BendyBear: Novel Chinese Shellcode Linked With Cyber Espionage Group BlackTech

Highly malleable, highly sophisticated and over 10,000 bytes of machine code. This is what Unit 42 researchers were met with during code analysis of this “bear” of a file. The code behavior and features strongly correlate with that of the Read More …

Waterbear is Back, Uses API Hooking to Evade Security Product Detection

Waterbear, which has been around for several years, is a campaign that uses modular malware capable of including additional functions remotely. It is associated with the cyberespionage group BlackTech, which mainly targets technology companies and government agencies in East Asia (specifically Read More …