Group: Winnti Group, Blackfly

From enterprise
Jump to: navigation, search
Winnti Group, Blackfly
ID G0044
Aliases Winnti Group, Blackfly

Winnti Group is a threat group with Chinese origins that has been active since at least 2010. The group has heavily targeted the gaming industry, but it has also expanded the scope of its targeting. Though both this group and Axiom use the malware Winnti, the two groups appear to be distinct based on differences in reporting on the groups' TTPs and targeting.123

Alias Descriptions

  • Winnti Group - 12
  • Blackfly - 4

Techniques Used