New research has discovered a number of ransomware attacks linked to APT27, a hacker group widely believed to be operating from China. A report from Security Joes and Profero has outlined its response to a ransomware incident involving the encryption of several core servers. During their analysis, researchers also found malware samples tied to a DRBControl backdoor campaign from earlier this year, which targeted major gaming companies worldwide. Two Chinese APT groups have been linked to the campaign: APT27 and Winnti.