Winos 4.0 Strikes Again: Hackers’ Malware Tour Hits Japan and Malaysia!

WINOS 4.0 hackers are moving beyond China and Taiwan, targeting Japan and Malaysia. Armed with fake finance PDFs and the HoldingHands RAT malware, they’re taking their phishing game global. It’s like a cyber world tour, except nobody asked for an encore!

3P
Published: October 18, 2025 6:16 pmAdded: October 18, 2025 at 11:26 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like Winos 4.0 hackers are on a world tour, but instead of spreading catchy tunes, they’re dishing out malware! Japan and Malaysia are the latest to get front-row seats to their phishing antics. Who knew fake Finance Ministry PDFs could be the ticket to a global malware fiesta?

Key Points:

– Winos 4.0 hackers extend their reach from China and Taiwan to Japan and Malaysia.
– The campaign uses fake Finance Ministry PDFs to distribute HoldingHands RAT malware.
– Most links in phishing emails lead to Tencent Cloud, with some disguised as Taiwanese tax documents.
– Attackers bypass detection using digitally signed EXE files and hide payloads in JSON data.
– Fortinet links Malaysia attacks to earlier Taiwan operations through shared IPs and infrastructure.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?