"BlackTech Targets Tech, Research, and Gov Sectors with New 'Deuterbear' Tool"
A threat actor called "BlackTech" has been targeting the Asia-Pacific region's technology, research, and government sectors. The attacks deliver an updated version of the modular backdoor named "Waterbear," and its enhanced successor, "Deuterbear." According to Trend Micro researchers, Waterbear is notoriously complex, using multiple evasion mechanisms to avoid detection and analysis. In 2022, "Earth Hundun" started using the new version of Waterbear, which includes several changes, such as anti-memory scanning and decryption routines. This article continues to discuss findings regarding the BlackTech threat actor.
THN reports "BlackTech Targets Tech, Research, and Gov Sectors with New 'Deuterbear' Tool"
Submitted by grigby1
Submitted by grigby1 CPVI
on