Bendybear A Shellcode Attack Used For Cyberespionage
This malware was developed by BlackTech, a cyberespionage group linked by threat researchers to the Chinese government. According to Unit 42 researchers, there is no information about the infection vector used to deploy the shellcode on target systems and the payload is well-engineered and difficult to detect. BendyBear malware has blocks of code similar to the WaterBear malware family (active since 2009), and often deployed against East Asian governments such as Japan, Taiwan and Hong Kong....