This resource is no longer available
The Winnti malware family was first reported in 2013 by Kaspersky Lab. Since then, threat actors leveraging Winnti malware have victimized a diverse set of targets for varied motivations.
While reviewing a 2015 report of a Winnti intrusion at a Vietnamese gaming company, Chronicle researchers identified a small cluster of Winnti samples designed specifically for Linux.
Download this white paper for a technical analysis of this variant.