Winnti for Linux

MITRE

Tipo Malware:
Other

Prima attivita:
Unknown

Ultima attivita:
Unknown

Dettagli:

[Winnti for Linux](https://attack.mitre.org/software/S0430) is a trojan, seen since at least 2015, designed specifically for targeting Linux systems. Reporting indicates the winnti malware family is shared across a number of actors including [Winnti Group](https://attack.mitre.org/groups/G0044). The Windows variant is tracked separately under [Winnti for Windows](https://attack.mitre.org/software/S0141).(Citation: Chronicle Winnti for Linux May 2019)

Tecniche Associate (8)

ID	ATT&CK	Tattiche
T1014	Rootkit	-
T1027.013	Encrypted/Encoded File	-
T1071.001	Web Protocols	-
T1095	Non-Application Layer Protocol	-
T1105	Ingress Tool Transfer	-
T1140	Deobfuscate/Decode Files or Information	-
T1205	Traffic Signaling	-
T1573.001	Symmetric Cryptography	-

Usato da Attori (3)

APT41
Nation-state

Aquatic Panda
Unknown

Earth Lusca
Unknown

Metadata

ID:	378
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00