Recent research by ESET has uncovered some of the tactics and tools used by the Winnti hacking group that has been carrying out supply-chain attacks against gaming companies since at least 2011. The attackers usually target game developers in order to embed backdoors in video games. In March of this year, the group compromised two video games as well as a gaming platform in this manner. That campaign was estimated to have impacted tens of thousands or perhaps hundreds of thousands of users.
ESET researchers have since discovered that the hackers use a backdoor called PortReuse. When they scanned the Internet for instances of this backdoor, they found infections affecting a large mobile software and hardware manufacturer in Asia. The compromise was disclosed to the targeted firm. The researchers also found a botnet used by Winnti to mine for cryptocurrency.
Read more: Tactics of Supply-Chain Attack Group Exposed