Malpedia Library

Click here to download all references as Bib-File.•

2022-09-13 ⋅ AdvIntel ⋅ Advanced Intelligence
AdvIntel's State of Emotet aka "SpmTools" Displays Over Million Compromised Machines Through 2022
Conti Cobalt Strike Emotet Ryuk TrickBot

2022-07-20 ⋅ Advanced Intelligence ⋅ Marley Smith, Vitali Kremez, Yelisey Boguslavskiy
Anatomy of Attack: Truth Behind the Costa Rica Government Ransomware 5-Day Intrusion
Cobalt Strike

2022-05-17 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
Hydra with Three Heads: BlackByte & The Future of Ransomware Subsidiary Groups
BlackByte Conti

2022-02-16 ⋅ Advanced Intelligence ⋅ Yelisey Boguslavskiy
The TrickBot Saga’s Finale Has Aired: Spinoff is Already in the Works
TrickBot

2022-01-14 ⋅ Advanced Intelligence ⋅ Yelisey Boguslavskiy
Storm in "Safe Haven": Takeaways from Russian Authorities Takedown of REvil
REvil REvil

2021-12-17 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
Ransomware Advisory: Log4Shell Exploitation for Initial Access & Lateral Movement
Conti

2021-11-20 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
Corporate Loader "Emotet": History of "X" Project Return for Ransomware
Emotet

2021-09-29 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
Backup “Removal” Solutions - From Conti Ransomware With Love
Cobalt Strike Conti

2021-09-09 ⋅ Advanced Intelligence ⋅ Anastasia Sentsova, Yelisey Boguslavskiy
Groove VS Babuk; Groove Ransom Manifesto & RAMP Underground Platform Secret Inner Workings
Babuk Babuk

2021-08-26 ⋅ Advanced Intelligence ⋅ Anastasia Sentsova
From Russia With… LockBit Ransomware: Inside Look & Preventive Solutions
LockBit

2021-08-17 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
Hunting for Corporate Insurance Policies: Indicators of [Ransom] Exfiltration
Cobalt Strike Conti

2021-08-11 ⋅ Advanced Intelligence ⋅ Vitali Kremez
Secret "Backdoor" Behind Conti Ransomware Operation: Introducing Atera Agent
Cobalt Strike Conti

2021-07-14 ⋅ Advanced Intelligence ⋅ AdvIntel Security & Development Team, Yelisey Boguslavskiy
REvil Vanishes From Underground - Infrastructure Down
REvil

2021-06-30 ⋅ Advanced Intelligence ⋅ AdvIntel Security & Development Team, Brandon Rudisel, Yelisey Boguslavskiy
Ransomware-&-CVE: Industry Insights Into Exclusive High-Value Target Adversarial Datasets
BlackKingdom Ransomware Clop dearcry Hades REvil

2021-06-16 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
The Rise & Demise of Multi-Million Ransomware Business Empire
Avaddon

2021-06-08 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
From QBot...with REvil Ransomware: Initial Attack Exposure of JBS
QakBot REvil

2021-05-14 ⋅ Advanced Intelligence ⋅ Vitali Kremez
From Dawn to "Silent Night": "DarkSide Ransomware" Initial Attack Vector Evolution
DarkSide

2021-04-17 ⋅ Advanced Intelligence ⋅ Al Calleo, Vitali Kremez, Yelisey Boguslavskiy
Adversary Dossier: Ryuk Ransomware Anatomy of an Attack in 2021
Ryuk

2021-02-01 ⋅ Twitter (@IntelAdvanced) ⋅ Advanced Intelligence
Tweet on Active Directory Exploitation by RYUK "one" group
Ryuk

2021-01-25 ⋅ Twitter (@IntelAdvanced) ⋅ Advanced Intelligence
Tweet on Ryuk Ransomware group's post exploitation tactics including usage of Keethief tool
Ryuk

2021-01-07 ⋅ Advanced Intelligence ⋅ Brian Carter, HYAS, Vitali Kremez
Crime Laundering Primer: Inside Ryuk Crime (Crypto) Ledger & Risky Asian Crypto Traders
Ryuk

2020-11-06 ⋅ Advanced Intelligence ⋅ Vitali Kremez
Anatomy of Attack: Inside BazarBackdoor to Ryuk Ransomware "one" Group via Cobalt Strike
BazarBackdoor Cobalt Strike Ryuk

2020-10-12 ⋅ Advanced Intelligence ⋅ Roman Marshanski, Vitali Kremez
"Front Door" into BazarBackdoor: Stealthy Cybercrime Weapon
BazarBackdoor Cobalt Strike Ryuk

2020-07-15 ⋅ Advanced Intelligence ⋅ Samantha van de Ven, Yelisey Boguslavskiy
Inside REvil Extortionist “Machine”: Predictive Insights
Gandcrab REvil

2020-07-11 ⋅ Advanced Intelligence ⋅ Vitali Kremez
TrickBot Group Launches Test Module Alerting on Fraud Activity
TrickBot

2020-07-10 ⋅ Advanced Intelligence ⋅ Advanced Intelligence
The Dark Web of Intrigue: How REvil Used the Underground Ecosystem to Form an Extortion Cartel
Gandcrab REvil

2020-05-19 ⋅ Advanced Intelligence ⋅ Advanced Intelligence, Bridgit Sullivan, Daniel Frey
NetWalker Ransomware Group Enters Advanced Targeting “Game”
Mailto

2020-04-24 ⋅ Advanced Intelligence ⋅ Bridgit Sullivan
Inside "Phobos" Ransomware: "Dharma" Past & Underground
Dharma Phobos

2019-05-09 ⋅ Advanced Intelligence ⋅ Advanced Intelligence
Top-Tier Russian Hacking Collective Claims Breaches of Three Major Anti-Virus Companies
Fxmsp