<ul><li>China-linked APT group Winnti targeted Japanese organizations in a cyberespionage campaign named RevivalStone in March 2024.</li><li>The campaign focused on manufacturing, materials, and energy sectors, utilizing an advanced version of the Winnti malware.</li><li>Winnti is part of a larger umbrella group consisting of several APT groups, including Winnti, Gref, PlayfullDragon, APT17, and others.</li><li>The attack chain involved exploiting an SQL injection, deploying a WebShell, conducting reconnaissance, and installing Winnti malware through a shared account.</li></ul>

China-linked APT group Winnti targets Japanese organizations since March 2024

Discover more