Analysis healthcarefinance
APT41 / Winnti / Double Dragon: China's Dual-Mandate Cyber Threat Group
APT41 operates simultaneously as a state-directed espionage actor targeting strategic industries for Beijing and a financially motivated cybercriminal enterprise — a combination unique among Chinese threat groups. A 2026 ELF cloud credential backdoor with zero VirusTotal detections is the latest evidence of the group's continued operational sophistication.