Malpedia Library

Click here to download all references as Bib-File.•

2025-03-25 ⋅ JPCERT/CC ⋅ Hayato Sasaki
Tempted to Classifying APT Actors: Practical Challenges of Attribution in the Case of Lazarus’s Subgroup

2025-03-25 ⋅ Kaspersky Labs ⋅ Boris Larin, Igor Kuznetsov
Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

2025-03-24 ⋅ SYGNIA ⋅ Sygnia Team
Weaver Ant, the Web Shell Whisperer: Tracking a Live China-nexus Operation
CHINACHOPPER reGeorg

2025-03-20 ⋅ ESET Research ⋅ Matthieu Faou
Operation FishMedley
ShadowPad SodaMaster Spyder

2025-03-20 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White, Jungsoo An, Vitor Ventura
UAT-5918 targets critical infrastructure entities in Taiwan
LaZagne JuicyPotato Meterpreter MimiKatz

2025-03-18 ⋅ Trellix ⋅ Jambul Tologonov, John Fokker
Analysis of Black Basta Ransomware Chat Leaks
Black Basta Black Basta

2025-03-18 ⋅ Expel ⋅ AARON WALTON
Code-signing certificate abuse in the Black Basta chat leaks (and how to fight back)
Black Basta Black Basta

2025-03-18 ⋅ WeLiveSecurity ⋅ Dominik Breitenbacher
Operation AkaiRyū: MirrorFace invites Europe to Expo 2025 and revives ANEL backdoor
Anel AsyncRAT

2025-03-17 ⋅ Cloudflare ⋅ Cloudflare
Black Basta’s blunder: exploiting the gang’s leaked chats
Black Basta Black Basta

2025-03-16 ⋅ SYGNIA ⋅ Sygnia Team
Bybit – What We Know So Far

2025-03-14 ⋅ VitalDigitalForensics ⋅ v4ensics
Lumma Stealer – A tale that starts with a fake Captcha
Lumma Stealer

2025-03-14 ⋅ Trend Micro ⋅ Adam O'Connor, Ian Kenefick, Jack Walsh, Laura Medina, Lucas Silva
SocGholish’s Intrusion Techniques Facilitate Distribution of RansomHub Ransomware
FAKEUPDATES RansomHub

2025-03-14 ⋅ Twitter (@CERTCyberdef) ⋅ Alexandre Matousek, Marine PICHON
Tweet on Emmenhtal v3
Emmenhtal Lumma Stealer Rhadamanthys

2025-03-13 ⋅ Securonix ⋅ Den Iyzvyk, Tim Peck
Analyzing OBSCURE#BAT Threat Actors Lure Victims into Executing Malicious Batch Scripts to Deploy Stealthy Rootkits
Quasar RAT r77

2025-03-13 ⋅ EclecticIQ ⋅ Arda Büyükkaya
Inside BRUTED: Black Basta (RaaS) Members Used Automated Brute Forcing Framework to Target Edge Network Devices
Black Basta

2025-03-13 ⋅ Forescout ⋅ Forescout Research, Sai Molige
New Ransomware Operator Exploits Fortinet Vulnerability Duo
BlackMatter LockBit Mora_001

2025-03-13 ⋅ Group-IB ⋅ Group-IB
ClickFix: The Social Engineering Technique Hackers Use to Manipulate Victims
Emmenhtal Lumma Stealer

2025-03-13 ⋅ Linkedin (ThreatMon) ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Chrome DLL Manipulation Attack Exposed

2025-03-12 ⋅ Youtube (AhmedS Kasmani) ⋅ AhmedS Kasmani
Initial Analysis of Black Basta Chat Leaks
Black Basta Black Basta

2025-03-12 ⋅ YouTube (John Hammond) ⋅ John Hammond
LEAKED Russian Hackers Internal Chats
Black Basta Black Basta