Winnti Malware: A Deep Dive into a Deeper Threat

Download Now

To download this white paper you’ll need an Infosecurity Magazine account. Log in or sign up below.

Log In

Sign Up

Get up-to-the-minute news and opinions, plus access to a wide assortment of Information Security resources that will keep you current and informed.

This will be used to identify you if you take part in our online comments.
Your password should be at least six characters long. It is case sensitive. Passwords can only consist of alphanumeric characters or ~!@#$%^&*()_-+=?.

Infosecurity Magazine collects personal information when you register for our magazine and sponsored content. We will use this information to deliver the product or service for which you are registering.

We will also share your information with the declared sponsor of any webinar, whitepaper or virtual event for which you register and this sponsor is clearly indicated on each event page. You can opt out at any time in your user account.

For more information explaining how we use your information please see our privacy policy.

By registering you agree with our terms and conditions and privacy policy.

The Winnti malware family was first reported in 2013 by Kaspersky Lab. Since then, threat actors leveraging Winnti malware have victimized a diverse set of targets for varied motivations.

The underlying hypothesis is that the malware itself may be shared (or sold) across a small group of actors. Clusters of Winnti-related activity have become a complex topic in threat intelligence circles, with activity vaguely attributed to different codenamed threat actors.

This whitepaper provides a technical analysis of a small cluster of Winnti samples designed specifically for Linux.

Brought to You by

Should you download this whitepaper your information will be shared with the sponsor indicated above. See our privacy policy for more information.