Winnti group’s attack platform is based on decade old malware

October 7, 2015

Via: malware

Kaspersky Lab experts tracking the activity of the ## group have discovered an active threat based on a 2006 installer. The threat, which they name HDRoot after the original tool’s name HDD Rootkit, is a universal for a sustainable and persistent appearance in a targeted system, which can be used as a foothold for any arbitrary tool.

The Winnti criminal organization is known for industrial campaigns targeting software companies, especially those in the gaming industry. Recently it has also been observed to be targeting pharmaceutical businesses.

Read More