Winnti

Threat Actor

Group of professional hackers believed to be controlled by China. Since at least 2011, these hackers have been using malware to spy on corporate networks. Their mode of operation is to collect information on the organizational charts of companies, on cooperating departments, on the IT systems of individual business units, and on trade secrets. Targets are primarily German-based companies (Siemens, Bayer, Roche, BASF, Covestro).

Incidents Associated with this Threat

Malware Used by this Threat Actor