| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Resecurity’s research indicates that the attack on Parliament is a part of a multi-year cyberespionage campaign orchestrated by a nation-state actor whom we are calling IRIDIUM. This actor targets sensitive government, diplomatic, and military resources in the countries comprising the Five Eyes intelligence alliance (which includes Australia, Canada, New Zealand, the United Kingdom and the United States)
| 2025-03-28
⋅
Trend Micro
⋅
A Deep Dive into Water Gamayun’s Arsenal and Infrastructure DarkWisp SilentPrism Kematian Stealer Rhadamanthys Stealc Water Gamayun |
| 2025-03-14
⋅
Twitter (@CERTCyberdef)
⋅
Tweet on Emmenhtal v3 Emmenhtal Lumma Stealer Rhadamanthys |
| 2025-03-06
⋅
Outpost24
⋅
Unveiling EncryptHub: Analysis of a multi-stage malware campaign Rhadamanthys |
| 2025-02-12
⋅
Microsoft
⋅
The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation LocalOlive |
| 2025-02-11
⋅
EclecticIQ
⋅
Sandworm APT Targets Ukrainian Users with Trojanized Microsoft KMS Activation Tools in Cyber Espionage Campaigns Kalambur BACKORDER DCRat |
| 2025-01-15
⋅
⋅
CTFIOT
⋅
Article 113: One of the Russian-Ukrainian cyberwars, a review of the first major blackout in Ukraine caused by the Sandworm APT organization KillDisk |
| 2025-01-10
⋅
Spamhaus
⋅
Spamhaus Botnet Threat Update July to December 2024 Coper FluBot Hook Mirai FAKEUPDATES AsyncRAT BianLian Brute Ratel C4 Cobalt Strike DanaBot DCRat Havoc Latrodectus NjRAT Quasar RAT RedLine Stealer Remcos Rhadamanthys Sliver Stealc |
| 2025-01-04
⋅
revdiaries.com
⋅
"Solara" Roblox Executor Malware Rhadamanthys |
| 2024-11-06
⋅
Check Point Research
⋅
CopyRh(ight)adamantys Campaign: Rhadamantys Exploits Intellectual Property Infringement Baits Rhadamanthys |
| 2024-10-23
⋅
Cisco Talos
⋅
Highlighting TA866/Asylum Ambuscade Activity Since 2021 WasabiSeed Cobalt Strike csharp-streamer RAT Resident Rhadamanthys WarmCookie |
| 2024-10-17
⋅
Sekoia
⋅
ClickFix tactic: The Phantom Meet Rhadamanthys Stealc |
| 2024-09-26
⋅
Recorded Future
⋅
Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0 Rhadamanthys |
| 2024-07-25
⋅
Symantec
⋅
Growing Number of Threats Leveraging AI Broomstick DBatLoader NetSupportManager RAT Rhadamanthys |
| 2024-07-24
⋅
Check Point Research
⋅
Stargazers Ghost Network Atlantida Lumma Stealer RedLine Stealer Rhadamanthys RisePro Stargazer Goblin |
| 2024-07-14
⋅
Medium b.magnezi
⋅
Malware Analysis - Rhadamanthys Rhadamanthys |
| 2024-07-09
⋅
Spamhaus
⋅
Spamhaus Botnet Threat Update January to June 2024 Coper FluBot Hook Bashlite Mirai FAKEUPDATES AsyncRAT BianLian Cobalt Strike DCRat Havoc NjRAT QakBot Quasar RAT RedLine Stealer Remcos Rhadamanthys RisePro Sliver |
| 2024-06-17
⋅
Recorded Future
⋅
The Travels of “markopolo”: Self-Proclaimed Meeting Software Vortax Spreads Infostealers, Unveils Expansive Network of Malicious macOS Applications AMOS Rhadamanthys Stealc Markopolo |
| 2024-05-11
⋅
Russian APT deploys new 'Kapeka' backdoor in Eastern European attacks Kapeka |
| 2024-04-29
⋅
ThreatMon
⋅
Understanding the 'Kapeka' Backdoor: Detailed Analysis by APT44 Kapeka |
