Threat Landscape Dashboard - Campaigns

Assessing today's threats and the relationships between them

Top Campaigns

Campaign Description
Operation Oceansalt The campaign reuses a portion of code from the Seasalt implant (circa 2010) that is linked to the Chinese hacking group Comment Crew. Oceansalt appears to have been part of an operation targeting South Korea, United States, and Canada in a well-focused attack.
Operation POWERSHOWER The campaign takes advantage of flaws in Microsoft Word in an attempt to drop a PowerShell backdoor labeled "POWERSHOWER" onto the infected system. The malware is capable of stealing sensitive information from the compromised machine and uploading to a command and control server under the attackers control. The operation also removes traces of itself including files and registry entries to make post infection analysis difficult.