Winnti Group hackers have updated their arsenal with a new modular Windows backdoor that they used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. The hacking group’s ShadowPad malware also received some updates, with random module IDs and some extra obfuscation being the most noteworthy additions according to ESET researchers who monitored the hackers’ attacks throughout the year.
Source: Bleeping Computer