Winnti Group

GPTKB entity

Statements (63)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:activeYearsStart 2009
gptkbp:alsoKnownAs gptkb:Blackfly
gptkb:APT41
gptkb:Wicked_Panda
BARIUM
gptkbp:attributedTo gptkb:Microsoft
gptkb:CrowdStrike
gptkb:ESET
gptkb:FireEye
gptkb:Kaspersky_Lab
gptkb:Symantec
gptkb:Recorded_Future
gptkbp:countryOfOrigin gptkb:China
https://www.w3.org/2000/01/rdf-schema#label Winnti Group
gptkbp:mainActivity cybercrime
financially motivated cybercrime
gptkbp:motive espionage
data theft
financial gain
supply chain compromise
disruption of critical infrastructure
intellectual property theft
gptkbp:notableBattle gptkb:CCleaner_supply_chain_attack
gptkb:Operation_ShadowHammer
gptkb:ShadowPad_backdoor_attacks
attacks on German chemical companies
attacks on Hong Kong universities
attacks on Indian power grid
attacks on video game companies
gptkbp:notableTool gptkb:PlugX
gptkb:Hacker's_Door
gptkb:LEMONDUCK
gptkb:PipeMon
gptkb:ShadowPad
gptkb:Skip-2.0
gptkb:Winnti_backdoor
gptkb:Cobalt_Strike
gptkb:ShadowHammer
gptkb:Crosswalk
gptkbp:suspectedAffiliation gptkb:Chinese_government
gptkb:Chinese_Ministry_of_State_Security
gptkbp:target gptkb:textile_industry
gptkb:video_game
healthcare sector
government organizations
software companies
telecommunications sector
gptkbp:usesMalware gptkb:PlugX
gptkb:Hacker's_Door
gptkb:LEMONDUCK
gptkb:PipeMon
gptkb:ShadowPad
gptkb:Skip-2.0
gptkb:Winnti_malware
gptkb:Cobalt_Strike
gptkb:Crosswalk
gptkbp:bfsParent gptkb:Operation_CuckooBees
gptkb:Operation_Winnti
gptkb:Chinese_state-sponsored_actors
gptkb:Hacker
gptkb:Dr._Ev4l
gptkbp:bfsLayer 7