Waterbear Analysis
No activities identified yet
Campaigns (1)
These are the campaigns that can be associated with the actor:
- WaterBear
IOC - Indicator of Compromise (1)
These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.
| ID | IP address | Hostname | Actor | Campaigns | Identified | Type | Confidence |
|---|---|---|---|---|---|---|---|
| 1 | 10.0.0.211 | Waterbear | 12/11/2019 | verified | High |
References (3)
The following list contains external sources which discuss the actor and the associated activities:
- https://blog.trendmicro.com/trendlabs-security-intelligence/waterbear-is-back-uses-api-hooking-to-evade-security-product-detection/
- xxxxx://xxxxxx.xxx/xxxxx/xxxxx_xxxxxx_xxxxxxxxxxxx/xxxx/xxxx/xxxxxx/xxxxxxxxx
- xxxxx://xxx.xxxxxxxxxx.xxx/xx_xx/xxxxxxxx/xx/x/xxxxxxxxx-xx-xxxx-xxxx-xxx-xxxxxxx-xx-xxxxx-xxxxxxxx-xxxxxxx-xxxxxxxxx.xxxx