Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Operators of Winnti APT Group Moving Ahead of Gaming Sector - Kaspersky

Security experts of security firm Kaspersky say that they have recently acquired proofs which prove that Winnti APT (Advanced Persistent Threat) is heading beyond the gaming sector and moving to other significant industries.

Kaspersky first discovered Winnti in 2012 and samples of the malware were seen used by threat actor Axiom Group, whose actions were prevented during Operation SMN in 2014, which involved numerous security firms led by Novetta, a company offering solutions of advanced analytics.

Softpedia.com published news on 23rd June, 2015 quoting Dmitry Tarakanov, a Security Researcher with Kaspersky, as saying "Winnti group had been known as a Chinese threat actor for very long targeting companies particularly.

According to the experts, Winnti group has been operating since 2009 targeting over 30 gaming businesses and striking different well-known online games.

However, recent conclusion reveals that the campaigns of the Winnti group target institutions of wider range of sectors because Kaspersky collected samples which suggested an attack on a "popular global pharmaceutical enterprise headquartered in Europe."

The researcher did not reveal the name of the victim which is being targeted but Wikpedia says that six out of the top ten companies ranked revenue wise as per their 2013 annual reports are from Europe: GlaxoSmithKline, Roche, Sanofi, Novartis, Bayer and AstraZeneca.

Besides this campaign ID, researchers of Kaspersky found other clues supporting cyber-espionage activity targeting pharmaceutical industry. The sample of Winnti which was analyzed included a network rootkit signed with an embezzled certificate allocated to a division of a large Japanese holding.

Securelist.com published news on 22nd June, 2015 quoting a blog of Tarakanov as "although this division is concerned with microelectronics manufacturing other divisions of the conglomerate's business (referring to Japanese holding) includes drug development and production along with medical equipment."

The researchers have not given any information about the contribution of operators of Winnti but according to researchers, the exclusive sureness at this moment is that the gang is going past the Internet gaming industry and running cyber-espionage campaign against businesses in other sectors like telecoms and large pharma.

ยป SPAMfighter News - 7/6/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page