into a Deeper Threat

White Paper 19 July 2019

Download Now

To download this white paper you’ll need an Infosecurity Magazine account. Log in or sign up below.

Email address

Password Forgotten your password?

Get up-to-the-minute news and opinions, plus access to a wide assortment of Information Security resources that will keep you current and informed.

First name

Last name

Company name

Country

Professional email

Please send me your eNewsletter

Nickname This will be used to identify you if you take part in our online comments.

Password

Your password should:

be at least eight characters long
be no more than 25 characters long
contain at least one uppercase, lowercase and special character
contain at least one digit
only contain alphanumeric characters or ~!@#$%^&*()_-+=?.

For more information explaining how we use your information please see our privacy policy.

By registering you agree with our terms and conditions.

The Winnti malware family was first reported in 2013 by Kaspersky Lab. Since then, threat actors leveraging Winnti malware have victimized a diverse set of targets for varied motivations.

The underlying hypothesis is that the malware itself may be shared (or sold) across a small group of actors. Clusters of Winnti-related activity have become a complex topic in threat intelligence circles, with activity vaguely attributed to different codenamed threat actors.

This whitepaper provides a technical analysis of a small cluster of Winnti samples designed specifically for Linux.

Brought to you by

This event is brought to you by Chronicle Security. By downloading this event, you agree that your details will be shared with Chronicle Security who may contact you in relation to similar products and services which may be of interest. You can read more in Chronicle Security’s Privacy Policy, including how to unsubscribe.