| 2024-04-19
⋅
⋅
Cert-UA
⋅
UAC-0133 (Sandworm) plans for cyber sabotage on almost 20 objects of critical infrastructure of Ukraine Kapeka reGeorg |
| 2024-04-17
⋅
WithSecure
⋅
KAPEKA A novel backdoor spotted in Eastern Europe Kapeka |
| 2024-04-16
⋅
Mandiant
⋅
APT44: Unearthing Sandworm VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT Sandworm |
| 2024-04-15
⋅
UC Santa Cruz
⋅
A Tale of Two Industroyers: It was the Season of Darkness Industroyer INDUSTROYER2 |
| 2024-04-10
⋅
Proofpoint
⋅
Security Brief: TA547 Targets German Organizations with Rhadamanthys Stealer Rhadamanthys |
| 2024-01-12
⋅
Spamhaus
⋅
Spamhaus Botnet Threat Update Q4 2023 FluBot Hook FAKEUPDATES AsyncRAT BianLian Cobalt Strike DCRat Havoc IcedID Lumma Stealer Meterpreter NjRAT Pikabot QakBot Quasar RAT RecordBreaker RedLine Stealer Remcos Rhadamanthys Sliver |
| 2023-12-14
⋅
Checkpoint
⋅
Rhadamanthys v0.5.0 – A Deep Dive into the Stealer’s Components Rhadamanthys |
| 2023-11-09
⋅
Mandiant
⋅
Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology CaddyWiper |
| 2023-10-27
⋅
Elastic
⋅
GHOSTPULSE haunts victims using defense evasion bag o' tricks HijackLoader Lumma Stealer NetSupportManager RAT Rhadamanthys SectopRAT Vidar |
| 2023-10-12
⋅
Spamhaus
⋅
Spamhaus Botnet Threat Update Q3 2023 FluBot AsyncRAT Ave Maria Cobalt Strike DCRat Havoc IcedID ISFB Nanocore RAT NjRAT QakBot Quasar RAT RecordBreaker RedLine Stealer Remcos Rhadamanthys Sliver Stealc Tofsee Vidar |
| 2023-10-03
⋅
Outpost24
⋅
Rhadamanthys malware analysis: How infostealers use VMs to avoid analysis Rhadamanthys |
| 2023-09-25
⋅
EchoCTI
⋅
Rhdamanthys Technical Analysis Report Rhadamanthys |
| 2023-08-31
⋅
Checkpoint
⋅
From Hidden Bee to Rhadamanthys - The Evolution of Custom Executable Formats Hidden Bee Rhadamanthys |
| 2023-07-12
⋅
Mandiant
⋅
The GRU's Disruptive Playbook CaddyWiper INDUSTROYER2 XakNet |
| 2023-07-11
⋅
Spamhaus
⋅
Spamhaus Botnet Threat Update Q2 2023 Hydra AsyncRAT Aurora Stealer Ave Maria BumbleBee Cobalt Strike DCRat Havoc IcedID ISFB NjRAT QakBot Quasar RAT RecordBreaker RedLine Stealer Remcos Rhadamanthys Sliver Tofsee |
| 2023-06-15
⋅
eSentire
⋅
eSentire Threat Intelligence Malware Analysis: Resident Campaign Cobalt Strike Resident Rhadamanthys WarmCookie |
| 2023-05-16
⋅
Secureworks
⋅
The Growing Threat from Infostealers Graphiron GraphSteel Raccoon RedLine Stealer Rhadamanthys Taurus Stealer Vidar |
| 2023-05-04
⋅
SOCRadar
⋅
Sandworm Attackers Use WinRAR to Wipe Data from Government Devices RoarBAT |
| 2023-04-19
⋅
Google
⋅
Ukraine remains Russia’s biggest cyber focus in 2023 Rhadamanthys |
| 2023-04-18
⋅
Mandiant
⋅
M-Trends 2023 QUIETEXIT AppleJeus Black Basta BlackCat CaddyWiper Cobalt Strike Dharma HermeticWiper Hive INDUSTROYER2 Ladon LockBit Meterpreter PartyTicket PlugX QakBot REvil Royal Ransom SystemBC WhisperGate |
| 2023-04-14
⋅
Dragos
⋅
2022 ICS/OT Threat Landscape Recap & What to Watch for This Year INDUSTROYER2 Wassonite |
| 2023-04-12
⋅
Spamhaus
⋅
Spamhaus Botnet Threat Update Q1 2023 FluBot Amadey AsyncRAT Aurora Ave Maria BumbleBee Cobalt Strike DCRat Emotet IcedID ISFB NjRAT QakBot RecordBreaker RedLine Stealer Remcos Rhadamanthys Sliver Tofsee Vidar |
| 2023-03-27
⋅
Check Point Research
⋅
Rhadamanthys: The “Everything Bagel” Infostealer Rhadamanthys |
| 2023-03-15
⋅
Microsoft
⋅
A year of Russian hybrid warfare in Ukraine CaddyWiper DesertBlade DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper PartyTicket SwiftSlicer WhisperGate |
| 2023-02-21
⋅
Zscaler
⋅
Technical Analysis of Rhadamanthys Obfuscation Techniques Rhadamanthys |
| 2023-02-15
⋅
Google
⋅
Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape CaddyWiper Dharma HermeticWiper INDUSTROYER2 PartyTicket WhisperGate Callisto Curious Gorge MUSTANG PANDA Turla |
| 2023-01-29
⋅
Acronis
⋅
Petya/Not Petya Ransomware Analysis EternalPetya |
| 2023-01-27
⋅
ESET Research
⋅
SwiftSlicer: New destructive wiper malware strikes Ukraine SwiftSlicer |
| 2023-01-27
⋅
ESET Research
⋅
Tweets on SwiftSlicer SwiftSlicer |
| 2023-01-27
⋅
⋅
Cert-UA
⋅
Cyber attack on the Ukrinform information and communication system CaddyWiper |
| 2023-01-24
⋅
Fortinet
⋅
The Year of the Wiper Azov Wiper Bruh Wiper CaddyWiper Cobalt Strike Vidar |
| 2023-01-16
⋅
Medium elis531989
⋅
Dancing With Shellcodes: Analyzing Rhadamanthys Stealer Rhadamanthys |
| 2023-01-12
⋅
Cybleinc
⋅
Rhadamanthys: New Stealer Spreading Through Google Ads Rhadamanthys |
| 2023-01-03
⋅
Malware Traffic Analysis
⋅
2023-01-03 (TUESDAY) - GOOGLE AD --> FAKE NOTPAD++ PAGE --> RHADAMANTHYS STEALER Rhadamanthys |
| 2022-12-05
⋅
Accenture
⋅
Popularity spikes for information stealer malware on the dark web MetaStealer Rhadamanthys |
| 2022-12-03
⋅
Microsoft
⋅
Preparing for a Russian cyber offensive against Ukraine this winter CaddyWiper HermeticWiper Prestige |
| 2022-11-18
⋅
Atlantic Council
⋅
GRU 26165: The Russian cyber unit that hacks targets on-site EternalPetya |
| 2022-10-31
⋅
The Record
⋅
Mondelez and Zurich reach settlement in NotPetya cyberattack insurance suit EternalPetya |
| 2022-10-24
⋅
Youtube (Virus Bulletin)
⋅
Russian wipers in the cyberwar against Ukraine AcidRain CaddyWiper DesertBlade DoubleZero EternalPetya HermeticWiper HermeticWizard INDUSTROYER2 IsaacWiper KillDisk PartyTicket WhisperGate |
| 2022-10-06
⋅
ThreatMon
⋅
Rhadamanthys Stealer Analysis Rhadamanthys |
| 2022-09-26
⋅
CrowdStrike
⋅
The Anatomy of Wiper Malware, Part 3: Input/Output Controls CaddyWiper DEADWOOD DistTrack DoubleZero DUSTMAN HermeticWiper IsaacWiper Meteor Petya Sierra(Alfa,Bravo, ...) StoneDrill WhisperGate ZeroCleare |
| 2022-09-23
⋅
Mandiant
⋅
GRU: Rise of the (Telegram) MinIOns ArguePatch CaddyWiper XakNet |
| 2022-08-18
⋅
Trustwave
⋅
Overview of the Cyber Weapons Used in the Ukraine - Russia War AcidRain CaddyWiper Cobalt Strike CredoMap DCRat DoubleZero GraphSteel GrimPlant HermeticWiper INDUSTROYER2 InvisiMole IsaacWiper PartyTicket |
| 2022-08-18
⋅
Trustwave
⋅
Overview of the Cyber Weapons Used in the Ukraine - Russia War AcidRain CaddyWiper Cobalt Strike CredoMap DCRat DoubleZero GraphSteel GrimPlant HermeticWiper INDUSTROYER2 InvisiMole IsaacWiper PartyTicket |
