Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation Waterbear API Hooking

The cyberespionage group BlackTech has continued their Waterbear campaign against targets in East Asia. The threat actor's recent attacks deployed a new API hooking technique to avoid detection by injecting code into a specific security application to hide the backdoor.
Name Modified Date Sources
Operation Waterbear API Hooking 2019-12-16