top of page
Search

Cyderes Launches “Howler Cell,” an Elite Cyber Unit Hunting Espionage Threats

Cyderes, a global managed security powerhouse known for its rapid-response capabilities, just unveiled Howler Cell, a new strike-force-style division tasked with uncovering and neutralizing the world’s most advanced cyber adversaries.


Led by former FBI agents and seasoned experts from Google, Rapid7, SentinelOne, and other major security players, Howler Cell operates as Cyderes’ intelligence nerve center — part research lab, part cyber-defense special operations unit. Its mission: to out-think and out-maneuver nation-state and criminal actors before their attacks ever land.


“The Howler Cell team is constantly watching, analyzing, and calling out emerging threats before they strike,” said Chris Schueler, CEO of Cyderes. “Their work not only strengthens our clients’ defenses but also contributes vital intelligence back to the broader cybersecurity community.”

A New Breed of Cyber Defense Unit


Howler Cell represents a growing trend among top-tier security providers: building elite, multidisciplinary teams that merge traditional intelligence tradecraft with deep technical expertise. The group draws from Cyderes’ internal Threat Research and Intelligence, Threat Hunting, Digital Forensics and Incident Response (DFIR), Offensive Security, and AI Engineering teams.


By combining these disciplines, Cyderes is effectively building a cyber operations fusion cell — one that can track adversaries in real time, simulate attacks to identify vulnerabilities, and integrate lessons learned back into managed defense operations for clients worldwide.


It’s a model that echoes how intelligence agencies coordinate across domains. But here, the battleground is digital — sprawling across data centers, cloud workloads, and global supply chains.


Howler Cell’s First Mission: Tracking ValleyRAT


The team’s debut research shines a light on a Chinese cyber-espionage campaign distributing the ValleyRAT remote-access trojan through a deceptively simple lure: fake Google Chrome installers.


According to Cyderes, Howler Cell researchers discovered a malicious 32-bit installer masquerading as an authentic Chrome setup file. Beneath the surface, it triggers a multi-stage infection chain, culminating in the deployment of ValleyRAT — a well-known espionage tool previously tied to the threat group TA428.


What makes this campaign especially stealthy, the team notes, is the dual-payload delivery: a legitimate copy of Chrome installs in the foreground, masking the background deployment of malware. Even more telling, the fake installer specifically targets antivirus solutions from Chinese vendors, suggesting that the threat actors are aiming inward — at entities inside China.


“ValleyRAT has been a long-standing tool of China-based espionage groups, including TA428,” said Brian Hussey, Head of Howler Cell at Cyderes. “What’s most concerning here is the operational maturity; these actors are blending legitimate installs with malicious payloads to stay invisible.”

Espionage Goes Inward


The discovery adds a new dimension to global threat intelligence: while China has long been associated with state-sponsored espionage targeting other nations, this campaign points to domestic surveillance or counter-intelligence operations targeting Chinese organizations themselves.


Researchers note that such campaigns are increasingly leveraging trust exploitation tactics, where malicious installers piggyback on legitimate applications to bypass scrutiny and persist undetected.


The Broader Strategy: Intelligence as a Service


Howler Cell isn’t just about writing research papers — it’s about operationalizing intelligence. Every discovery feeds back into Cyderes’ managed detection and response (MDR) offerings, ensuring clients benefit from live intelligence on evolving attacker tactics.


Cyderes is positioning Howler Cell as both a public-facing research arm and an internal innovation lab. Its findings will inform Cyderes’ exposure management and identity protection programs, while also being shared openly to help defenders industry-wide.


The company’s message is clear: defending against today’s adversaries requires continuous, adaptive learning, and collaboration across both private and public sectors.


“Our goal in publishing this and future research is to help defenders detect and disrupt these tactics before they cause harm,” Hussey added.

A New Intelligence Era for Managed Security


For Cyderes, Howler Cell is more than a branding move — it’s a statement of intent. As the cyber landscape becomes increasingly geopolitical, managed security providers are transforming into intelligence organizations in their own right, capable of influencing global defense postures.


Howler Cell’s mix of technical operators, forensics specialists, and AI engineers suggests that Cyderes is aiming to create a continuous loop between research, detection, and defense, accelerating the company’s promise to keep clients “Everyday Ready™.”


In an era when cyberwarfare blends espionage, sabotage, and influence operations, elite cyber units like Howler Cell could become the model for the next generation of managed security — one that doesn’t just respond to threats but hunts them before they surface.

bottom of page