| 2022-08-12
⋅
CrowdStrike
⋅
The Anatomy of Wiper Malware, Part 1: Common Techniques Apostle CaddyWiper DEADWOOD DistTrack DoubleZero DUSTMAN HermeticWiper IsaacWiper IsraBye KillDisk Meteor Olympic Destroyer Ordinypt Petya Sierra(Alfa,Bravo, ...) StoneDrill WhisperGate ZeroCleare |
| 2022-06-23
⋅
splunk
⋅
Threat Update: Industroyer2 INDUSTROYER2 |
| 2022-05-31
⋅
NOZOMI Network Labs
⋅
Industroyer vs. Industroyer2: Evolution of the IEC 104 Component INDUSTROYER2 |
| 2022-05-18
⋅
ntop
⋅
How ntopng monitors IEC 60870-5-104 traffic INDUSTROYER2 |
| 2022-05-12
⋅
Blackberry
⋅
Threat Thursday: Malware Rebooted - How Industroyer2 Takes Aim at Ukraine Infrastructure INDUSTROYER2 |
| 2022-05-09
⋅
cocomelonc
⋅
Malware development: persistence - part 4. Windows services. Simple C++ example. Anchor AppleJeus Attor BBSRAT BlackEnergy Carbanak Cobalt Strike DuQu |
| 2022-05-02
⋅
AT&T
⋅
Analysis on recent wiper attacks: examples and how wiper malware works AcidRain CaddyWiper DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper |
| 2022-04-28
⋅
Fortinet
⋅
An Overview of the Increasing Wiper Malware Threat AcidRain CaddyWiper DistTrack DoubleZero EternalPetya HermeticWiper IsaacWiper Olympic Destroyer Ordinypt WhisperGate ZeroCleare |
| 2022-04-27
⋅
Nozomi Networks
⋅
Industroyer2: Nozomi Networks Labs Analyzes the IEC 104 Payload INDUSTROYER2 |
| 2022-04-27
⋅
Microsoft
⋅
Special Report: Ukraine An overview of Russia’s cyberattack activity in Ukraine CaddyWiper DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper PartyTicket WhisperGate |
| 2022-04-25
⋅
Mandiant
⋅
INDUSTROYER.V2: Old Malware Learns New Tricks INDUSTROYER2 |
| 2022-04-25
⋅
Netresec
⋅
Industroyer2 IEC-104 Analysis INDUSTROYER2 |
| 2022-04-23
⋅
Stranded on Pylos Blog
⋅
Industroyer2 in Perspective INDUSTROYER2 |
| 2022-04-20
⋅
CISA
⋅
AA22-110A Joint CSA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure VPNFilter BlackEnergy DanaBot DoppelDridex Emotet EternalPetya GoldMax Industroyer Sality SmokeLoader TrickBot Triton Zloader |
| 2022-04-20
⋅
CISA
⋅
Alert (AA22-110A): Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure VPNFilter BlackEnergy DanaBot DoppelDridex Emotet EternalPetya GoldMax Industroyer Sality SmokeLoader TrickBot Triton Zloader Killnet |
| 2022-04-20
⋅
cocomelonc
⋅
Malware development: persistence - part 1. Registry run keys. C++ example. Agent Tesla Amadey BlackEnergy Cobian RAT COZYDUKE Emotet Empire Downloader Kimsuky |
| 2022-04-14
⋅
SCADAfence
⋅
Industroyer2: ICS Networks need to heighten vigilance - SCADAfence INDUSTROYER2 |
| 2022-04-12
⋅
Max Kersten's Blog
⋅
Ghidra script to handle stack strings CaddyWiper PlugX |
| 2022-04-12
⋅
ESET Research
⋅
Industroyer2: Industroyer reloaded ArguePatch CaddyWiper Industroyer INDUSTROYER2 |
| 2022-04-12
⋅
Twitter (@silascutler)
⋅
Tweet on analysis of CADDYWIPER used alongside with INDUSTROYER2 CaddyWiper INDUSTROYER2 |
| 2022-04-12
⋅
⋅
Cert-UA
⋅
Cyberattack of Sandworm Group (UAC-0082) on energy facilities of Ukraine using malicious programs INDUSTROYER2 and CADDYWIPER (CERT-UA # 4435) CaddyWiper Industroyer INDUSTROYER2 |
| 2022-04-12
⋅
ESET Research
⋅
Industroyer2: Industroyer reloaded CaddyWiper INDUSTROYER2 |
| 2022-04-05
⋅
Morphisec
⋅
New Analysis: The CaddyWiper Malware Attacking Ukraine CaddyWiper |
| 2022-04-01
⋅
splunk
⋅
Threat Update: CaddyWiper CaddyWiper |
| 2022-03-31
⋅
eSentire
⋅
eSentire Threat Intelligence Malware Analysis: CaddyWiper CaddyWiper |
| 2022-03-26
⋅
n0p Blog
⋅
Analysis of a Caddy Wiper Sample Targeting Ukraine CaddyWiper |
| 2022-03-25
⋅
GOV.UA
⋅
Who is behind the Cyberattacks on Ukraine's Critical Information Infrastructure: Statistics for March 15-22 Xloader Agent Tesla CaddyWiper Cobalt Strike DoubleZero GraphSteel GrimPlant HeaderTip HermeticWiper IsaacWiper MicroBackdoor Pandora RAT |
| 2022-03-24
⋅
NextGov
⋅
Ukrainian Cyber Lead Says ‘At Least 4 Types of Malware’ in Use to Target Critical Infrastructure and Humanitarian Aid CaddyWiper DoubleZero HermeticWiper IsaacWiper |
| 2022-03-18
⋅
Malwarebytes
⋅
Double header: IsaacWiper and CaddyWiper CaddyWiper IsaacWiper |
| 2022-03-17
⋅
NioGuard
⋅
Analysis of CaddyWiper CaddyWiper |
| 2022-03-16
⋅
Cyber Security News
⋅
Destructive Data Wiper Malware Targeting high-profile Ukrainian Organizations CaddyWiper |
| 2022-03-15
⋅
ESET Research
⋅
CaddyWiper: New wiper malware discovered in Ukraine CaddyWiper |
| 2022-03-15
⋅
SecurityAffairs
⋅
CaddyWiper, a new data wiper hits Ukraine CaddyWiper |
| 2022-03-15
⋅
Twitter (@HackNPatch)
⋅
Tweet on Exploring CaddyWiper API resolution CaddyWiper |
| 2022-03-15
⋅
TRUESEC
⋅
Analysis of CaddyWiper, wiper targeting Ukraine CaddyWiper |
| 2022-03-15
⋅
SecurityIntelligence
⋅
CaddyWiper: Third Wiper Malware Targeting Ukrainian Organizations CaddyWiper |
| 2022-03-15
⋅
Cisco
⋅
Threat Advisory: CaddyWiper CaddyWiper |
| 2022-03-15
⋅
The Hacker News
⋅
CaddyWiper: Yet Another Data Wiping Malware Targeting Ukrainian Networks CaddyWiper |
| 2022-03-14
⋅
Cybernews
⋅
New destructive wiper malware deployed in Ukraine CaddyWiper |
| 2022-03-14
⋅
Twitter (@ESETresearch)
⋅
Tweet on CaddyWiper as 3rd destructive wiper found deployed against Ukraine CaddyWiper Sunglow Blizzard |
| 2022-03-14
⋅
Bleeping Computer
⋅
New CaddyWiper data wiping malware hits Ukrainian networks CaddyWiper |
| 2022-03-01
⋅
Marco Ramilli's Blog
⋅
DiskKill/HermeticWiper and NotPetya (Dis)similarities EternalPetya HermeticWiper |
| 2022-02-28
⋅
Microsoft
⋅
Cyber threat activity in Ukraine: analysis and resources CaddyWiper DesertBlade DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper PartyTicket WhisperGate DEV-0586 |
| 2022-02-25
⋅
UKRAINE: Timeline of Cyberattacks VPNFilter EternalPetya HermeticWiper WhisperGate |
| 2022-02-24
⋅
Talos
⋅
Threat Advisory: Current executive guidance for ongoing cyberattacks in Ukraine VPNFilter EternalPetya |
| 2022-02-24
⋅
Tesorion
⋅
Report OSINT: Russia/ Ukraine Conflict Cyberaspect Mirai VPNFilter BlackEnergy EternalPetya HermeticWiper Industroyer WhisperGate |
| 2022-02-24
⋅
nviso
⋅
Threat Update – Ukraine & Russia conflict EternalPetya GreyEnergy HermeticWiper Industroyer KillDisk WhisperGate |
| 2022-02-23
⋅
ISTARI
⋅
Re-cap: The Untold Story of NotPetya, The Most Devastating Cyberattack in History EternalPetya |
| 2021-09-09
⋅
Recorded Future
⋅
Dark Covenant: Connections Between the Russian State and Criminal Actors BlackEnergy EternalPetya Gameover P2P Zeus |
| 2021-08-05
⋅
Symantec
⋅
Attacks Against Critical Infrastructure: A Global Concern BlackEnergy DarkSide DistTrack Stuxnet |
| 2021-07-27
⋅
Blackberry
⋅
Old Dogs New Tricks: Attackers Adopt Exotic Programming Languages elf.wellmess ElectroRAT BazarNimrod Buer Cobalt Strike Remcos Snake TeleBot WellMess Zebrocy |
| 2021-05-31
⋅
Wired
⋅
Hacker Lexicon: What Is a Supply Chain Attack? EternalPetya SUNBURST |
| 2021-04-29
⋅
The Institute for Security and Technology
⋅
Combating Ransomware A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force Conti EternalPetya |
| 2020-12-21
⋅
IronNet
⋅
Russian cyber attack campaigns and actors WellMail elf.wellmess Agent.BTZ BlackEnergy EternalPetya Havex RAT Industroyer Ryuk Triton WellMess |
| 2020-11-04
⋅
Stranded on Pylos Blog
⋅
The Enigmatic Energetic Bear EternalPetya Havex RAT |
| 2020-10-19
⋅
UK Government
⋅
UK exposes series of Russian cyber attacks against Olympic and Paralympic Games VPNFilter BlackEnergy EternalPetya Industroyer |
| 2020-10-19
⋅
Wired
⋅
US Indicts Sandworm, Russia's Most Destructive Cyberwar Unit EternalPetya Olympic Destroyer |
| 2020-10-19
⋅
CyberScoop
⋅
US charges Russian GRU officers for NotPetya, other major hacks EternalPetya |
| 2020-10-19
⋅
Riskint Blog
⋅
Revisited: Fancy Bear's New Faces...and Sandworms' too BlackEnergy EternalPetya Industroyer Olympic Destroyer |
| 2020-08-29
⋅
Aguinet
⋅
Emulating NotPetya bootloader with Miasm EternalPetya |
| 2020-07-29
⋅
Kaspersky Labs
⋅
APT trends report Q2 2020 PhantomLance Dacls Penquin Turla elf.wellmess AppleJeus Dacls AcidBox Cobalt Strike Dacls EternalPetya Godlike12 Olympic Destroyer PlugX shadowhammer ShadowPad Sinowal VHD Ransomware Volgmer WellMess X-Agent XTunnel |
| 2020-07-29
⋅
Atlantic Council
⋅
BREAKING TRUST: Shades of Crisis Across an Insecure Software Supply Chain EternalPetya GoldenSpy Kwampirs Stuxnet |
| 2020-06-21
⋅
GVNSHTN
⋅
Maersk, me & notPetya EternalPetya |
| 2020-06-09
⋅
Kaspersky Labs
⋅
Looking at Big Threats Using Code Similarity. Part 1 Penquin Turla CCleaner Backdoor EternalPetya Regin WannaCryptor XTunnel |
| 2020-05-21
⋅
PICUS Security
⋅
T1055 Process Injection BlackEnergy Cardinal RAT Downdelph Emotet Kazuar RokRAT SOUNDBITE |
| 2020-03-05
⋅
Microsoft
⋅
Human-operated ransomware attacks: A preventable disaster Dharma DoppelPaymer Dridex EternalPetya Gandcrab Hermes LockerGoga MegaCortex MimiKatz REvil RobinHood Ryuk SamSam TrickBot WannaCryptor PARINACOTA |
| 2020-01-01
⋅
Secureworks
⋅
IRON VIKING BlackEnergy EternalPetya GreyEnergy Industroyer KillDisk TeleBot TeleDoor |
| 2019-08-01
⋅
Kaspersky Labs
⋅
APT trends report Q2 2019 ZooPark magecart POWERSTATS Chaperone COMpfun EternalPetya FinFisher RAT HawkEye Keylogger HOPLIGHT Microcin NjRAT Olympic Destroyer PLEAD RokRAT Triton Zebrocy |
| 2019-05-08
⋅
Verizon Communications Inc.
⋅
2019 Data Breach Investigations Report BlackEnergy Cobalt Strike DanaBot Gandcrab GreyEnergy Mirai Olympic Destroyer SamSam |
| 2019-03-11
⋅
Packt
⋅
Resecurity reports ‘IRIDUIM’ behind Citrix data breach, 200+ government agencies, oil and gas companies, and technology companies also targeted. IRIDIUM |
| 2019-03-11
⋅
Threatpost
⋅
Researcher Claims Iranian APT Behind 6TB Data Heist at Citrix IRIDIUM |
| 2019-03-08
⋅
NBC
⋅
Iranian-backed hackers stole data from major U.S. government contractor IRIDIUM |
| 2019-01-18
⋅
BLACK ENERGY – Analysis BlackEnergy |
| 2018-10-11
⋅
ESET Research
⋅
New TeleBots backdoor: First evidence linking Industroyer to NotPetya Exaramel EternalPetya Exaramel Industroyer |
| 2018-08-22
⋅
Wired
⋅
The Untold Story of NotPetya, the Most Devastating Cyberattack in History EternalPetya |
| 2018-01-13
⋅
The Washington Post
⋅
Russian military was behind ‘NotPetya’ cyberattack in Ukraine, CIA concludes EternalPetya |
| 2017-10-27
⋅
F-Secure
⋅
The big difference with Bad Rabbit EternalPetya |
| 2017-10-26
⋅
FireEye
⋅
BACKSWING - Pulling a BADRABBIT Out of a Hat EternalPetya |
| 2017-10-26
⋅
Reversing Labs
⋅
ReversingLabs' YARA rule detects BadRabbit encryption routine specifics EternalPetya |
| 2017-10-25
⋅
RiskIQ
⋅
Down the Rabbit Hole: Tracking the BadRabbit Ransomware to a Long Ongoing Campaign of Target Selection EternalPetya |
| 2017-10-24
⋅
Kaspersky Labs
⋅
Bad Rabbit ransomware EternalPetya |
| 2017-10-24
⋅
Wired
⋅
New Ransomware Linked to NotPetya Sweeps Russia and Ukraine EternalPetya |
| 2017-10-24
⋅
ESET Research
⋅
Bad Rabbit: Not‑Petya is back with improved ransomware EternalPetya |
| 2017-10-24
⋅
Intezer
⋅
NotPetya Returns as Bad Rabbit EternalPetya |
| 2017-10-24
⋅
Cisco Talos
⋅
Threat Spotlight: Follow the Bad Rabbit EternalPetya |
| 2017-10-24
⋅
ESET Research
⋅
Kiev metro hit with a new variant of the infamous Diskcoder ransomware EternalPetya |
| 2017-09-19
⋅
NCC Group
⋅
EternalGlue part one: Rebuilding NotPetya to assess real-world resilience EternalPetya |
| 2017-09-18
⋅
ThreatConnect
⋅
Casting a Light on BlackEnergy BlackEnergy |
| 2017-08-24
⋅
ESET Research
⋅
Bad Rabbit: Not‑Petya is back with improved ransomware EternalPetya Sandworm |
| 2017-08-11
⋅
Threatpost
⋅
Ukrainian Man Arrested, Charged in NotPetya Distribution EternalPetya |
| 2017-07-14
⋅
Malwarebytes
⋅
Keeping up with the Petyas: Demystifying the malware family EternalPetya GoldenEye PetrWrap Petya |
| 2017-07-05
⋅
Cisco Talos
⋅
The MeDoc Connection TeleDoor |
| 2017-07-04
⋅
Kaspersky
⋅
In ExPetr/Petya’s shadow, FakeCry ransomware wave hits Ukraine EternalPetya FakeCry |
| 2017-07-04
⋅
ESET Research
⋅
Analysis of TeleBots’ cunning backdoor TeleDoor |
| 2017-07-03
⋅
CrowdStrike
⋅
NotPetya Technical Analysis Part II: Further Findings and Potential for MBR Recovery EternalPetya |
| 2017-07-03
⋅
ESET Research
⋅
