Malpedia Library

Click here to download all references as Bib-File.•

2025-04-01 ⋅ ZW01f ⋅ Mohamed Ezat
Auto-color - Linux backdoor
Auto-Color

2025-03-31 ⋅ GootLoader Wordpress ⋅ gootloadersites
Gootloader Returns: Malware Hidden in Google Ads for Legal Documents
GootLoader

2025-03-28 ⋅ Intrinsec ⋅ David Sardinha
From espionage to PsyOps: Tracking operations and bulletproof providers of UACs in 2025
sLoad NetSupportManager RAT Remcos SmokeLoader

2025-03-26 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Raton / Silly - Remote Access Trojan | Technical Malware Analysis Report
AsyncRAT

2025-03-26 ⋅ ⋅ ISH Tecnologia ⋅ 0x0d4y, Ismael Rocha
Lynx Ransomware: Learn details about the operation and how to mitigate this threat
Lynx

2025-03-26 ⋅ Zscaler ⋅ Brett Stone-Gross
CoffeeLoader: A Brew of Stealthy Techniques
CoffeeLoader

2025-03-26 ⋅ Twitter (@MalGamy12) ⋅ Gameel Ali
Tweet about RALord ransomware
RALord

2025-03-25 ⋅ JPCERT/CC ⋅ Hayato Sasaki
Tempted to Classifying APT Actors: Practical Challenges of Attribution in the Case of Lazarus’s Subgroup

2025-03-25 ⋅ DomainTools ⋅ DomainTools
Phishing Campaign Targets Defense and Aerospace Firms Linked to Ukraine Conflict

2025-03-25 ⋅ Kaspersky Labs ⋅ Boris Larin, Igor Kuznetsov
Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

2025-03-25 ⋅ SpyCloud ⋅ James
On the Hunt for Ghost(Socks)
GhostSocks

2025-03-24 ⋅ SYGNIA ⋅ Sygnia Team
Weaver Ant, the Web Shell Whisperer: Tracking a Live China-nexus Operation
CHINACHOPPER reGeorg

2025-03-23 ⋅ AviaB ⋅ AviaB
Analyzing Vidar Stealer
Vidar

2025-03-20 ⋅ ESET Research ⋅ Matthieu Faou
Operation FishMedley
ShadowPad SodaMaster Spyder

2025-03-20 ⋅ Cisco Talos ⋅ Asheer Malhotra, Brandon White, Jungsoo An, Vitor Ventura
UAT-5918 targets critical infrastructure entities in Taiwan
LaZagne JuicyPotato Meterpreter MimiKatz

2025-03-20 ⋅ Denwp Research ⋅ Tonmoy Jitu
Reversing FUD AMOS Stealer
AMOS

2025-03-18 ⋅ Trellix ⋅ Jambul Tologonov, John Fokker
Analysis of Black Basta Ransomware Chat Leaks
Black Basta Black Basta

2025-03-18 ⋅ Expel ⋅ AARON WALTON
Code-signing certificate abuse in the Black Basta chat leaks (and how to fight back)
Black Basta Black Basta

2025-03-18 ⋅ WeLiveSecurity ⋅ Dominik Breitenbacher
Operation AkaiRyū: MirrorFace invites Europe to Expo 2025 and revives ANEL backdoor
Anel AsyncRAT

2025-03-17 ⋅ Cloudflare ⋅ Cloudflare
Black Basta’s blunder: exploiting the gang’s leaked chats
Black Basta Black Basta