 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: PipeMon| Names | PipeMon | |
| Category | Malware | |
| Type | Backdoor | |
| Description | (ESET) In February 2020, we discovered a new, modular backdoor, which we named PipeMon. Persisting as a Print Processor, it was used by the Winnti Group against several video gaming companies that are based in South Korea and Taiwan and develop MMO (Massively Multiplayer Online) games. Video games developed by these companies are available on popular gaming platforms and have thousands of simultaneous players. In at least one case, the malware operators compromised a victim’s build system, which could have led to a supply-chain attack, allowing the attackers to trojanize game executables. In another case, the game servers were compromised, which could have allowed the attackers to, for example, manipulate in-game currencies for financial gain. | |
| Information | <https://www.welivesecurity.com/2020/05/21/no-game-over-winnti-group/> | |
| MITRE ATT&CK | <https://attack.mitre.org/software/S0501/> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.pipemon> | |
Last change to this tool card: 30 December 2022
Download this tool card in JSON format
Previous: PIPEDREAM
Next: PipeSnoop
| Changed | Name | Country | Observed | ||
APT groups | |||||
| APT 41 |  | 2012-Feb 2023 |  | ||
| Earth Lusca | | 2019-Dec 2023 | |||
2 groups listed (2 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |