SOCRadar Threat Research Team has released a new report on Operation HookedWing, a persistent 4-year phishing campaign that has not been publicly documented until now.
The campaign has been compromising organizations across multiple sectors and countries. The SOCRadar Threat Research team has identified that the campaign operates a custom phishing kit which, at the time of publication, has not been attributed to any known threat actor.
- First public documentation of this kit and campaign dates back to 2022, with no prior references found in any consulted open sources.
- More than 4 years of continuous activity, with active infrastructure documented up to the time of publication.
- Over 2,000 victims and more than 500 organizations were identified through analysis of recovered logs.
- Multi-infrastructure and multi-vector approach involving abuse of legitimate hosting platforms, combined with the compromise of real corporate servers.
- Use of github.io along with other platforms for landing pages, combined with dynamically injected PHP to load the form.
- Deliberate targeting of key sectors such as Aviation, Government, Energy, and Critical Infrastructure
More info here: Operation HookedWing: 4-Year Multi-Sector Attack Analysis
SOCRadar positioned as a Leader and Emerging Innovator in the SPARK Matrix: Digital Threat Intelligence Management, 2026 by QKS Group
Posted in Commentary with tags SOC Radar on May 7, 2026 by itnerdQKS Group announced today that it has named SOCRadar as a leader in theSPARK Matrix™: Digital Threat Intelligence Management, 2026.
QKS Group defines Digital Threat Intelligence Management as technology that offers unified insight into external threats to organizational digital-facing assets. The technology aggregates and processes threat intelligence from multiple sources and provides comprehensive information about threat actors to enable improved investigation, threat hunting, and cyber defense.
SOCRadar differentiates itself within the DTIM landscape through a comprehensive, intelligence-driven platform that unifies digital risk protection, threat intelligence, and external attack surface management under a single operational framework. Its ability to correlate threat actor activity, brand exposure, dark web intelligence, and asset-level vulnerabilities provides organizations with enriched, contextual visibility beyond traditional threat monitoring. By integrating automation, analyst-ready insights, and continuous monitoring across deep and dark web, social media, and open sources, the platform enables faster threat prioritization and response. Supported by a globally scalable delivery model and localized intelligence coverage, SOCRadar allows enterprises to proactively mitigate external threats, strengthen digital resilience, and streamline security operations without increasing tool sprawl or operational complexity.
The QKS Group SPARK Matrix™ includes a detailed analysis of the global market dynamics, major trends, vendor landscape, and competitive positioning. The study also provides a competitive analysis and ranking of the Digital Threat Intelligence Management, 2025 providers in the form of the SPARK Matrix™. The study also provides strategic information for users to evaluate different vendor capabilities, competitive differentiation, and market positions.
Additional Resources:
Leave a comment »