Alias Description | Votes |
---|---|
APT41 is a possible alias for Winnti. APT41, also known as Winnti, Wicked Panda, and Brass Typhoon, is a significant threat actor attributed to China. This group has been active since at least 2012 and has targeted organizations in over 14 countries. It uses a wide range of malware, with at least 46 different code families and tools obs | 5 |
Barium is a possible alias for Winnti. Barium, also known as BRONZE ATLAS or APT41, is a threat actor that has been associated with various malicious activities. Originating from China and active since at least 2007, this group has been implicated in cyberespionage efforts targeting multiple sectors across the globe. In 2017, according t | 5 |
PlugX is a possible alias for Winnti. PlugX is a malicious software (malware) known for its stealthy operations. It has been linked to several cyberattacks, and its use has been attributed to various threat groups, including Winnti and MustangPanda. The malware leverages DLL side-loading to remain undetected, making it a potent tool in | 4 |
Mustang Panda is a possible alias for Winnti. Mustang Panda, a known Chinese advanced persistent threat (APT) group, has been identified as the likely perpetrator behind a sophisticated, ongoing cyber-espionage campaign. The group, also known as Stately Taurus, Bronze President, RedDelta, Luminous Moth, Earth Preta, and Camaro Dragon, has a 12- | 3 |
Axiom is a possible alias for Winnti. Axiom is a recognized threat actor, also known as a hacking team, that has been associated with malicious activities. The group has ties to the Chinese intelligence apparatus and has operated under various names such as Winnti, PassCV, APT17, LEAD, BARIUM, Wicked Panda, and GREF. The naming conventi | 3 |
Earth Lusca is a possible alias for Winnti. Earth Lusca, a threat actor identified as being Chinese-speaking, has been active since at least the first half of 2023. The group primarily targets organizations in Southeast Asia, Central Asia, and the Balkans. Recently, it has expanded its arsenal with SprySOCKS Linux malware, a new addition that | 3 |
Wicked Panda is a possible alias for Winnti. Wicked Panda, also known as APT41, Double Dragon, and Brass Typhoon, is a China state-sponsored threat actor identified by the Department of Health and Human Services' Health Sector Cybersecurity Coordination Center as one of the top cybersecurity threats. The group, which has been linked to multipl | 2 |
Blackfly is a possible alias for Winnti. Blackfly is a threat actor, tracked by Symantec, that has been involved in cyber-attacks primarily targeting South Korean companies, especially those in the video game and software development industry. The group initiated its activities with a campaign to steal certificates, which were later utiliz | 2 |
APT17 is a possible alias for Winnti. APT17, also known as Tailgator Team and Deputy Dog, is a threat actor suspected to be affiliated with the Chinese intelligence apparatus. This group has been associated with various aliases including Winnti, PassCV, Axiom, LEAD, BARIUM, Wicked Panda, and GREF. The primary targets of APT17 are the U. | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The ShadowPad Malware is associated with Winnti. ShadowPad is a modular malware that has been utilized by various Chinese threat actors since at least 2017. It's a malicious software designed to infiltrate computer systems, often without the user's knowledge, and can cause significant damage by stealing personal information, disrupting operations, | Unspecified | 7 |
The Wyrmspy Malware is associated with Winnti. WyrmSpy is a sophisticated malware attributed to the Chinese espionage group APT41, also known as Double Dragon, BARIUM, and Winnti. This harmful software, designed to exploit and damage computer systems or devices, infects systems through suspicious downloads, emails, or websites, often without use | Unspecified | 2 |
The PipeMon Malware is associated with Winnti. PipeMon is a sophisticated, modular backdoor malware discovered in February 2020. It is attributed to the Winnti Group, known for their cyber espionage activities. This malware uses multiple named pipes for inter-module communication, hence its name "PipeMon". Its first stage consists of a password- | Unspecified | 2 |
The DragonEgg Malware is associated with Winnti. DragonEgg is a malware associated with the notorious Chinese Advanced Persistent Threat (APT) group, APT41. This malicious software was developed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites. The malware has been linked to surveillance | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Winnti Group Threat Actor is associated with Winnti. The Winnti Group, a threat actor associated with the Chinese state-sponsored hacking activities, has been active since at least 2007, according to researchers from Kaspersky Lab who first identified the group in 2013. The group initially gained notoriety for its attacks on computer game developers a | Unspecified | 5 |
The I-Soon Threat Actor is associated with Winnti. i-Soon, also known as Anxun, is a threat actor identified as a private industry contractor for the Chinese Ministry of Public Security (MPS). The company has recently been implicated in a massive data leak that surfaced on Github. As elaborated by Tom Uren and Catalin Cimpanu, i-Soon frequently init | Unspecified | 3 |
The Redhotel Threat Actor is associated with Winnti. RedHotel is a prolific threat actor group, known for its espionage activities targeting organizations of interest to the Chinese government. The group has been active since at least 2019 and operates alongside other threat groups such as RedAlpha and Poison Carp. Researchers at Recorded Future have | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
BankInfoSecurity | 22 days ago | ||
Securityaffairs | a month ago | ||
DARKReading | a month ago | ||
DARKReading | 2 months ago | ||
DARKReading | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Unit42 | 5 months ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 7 months ago | ||
Trend Micro | 7 months ago | ||
Unit42 | 7 months ago | ||
CERT-EU | 8 months ago | ||
DARKReading | 8 months ago | ||
CERT-EU | 8 months ago | ||
BankInfoSecurity | 8 months ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago |