Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-20Check Point ResearchCheckpoint Research
@online{research:20230920:behind:b3bd2a2, author = {Checkpoint Research}, title = {{Behind the Scenes of BBTok: Analyzing a Banker’s Server Side Components}}, date = {2023-09-20}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/behind-the-scenes-of-bbtok-analyzing-a-bankers-server-side-components/}, language = {English}, urldate = {2023-09-25} } Behind the Scenes of BBTok: Analyzing a Banker’s Server Side Components
BBtok
2023-07-03Check Point ResearchCheckpoint Research
@online{research:20230703:chinese:b18e8f3, author = {Checkpoint Research}, title = {{Chinese Threat Actors Targeting Europe in SmugX Campaign}}, date = {2023-07-03}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/chinese-threat-actors-targeting-europe-in-smugx-campaign/}, language = {English}, urldate = {2023-07-08} } Chinese Threat Actors Targeting Europe in SmugX Campaign
PlugX SmugX
2023-06-08Check Point ResearchCheckpoint Research
@online{research:20230608:stealth:5aba5ab, author = {Checkpoint Research}, title = {{Stealth Soldier Backdoor Used in Targeted Espionage Attacks in North Africa}}, date = {2023-06-08}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/stealth-soldier-backdoor-used-in-targeted-espionage-attacks-in-north-africa/}, language = {English}, urldate = {2023-06-09} } Stealth Soldier Backdoor Used in Targeted Espionage Attacks in North Africa
Stealth Soldier
2023-05-24Check Point ResearchMarc Salinas Fernandez, Jiri Vinopal
@online{fernandez:20230524:agrius:5c033e5, author = {Marc Salinas Fernandez and Jiri Vinopal}, title = {{Agrius Deploys MoneyBird in Targeted Attacks against Israeli Organizations}}, date = {2023-05-24}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/agrius-deploys-moneybird-in-targeted-attacks-against-israeli-organizations/}, language = {English}, urldate = {2023-06-01} } Agrius Deploys MoneyBird in Targeted Attacks against Israeli Organizations
2023-05-16Check Point ResearchItay Cohen, Radoslaw Madej
@online{cohen:20230516:dragon:a2ec63b, author = {Itay Cohen and Radoslaw Madej}, title = {{The Dragon Who Sold his Camaro: Analyzing a Custom Router Implant}}, date = {2023-05-16}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/the-dragon-who-sold-his-camaro-analyzing-custom-router-implant/}, language = {English}, urldate = {2023-06-01} } The Dragon Who Sold his Camaro: Analyzing a Custom Router Implant
Horse Shell
2023-05-04Check Point ResearchAlex Shamshur, Sam Handelman, Raman Ladutska
@online{shamshur:20230504:eastern:30d81b9, author = {Alex Shamshur and Sam Handelman and Raman Ladutska}, title = {{Eastern Asian Android Assault - FluHorse}}, date = {2023-05-04}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/eastern-asian-android-assault-fluhorse/}, language = {English}, urldate = {2023-05-10} } Eastern Asian Android Assault - FluHorse
FluHorse
2023-05-01Check Point ResearchCheck Point Research
@online{research:20230501:chain:855e7fa, author = {Check Point Research}, title = {{Chain Reaction: RokRAT's Missing Link}}, date = {2023-05-01}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/chain-reaction-rokrats-missing-link/}, language = {English}, urldate = {2023-05-02} } Chain Reaction: RokRAT's Missing Link
Amadey RokRAT
2023-04-18Check Point ResearchShavit Yosef
@online{yosef:20230418:raspberry:b2dac9b, author = {Shavit Yosef}, title = {{Raspberry Robin: Anti-Evasion How-To & Exploit Analysis}}, date = {2023-04-18}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/raspberry-robin-anti-evasion-how-to-exploit-analysis/}, language = {English}, urldate = {2023-04-22} } Raspberry Robin: Anti-Evasion How-To & Exploit Analysis
Raspberry Robin
2023-04-04Check Point ResearchJiří Vinopal
@online{vinopal:20230404:rorschach:ab54ad3, author = {Jiří Vinopal}, title = {{Rorschach – A New Sophisticated and Fast Ransomware}}, date = {2023-04-04}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/rorschach-a-new-sophisticated-and-fast-ransomware/}, language = {English}, urldate = {2023-04-06} } Rorschach – A New Sophisticated and Fast Ransomware
Rorschach Ransomware
2023-03-27Check Point ResearchCheckpoint Research
@online{research:20230327:rhadamanthys:813d37c, author = {Checkpoint Research}, title = {{Rhadamanthys: The “Everything Bagel” Infostealer}}, date = {2023-03-27}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/rhadamanthys-the-everything-bagel-infostealer/}, language = {English}, urldate = {2023-04-22} } Rhadamanthys: The “Everything Bagel” Infostealer
Rhadamanthys
2023-03-15Check Point ResearchJiří Vinopal
@online{vinopal:20230315:dotrunpex:6491e1e, author = {Jiří Vinopal}, title = {{DotRunPEX - Demystifying New Virtualized .NET Injector used in the Wild}}, date = {2023-03-15}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/dotrunpex-demystifying-new-virtualized-net-injector-used-in-the-wild/}, language = {English}, urldate = {2023-03-20} } DotRunPEX - Demystifying New Virtualized .NET Injector used in the Wild
