Malpedia Library

2025-03-15 ⋅ Github (TheRavenFile) ⋅ Rakesh Krishnan
IoCs for Anubis Backdoor
Anubis Backdoor

2025-03-11 ⋅ Github (prodaft) ⋅ PRODAFT
IOCs for Anubis Backdoor
Anubis Backdoor

2025-03-11 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks
AsyncRAT NjRAT Quasar RAT Remcos

2025-03-11 ⋅ Trend Micro ⋅ Cj Arsley Mateo, Darrel Tristan Virtusio, Jacob Santos, Junestherry Dela Cruz, Paul John Bardon
AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution
Lumma Stealer SmartLoader

2025-03-04 ⋅ Nisos ⋅ Nisos
Likely DPRK Network Backstops on GitHub, Targets Companies Globally

2025-03-04 ⋅ Github (prodaft) ⋅ PRODAFT
Ragnar Loader Indicators of Compromise (IOC)
Unidentified 103 (FIN8)

2025-02-27 ⋅ Github (knight0x07) ⋅ neeraj
NailaoLoader: Hiding Execution Flow via Patching
NailaoLocker

2025-02-24 ⋅ Kaspersky Labs ⋅ Georgy Kucherin, João Godinho
The GitVenom campaign: cryptocurrency theft using GitHub
AsyncRAT Quasar RAT

2025-02-23 ⋅ Github (albertzsigovits) ⋅ Albert Zsigovits
ToxicEye RAT config extraction and YARA signatures
ToxicEye

2025-02-11 ⋅ Github (SecurityBlueTeam) ⋅ Security Blue Team
Smartloader Wireshark plugin
SmartLoader

2025-02-08 ⋅ Github (@Jenderal92) ⋅ Jenderal92
Github Repository for Shin Webshell
php.shin_webshell

2025-01-23 ⋅ Github (PaloAltoNetworks) ⋅ Brad Duncan
Cluster of Infrastructure likely used by Affiliate of Dark Scorpius (Black Basta)
ReedBed

2025-01-19 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick 44: Stealing data via legit GitHub API. Simple C example.
OceanLotus BitRAT RecordBreaker

2024-12-06 ⋅ Github (VenzoV) ⋅ VenzoV
Shellcode Loader Delivering XWorm
XWorm

2024-10-17 ⋅ Github (ssrdio) ⋅ Gregor Spagnolo
Analysis of BeaverTail & InvisibleFerret activity
BeaverTail InvisibleFerret

2024-10-03 ⋅ GitHub (dstepanic) ⋅ Daniel Stepanic
Getting Cozy with Milk and WARMCOOKIES
WarmCookie

2024-09-09 ⋅ Github (itaymigdal) ⋅ Itay Migdal
Poshito - New Telegram C2

2024-08-22 ⋅ Github (X-ZIGZAG) ⋅ X-ZIGZAG
Github Repository for X-ZIGZAG
X-ZIGZAG

2024-06-25 ⋅ Hunt.io ⋅ Hunt.io
Good Game, Gone Bad: Xeno RAT Spread Via .gg Domains and GitHub
XenoRAT

2024-06-13 ⋅ IT Security Guru ⋅ Guru
Guest Blog: Ox Security on learning from the Recent GitHub Extortion Campaigns
Gitloker