ThreatBook Research Team

The ThreatBook Research and Response Team leads the forefront of cybersecurity analysis and security operations. Its core research focuses on automated threat intelligence, advanced APT tracking, cybercrime industry monitoring, malware and automated analysis technologies, and major incident response. Composed of seasoned experts in malware analysis, forensic investigation, web attack technologies, attribution, big data, AI, and other advanced security disciplines, the team leverages proprietary systems — including automated intelligence production, cloud sandbox, hacker profiling, threat hunting, tracking and tracing, threat perception, and big data correlation knowledge graphs—to analyze and correlate millions of new malware samples, tens of millions of URLs, PDNS, and Whois records added daily to ThreatBook. Since its inception, the team has consistently been among the first to detect and monitor sophisticated APT groups targeting critical infrastructure and industries such as finance, energy, government, and high-tech. They have supported hundreds of clients worldwide in responding to high-impact global incidents — including the WannaCry ransomware outbreak — and in managing persistent, targeted attacks such as OceanLotus on maritime, high-tech, and financial sectors, and Patchwork campaigns affecting governments, diplomatic entities, universities, and research institutions.