Pat Bear, also known as APT-C-37, is a cyber espionage group operating as a subgroup of the Syrian Electronic Army (SEA) under the designation Deadeye Jackal. First emerging in October 2015, the group's primary motivation is information theft and surveillance, notably conducting targeted attacks against entities like the "Islamic State". Pat Bear distinguishes itself through the use of Android malware disguised as legitimate applications, such as mimicking WhatsApp, to infiltrate devices and exfiltrate sensitive data. The group leverages its affiliation with the Syrian Electronic Army, which has evolved its tactics to use custom Android malware for surveillance, including campaigns exploiting COVID-19 lures.
United Arab EmiratesAfghanistanArgentinaAustraliaAzerbaijanBelgiumBrazilCanadaSwitzerlandChina
Sectores objetivo (SOCRadar)
Construction of BuildingsOther Information ServicesSoftware PublishersReal EstateHospitalsAccommodationAir TransportationManufacturingConstructionPublic Administration