Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation HAWKBALL

The campaign targets the government sector in Central Asia with malicious documents that take advantage of vulnerabilities in Microsoft Office to drop the HAWKBALL backdoor. The malware has many capabilities including collecting system information, creating reverse shells, and uploading, downloading, and deleting files as well as terminating processes. The malicious software also has anti-debugging detection to stay under the radar of security researchers.
Name Modified Date Sources
Operation HAWKBALL 2019-06-11