2023-03-14Check Point ResearchBohdan Melnykov, Raman Ladutska
@online{melnykov:20230314:south:327b0f8, author = {Bohdan Melnykov and Raman Ladutska}, title = {{South Korean Android Banking Menace - Fakecalls}}, date = {2023-03-14}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/south-korean-android-banking-menace-fakecalls/}, language = {English}, urldate = {2023-05-08} } South Korean Android Banking Menace - Fakecalls
Fakecalls
2023-03-07Check Point ResearchCheck Point Research
@online{research:20230307:pandas:2e3c757, author = {Check Point Research}, title = {{Pandas with a Soul: Chinese Espionage Attacks Against Southeast Asian Government Entities}}, date = {2023-03-07}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/pandas-with-a-soul-chinese-espionage-attacks-against-southeast-asian-government-entities/}, language = {English}, urldate = {2023-07-24} } Pandas with a Soul: Chinese Espionage Attacks Against Southeast Asian Government Entities
5.t Downloader 8.t Dropper Soul
2023-02-16Check Point ResearchCheckpoint, Check Point Research
@online{checkpoint:20230216:operation:9eb0b67, author = {Checkpoint and Check Point Research}, title = {{Operation Silent Watch: Desktop Surveillance in Azerbaijan and Armenia}}, date = {2023-02-16}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/operation-silent-watch-desktop-surveillance-in-azerbaijan-and-armenia/}, language = {English}, urldate = {2023-02-17} } Operation Silent Watch: Desktop Surveillance in Azerbaijan and Armenia
OxtaRAT
2022-12-15Check Point ResearchCheck Point Research
@online{research:20221215:mobile:b80bb77, author = {Check Point Research}, title = {{Mobile #AlienBot malware starts utilizing an incorporated DGA module}}, date = {2022-12-15}, organization = {Check Point Research}, url = {https://twitter.com/_CPResearch_/status/1603375823448317953}, language = {English}, urldate = {2023-01-05} } Mobile #AlienBot malware starts utilizing an incorporated DGA module
Alien
2022-09-22Check PointCheck Point Research
@online{research:20220922:7:f4a6cdb, author = {Check Point Research}, title = {{7 Years of Scarlet Mimic’s Mobile Surveillance Campaign Targeting Uyghurs}}, date = {2022-09-22}, organization = {Check Point}, url = {https://research.checkpoint.com/2022/never-truly-left-7-years-of-scarlet-mimics-mobile-surveillance-campaign-targeting-uyghurs/}, language = {English}, urldate = {2022-09-26} } 7 Years of Scarlet Mimic’s Mobile Surveillance Campaign Targeting Uyghurs
MobileOrder
2022-09-06Check PointCheck Point Research
@online{research:20220906:dangeroussavanna:5bec8b7, author = {Check Point Research}, title = {{DangerousSavanna: Two-year long campaign targets financial institutions in French-speaking Africa}}, date = {2022-09-06}, organization = {Check Point}, url = {https://research.checkpoint.com/2022/dangeroussavanna-two-year-long-campaign-targets-financial-institutions-in-french-speaking-africa/}, language = {English}, urldate = {2022-09-07} } DangerousSavanna: Two-year long campaign targets financial institutions in French-speaking Africa
AsyncRAT Meterpreter PoshC2 DangerousSavanna
2022-08-29Check PointMoshe Marelus
@online{marelus:20220829:check:4b8b83f, author = {Moshe Marelus}, title = {{Check Point Research detects Crypto Miner malware disguised as Google translate desktop and other legitimate applications}}, date = {2022-08-29}, organization = {Check Point}, url = {https://research.checkpoint.com/2022/check-point-research-detects-crypto-miner-malware-disguised-as-google-translate-desktop-and-other-legitimate-applications}, language = {English}, urldate = {2022-08-31} } Check Point Research detects Crypto Miner malware disguised as Google translate desktop and other legitimate applications
Nitrokod
2022-07-13Check PointCheck Point Research
@online{research:20220713:hit:79199ac, author = {Check Point Research}, title = {{A Hit is made: Suspected India-based Sidewinder APT successfully cyber attacks Pakistan military focused targets}}, date = {2022-07-13}, organization = {Check Point}, url = {https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/}, language = {English}, urldate = {2022-07-15} } A Hit is made: Suspected India-based Sidewinder APT successfully cyber attacks Pakistan military focused targets
Unidentified 093 (Sidewinder)
2022-06-28Twitter (@_CPResearch_)Check Point Research
@online{research:20220628:malware:896fb41, author = {Check Point Research}, title = {{Tweet on malware used against Steel Industry in Iran}}, date = {2022-06-28}, organization = {Twitter (@_CPResearch_)}, url = {https://twitter.com/_cpresearch_/status/1541753913732366338}, language = {English}, urldate = {2022-07-25} } Tweet on malware used against Steel Industry in Iran
Meteor Predatory Sparrow