BlackEnergy – what we really know about the notorious cyber attacks BlackEnergy |
| 2017-07-03
⋅
G Data
⋅
Who is behind Petna? EternalPetya |
| 2017-07-03
⋅
The Guardian
⋅
'NotPetya' malware attacks could warrant retaliation, says Nato affiliated-researcher EternalPetya |
| 2017-06-30
⋅
Malwarebytes
⋅
EternalPetya – yet another stolen piece in the package? EternalPetya |
| 2017-06-30
⋅
ESET Research
⋅
TeleBots are back: Supply‑chain attacks against Ukraine TeleBot Sandworm |
| 2017-06-30
⋅
ESET Research
⋅
TeleBots are back: Supply‑chain attacks against Ukraine EternalPetya |
| 2017-06-30
⋅
Kaspersky Labs
⋅
From BlackEnergy to ExPetr EternalPetya |
| 2017-06-29
⋅
Malwarebytes
⋅
EternalPetya and the lost Salsa20 key EternalPetya |
| 2017-06-29
⋅
NonPetya: no evidence it was a "smokescreen" EternalPetya |
| 2017-06-29
⋅
Bleeping Computer
⋅
Ransomware Attacks Continue in Ukraine with Mysterious WannaCry Clone EternalPetya |
| 2017-06-29
⋅
Microsoft
⋅
Windows 10 platform resilience against the Petya ransomware attack EternalPetya |
| 2017-06-28
⋅
Why NotPetya Kept Me Awake (& You Should Worry Too) EternalPetya |
| 2017-06-28
⋅
Kaspersky Labs
⋅
ExPetr/Petya/NotPetya is a Wiper, Not Ransomware EternalPetya |
| 2017-06-28
⋅
CrowdStrike
⋅
CrowdStrike Protects Against NotPetya Attack EternalPetya |
| 2017-06-27
⋅
SANS
⋅
Checking out the new Petya variant EternalPetya |
| 2017-06-27
⋅
Kaspersky Labs
⋅
Schroedinger’s Pet(ya) EternalPetya |
| 2017-06-27
⋅
Medium thegrugq
⋅
Pnyetya: Yet Another Ransomware Outbreak EternalPetya |
| 2017-06-27
⋅
ESET Research
⋅
New WannaCryptor‑like ransomware attack hits globally: All you need to know EternalPetya Sandworm |
| 2017-05-31
⋅
MITRE
⋅
Sandworm Team CyclopsBlink Exaramel BlackEnergy EternalPetya Exaramel GreyEnergy KillDisk MimiKatz Olympic Destroyer Sandworm |
| 2017-01-05
⋅
ESET Research
⋅
KillDisk now targeting Linux: Demands $250K ransom, but can’t decrypt KillDisk Sandworm |
| 2016-12-13
⋅
ESET Research
⋅
The rise of TeleBots: Analyzing disruptive KillDisk attacks KillDisk TeleBot Sandworm |
| 2016-12-13
⋅
ESET Research
⋅
The rise of TeleBots: Analyzing disruptive KillDisk attacks Credraptor KillDisk TeleBot |
| 2016-01-28
⋅
Kaspersky Labs
⋅
BlackEnergy APT Attacks in Ukraine employ spearphishing with Word documents BlackEnergy |
| 2015-02-17
⋅
Kaspersky Labs
⋅
BE2 extraordinary plugins, Siemens targeting, dev fails BlackEnergy |
| 2014-11-03
⋅
Kaspersky Labs
⋅
BE2 custom plugins, router abuse, and target profiles BlackEnergy |
| 2014-10-14
⋅
ESET Research
⋅
CVE‑2014‑4114: Details on August BlackEnergy PowerPoint Campaigns BlackEnergy |
| 2010-07-15
⋅
Kaspersky Labs
⋅
Black DDoS BlackEnergy |
| 2010-03-03
⋅
FireEye
⋅
Black Energy Crypto BlackEnergy |
| 2010-03-03
⋅
Secureworks
⋅
BlackEnergy Version 2 Threat Analysis BlackEnergy |
| 2007-10-01
⋅
Arbor Networks
⋅
BlackEnergy DDoS Bot Analysis BlackEnergy |