For a long time the Winnti group had been considered as a Chinese threat actor targeting gaming companies specifically. Recently, we’ve seen information indicating that the scope of targets can be wider and is no longer limited to the entertainment business. We actually track samples of Winnti malware all the time, but so far we haven’t been able to catch one with solid clues indicating other targeted industries.
Also our visibility as a vendor does not cover every company in the world (at least so far ;)) and the Kaspersky Security Network (KSN) did not reveal other attacks except those against gaming companies. Well, sometimes targeted entities have included telecommunication companies, or better, large holdings, but it seems that at least one of their businesses was in some way related to the production or distribution of computer games.
Leave a reply