VERY IMPORTANT

In one of our previous blog entries, we covered how the threat actor known as Winnti was using GitHub to spread malware – a development that shows how the group is starting to evolve and use new attack methods beyond their previous tactics involving targeted attacks against gaming, pharmaceutical, and telecommunications companies. Through this entry, in which we take a closer look at an individual who we believe might be connected to the Winnti group, we hope to give both ordinary users and organizations better insights into some of the tools – notably the server infrastructures- these kinds of threat actors use, as well as the scale in which they operate.