Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-06FlashpointFlashpoint
@online{flashpoint:20230306:private:ad3b11a, author = {Flashpoint}, title = {{Private Malware for Sale: A Closer Look at AresLoader}}, date = {2023-03-06}, organization = {Flashpoint}, url = {https://flashpoint.io/blog/private-malware-for-sale-aresloader/}, language = {English}, urldate = {2023-04-08} } Private Malware for Sale: A Closer Look at AresLoader
AresLoader
2022-02-09FlashpointFlashpoint
@online{flashpoint:20220209:russia:3367b7a, author = {Flashpoint}, title = {{Russia Seizes Ferum, Sky-Fraud, UAS, and Trump’s Dumps—and Signals More Takedowns to Come}}, date = {2022-02-09}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/press-post/russia-seizes-ferum-skyfraud-uas-trumpsdumps-carding-forums/}, language = {English}, urldate = {2022-02-14} } Russia Seizes Ferum, Sky-Fraud, UAS, and Trump’s Dumps—and Signals More Takedowns to Come
2021-11-16FlashpointFlashpoint
@online{flashpoint:20211116:ramp:c1804cf, author = {Flashpoint}, title = {{RAMP Ransomware’s Apparent Overture to Chinese Threat Actors}}, date = {2021-11-16}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/ramp-ransomware-chinese-threat-actors/}, language = {English}, urldate = {2021-11-18} } RAMP Ransomware’s Apparent Overture to Chinese Threat Actors
2021-10-18FlashpointFlashpoint
@online{flashpoint:20211018:revil:104ed52, author = {Flashpoint}, title = {{REvil Disappears Again: ‘Something Is Rotten in the State of Ransomware’}}, date = {2021-10-18}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/revil-disappears-again/}, language = {English}, urldate = {2021-10-24} } REvil Disappears Again: ‘Something Is Rotten in the State of Ransomware’
REvil REvil
2021-09-29FlashpointFlashpoint
@online{flashpoint:20210929:russian:565e147, author = {Flashpoint}, title = {{Russian hacker Q&A: An Interview With REvil-Affiliated Ransomware Contractor}}, date = {2021-09-29}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/interview-with-revil-affiliated-ransomware-contractor/}, language = {English}, urldate = {2021-10-26} } Russian hacker Q&A: An Interview With REvil-Affiliated Ransomware Contractor
REvil REvil
2021-09-28FlashpointFlashpoint
@online{flashpoint:20210928:revils:ffcbfac, author = {Flashpoint}, title = {{REvil’s “Cryptobackdoor” Con: Ransomware Group’s Tactics Roil Affiliates, Sparking a Fallout}}, date = {2021-09-28}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/revils-cryptobackdoor-con-ransomware-groups-tactics-roil-affiliates-sparking-a-fallout/}, language = {English}, urldate = {2021-10-13} } REvil’s “Cryptobackdoor” Con: Ransomware Group’s Tactics Roil Affiliates, Sparking a Fallout
REvil
2021-08-10FlashpointFlashpoint
@online{flashpoint:20210810:revil:8be7760, author = {Flashpoint}, title = {{REvil Master Key for Kaseya Attack Posted to XSS}}, date = {2021-08-10}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/possible-universal-revil-master-key-posted-to-xss/}, language = {English}, urldate = {2021-08-11} } REvil Master Key for Kaseya Attack Posted to XSS
REvil
2021-07-27FlashpointFlashpoint
@online{flashpoint:20210727:chatter:08a4080, author = {Flashpoint}, title = {{Chatter Indicates BlackMatter as REvil Successor}}, date = {2021-07-27}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/chatter-indicates-blackmatter-as-revil-successor/}, language = {English}, urldate = {2021-08-02} } Chatter Indicates BlackMatter as REvil Successor
REvil
2021-05-25Flashpoint, Chainalysis
@techreport{flashpoint:20210525:hydra:2088738, author = {Flashpoint and Chainalysis}, title = {{Hydra: Where The Crypto Money Laundering Trail Goes Dark}}, date = {2021-05-25}, institution = {}, url = {https://storage.pardot.com/272312/1621903351Nn9y2MzH/Flashpoint_Chainalysis_Hydra_Crypto_Cybercrime_Research.pdf}, language = {English}, urldate = {2021-05-26} } Hydra: Where The Crypto Money Laundering Trail Goes Dark
2021-05-11FlashpointFlashpoint
@online{flashpoint:20210511:darkside:32c4e89, author = {Flashpoint}, title = {{DarkSide Ransomware Links to REvil Group Difficult to Dismiss}}, date = {2021-05-11}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/darkside-ransomware-links-to-revil-difficult-to-dismiss/}, language = {English}, urldate = {2021-05-13} } DarkSide Ransomware Links to REvil Group Difficult to Dismiss
DarkSide REvil
