Marc-Étienne Léveillé
Last known affiliation: ESET
Date: 2019-12-05
Winnti Arsenal: Brand-new Supplies
Mathieu Tartare 🗣 | Marc-Étienne Léveillé 🗣
Mathieu Tartare 🗣 | Marc-Étienne Léveillé 🗣
Abstract (click to view)
This presentation is the result of a long-term research uncovering new unpublished details on the arsenal of the Winnti umbrella. The Winnti umbrella consists in multiple threat actors having in common the use of a custom backdoor for their operations, the Winnti malware. It is active since at least 2009 and is mostly targeting the video-game industry even though it is also known to have compromised other high-profile targets such as the pharmaceutical industry. They are also known for certificates theft used to sign their malwares.