LaundryBear
LaundryBear is a threat actor identified in SentinelLABS reporting as part of infrastructure-analysis case studies alongside the FreeDrain campaign. The provided content states that SentinelLABS used the LaundryBear and FreeDrain campaigns to demonstrate how the sentinelone-validin power-up leverages Validin multi-source enrichment and HTTP fingerprinting to uncover broader campaign infrastructure from a small set of indicators within Synapse. No additional high-confidence details about LaundryBear’s targets, malware, tactics, techniques, geographic attribution, or nation-state affiliation are provided in the available content. Known alias in the provided content: laundrybear.
Know when an actor pivots toward your sector
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
Recent activity
1 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
The version that knows your environment.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.