SYMBOL | COMMON_NAME | aka. SYNONYMS |
Kaspersky described DarkHotel in a 2014 report as: '... DarkHotel drives its campaigns by spear-phishing targets with highly advanced Flash zero-day exploits that effectively evade the latest Windows and Adobe defenses, and yet they also imprecisely spread among large numbers of vague targets with peer-to-peer spreading tactics. Moreover, this crews most unusual characteristic is that for several years the Darkhotel APT has maintained a capability to use hotel networks to follow and hit selected targets as they travel around the world.'
2022-05-16 ⋅ cocomelonc ⋅ Malware development: persistence - part 6. Windows netsh helper DLL. Simple C++ example. CherryPicker POS Ramsay |
2022-05-05 ⋅ BrightTALK (Mandiant) ⋅ The Sample: Beating the Malware Piñata Jaku |
2022-03-17 ⋅ Trellix ⋅ Suspected DarkHotel APT activity update RMOT |
2021-12-01 ⋅ ESET Research ⋅ Jumping the air gap: 15 years of nation‑state effort Agent.BTZ Fanny Flame Gauss PlugX Ramsay Retro Stuxnet USBCulprit USBferry |
2020-09-22 ⋅ Youtube (Virus Bulletin) ⋅ Ramsay: A cyber-espionage toolkit tailored for air-gapped networks Ramsay |
2020-09-08 ⋅ NSFOCUS ⋅ APT GROUP系列——DARKHOTEL之窃密与RAT篇 Nemim |
2020-08-25 ⋅ 360 Threat Intelligence Center ⋅ Darkhotel (APT-C-06) organized multiple attacks using the Thinmon backdoor framework to reveal the secrets ThinMon |
2020-06-14 ⋅ BushidoToken ⋅ Deep-dive: The DarkHotel APT Asruex Ghost RAT Ramsay Retro Unidentified 076 (Higaisa LNK to Shellcode) |
2020-05-22 ⋅ Antiy CERT ⋅ Analysis of Ramsay components of Darkhotel's infiltration and isolation network Ramsay DarkHotel |
2020-05-20 ⋅ SentinelOne ⋅ Why On-Device Detection Matters: New Ramsay Trojan Targets Air-Gapped Networks Ramsay |
2020-05-13 ⋅ ESET Research ⋅ Ramsay: A cyber‑espionage toolkit tailored for air‑gapped networks Ramsay Retro |
2020-03-23 ⋅ Reuters ⋅ Exclusive: Elite hackers target WHO as coronavirus cyberattacks spike DarkHotel |
2020 ⋅ Secureworks ⋅ TUNGSTEN BRIDGE Nemim DarkHotel |
2019-08-22 ⋅ Trend Micro ⋅ Asruex Backdoor Variant Infects Word Documents and PDFs Through Old MS Office and Adobe Vulnerabilities Asruex |
2019 ⋅ MITRE ⋅ Group description: Darkhotel DarkHotel |
2019 ⋅ Council on Foreign Relations ⋅ Darkhotel DarkHotel |
2018-06-17 ⋅ IBM ⋅ Storwize USB Initialization Tool may contain malicious code Jaku |
2018-05-25 ⋅ 360 ⋅ Analysis of CVE-2018-8174 VBScript 0day and APT actor related to Office targeted attack Retro |
2017-07-19 ⋅ SecurityWeek ⋅ 'DarkHotel' APT Uses New Methods to Target Politicians DarkHotel |
2017-07-18 ⋅ Bitdefender ⋅ Inexsmar: An unusual DarkHotel campaign DarkHotel |
2016-06-30 ⋅ JPCERT/CC ⋅ Asruex: Malware Infecting through Shortcut Files DarkHotel |
2016-06-09 ⋅ Microsoft ⋅ Reverse-engineering DUBNIUM DarkHotel |
2016-06-09 ⋅ Microsoft ⋅ Reverse-engineering DUBNIUM DarkHotel |
2016 ⋅ Forcepoint ⋅ Analysis of a Botnet Campaign Jaku |
2015-12-31 ⋅ Overseas "Dark Inn" organization launched an APT attack on executives of domestic enterprises DarkHotel |
2015-08-10 ⋅ Kaspersky Labs ⋅ Darkhotel’s attacks in 2015 DarkHotel DarkHotel |
2015-03-04 ⋅ Kaspersky Labs ⋅ Who’s Really Spreading through the Bright Star? Jaku |
2014-11-10 ⋅ Kaspersky Labs ⋅ The Darkhotel APT DarkHotel |
2014-11-10 ⋅ Kaspersky Labs ⋅ The Darkhotel APT DarkHotel |