2021-04-30FlashpointFlashpoint
@online{flashpoint:20210430:second:53c20b4, author = {Flashpoint}, title = {{A Second Iranian State-Sponsored Ransomware Operation “Project Signal” Emerges}}, date = {2021-04-30}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/second-iranian-ransomware-operation-project-signal-emerges/}, language = {English}, urldate = {2021-05-03} } A Second Iranian State-Sponsored Ransomware Operation “Project Signal” Emerges
2021-03-11FlashpointFlashpoint
@online{flashpoint:20210311:cl0p:666bd6f, author = {Flashpoint}, title = {{CL0P and REvil Escalate Their Ransomware Tactics}}, date = {2021-03-11}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/cl0p-and-revil-escalate-their-ransomware-tactics/}, language = {English}, urldate = {2021-03-12} } CL0P and REvil Escalate Their Ransomware Tactics
Clop REvil
2021-03-04FlashpointFlashpoint
@online{flashpoint:20210304:breaking:f6dfffc, author = {Flashpoint}, title = {{Breaking: Elite Cybercrime Forum “Maza” Breached by Unknown Attacker}}, date = {2021-03-04}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/breelite-cybercrime-forum-maza-breached-by-unknown-attacker/}, language = {English}, urldate = {2021-03-04} } Breaking: Elite Cybercrime Forum “Maza” Breached by Unknown Attacker
2021-02-23FlashpointFlashpoint
@online{flashpoint:20210223:new:4f8b993, author = {Flashpoint}, title = {{New Mysterious Operators Usurp Elite Russian Hacker Forum “Verified”}}, date = {2021-02-23}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/new-mysterious-operators-usurp-elite-russian-hacker-forum-verified/}, language = {English}, urldate = {2021-02-25} } New Mysterious Operators Usurp Elite Russian Hacker Forum “Verified”
2020-07FlashpointFlashpoint
@techreport{flashpoint:202007:zeppelin:8c54ff6, author = {Flashpoint}, title = {{Zeppelin Ransomware Analysis}}, date = {2020-07}, institution = {Flashpoint}, url = {https://storage.pardot.com/272312/124918/Flashpoint_Hunt_Team___Zeppelin_Ransomware_Analysis.pdf}, language = {English}, urldate = {2020-08-14} } Zeppelin Ransomware Analysis
2019-03-20FlashpointJoshua Platt, Jason Reaves
@online{platt:20190320:fin7:bac265f, author = {Joshua Platt and Jason Reaves}, title = {{FIN7 Revisited: Inside Astra Panel and SQLRat Malware}}, date = {2019-03-20}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/fin7-revisited:-inside-astra-panel-and-sqlrat-malware/}, language = {English}, urldate = {2019-12-18} } FIN7 Revisited: Inside Astra Panel and SQLRat Malware
DNSRat TinyMet
2019-03-20FlashpointJoshua Platt, Jason Reaves
@online{platt:20190320:fin7:a7fe335, author = {Joshua Platt and Jason Reaves}, title = {{FIN7 Revisited: Inside Astra Panel and SQLRat Malware}}, date = {2019-03-20}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/fin7-revisited-inside-astra-panel-and-sqlrat-malware/}, language = {English}, urldate = {2020-01-10} } FIN7 Revisited: Inside Astra Panel and SQLRat Malware
SQLRat FIN7
2019-03-13FlashpointJason Reaves, Joshua Platt
@online{reaves:20190313:dmsniff:47a2734, author = {Jason Reaves and Joshua Platt}, title = {{‘DMSniff’ POS Malware Actively Leveraged to Target Small-, Medium-Sized Businesses}}, date = {2019-03-13}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/dmsniff-pos-malware-actively-leveraged-target-medium-sized-businesses/}, language = {English}, urldate = {2019-12-18} } ‘DMSniff’ POS Malware Actively Leveraged to Target Small-, Medium-Sized Businesses
DMSniff
2019-01-15FlashpointVitali Kremez
@online{kremez:20190115:disclosure:0e74c4e, author = {Vitali Kremez}, title = {{Disclosure of Chilean Redbanc Intrusion Leads to Lazarus Ties}}, date = {2019-01-15}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/disclosure-chilean-redbanc-intrusion-lazarus-ties/}, language = {English}, urldate = {2019-08-08} } Disclosure of Chilean Redbanc Intrusion Leads to Lazarus Ties
PowerRatankba
2018-09-12FlashpointPaul Burbage, Mike Mimoso
@online{burbage:20180912:malware:5b7d58a, author = {Paul Burbage and Mike Mimoso}, title = {{Malware Campaign Targeting Jaxx Cryptocurrency Wallet Users Shut Down}}, date = {2018-09-12}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/malware-campaign-targets-jaxx-cryptocurrency-wallet-users/}, language = {English}, urldate = {2020-01-08} } Malware Campaign Targeting Jaxx Cryptocurrency Wallet Users Shut Down
KPOT Stealer