Security News > 2020 > April > Chinese Hackers Target South Korean Gaming Company

South Korean video gaming company Gravity is the latest victim of the China-linked threat actor tracked as the Winnti Group, security researchers say.

This week, QuoIntelligence published a report claiming that the Winnti hackers have targeted South Korean video gaming company Gravity, which is best known for the massive multiplayer online role-playing game Ragnarok Online.

Based on previous knowledge and targeting of the Winnti Group, we assess that this sample was likely used to target Gravity Co., Ltd., a South Korean video game company," QuoINT says.

Previous reporting on the Winnti hackers also revealed a command and control server associated with the campaign identifier GRA KR 0629, which might be related to the recently identified attack, although no further evidence to support the link has been discovered.

"The Winnti Group has exhibited their ability to breach different organizations and conduct sophisticated attack operations, typically motivated by espionage and financial gain, with various TTPs and malware toolkits. While attribution is not concrete due to the complexity of the group, there are links that can be drawn between operations which suggest the threat actors purporting the attacks are likely operating within the Winnti Group, or at least sharing resources," QuoINT concludes.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/R5zE9MzBtHc/chinese-hackers-target-south-korean-gaming-company