Malpedia Library

Click here to download all references as Bib-File.•

2025-09-09 ⋅ S2W Inc. ⋅ S2W TALON
Kimsuky’s Use of GitHub for Malware Delivery and Exfiltration
RandomQuery

2025-09-05 ⋅ Arctic Wolf ⋅ Dmitry Kupin, Dmitry Melikov, Jacob Faires, Jon Grimm, Pavel Usatenko
GPUGate Malware: Malicious GitHub Desktop Implants Use Hardware-Specific Decryption, Abuse Google Ads to Target Western Europe

2025-08-18 ⋅ Trellix ⋅ Alex Lanstein, Pham Duy Phuc
The Coordinated Embassy Hunt: Unmasking the DPRK-linked GitHub C2 Espionage Campaign
XenoRAT

2025-08-08 ⋅ AhnLab ⋅ AhnLab ASEC Analysis Team
Distribution of SmartLoader Malware via Github Repository Disguised as a Legitimate Project
Rhadamanthys SmartLoader

2025-07-20 ⋅ rmceoin.github.io ⋅ Randy McEoin
Perl based macOS/linux Stealer
Pearl Stealer

2025-07-07 ⋅ Github (VenzoV) ⋅ VenzoV
Golang garbled executable from Amatera config
Amatera

2025-06-20 ⋅ Github (VenzoV) ⋅ VenzoV
Analysis of Amatera Stealer v1 (Test build)
Amatera

2025-06-16 ⋅ Trend Micro ⋅ Aira Marcelo, Gabriel Nicoleta, Jovit Samaniego, Mohamed Fahmy
Clone, Compile, Compromise: Water Curse’s Open-Source Malware Trap on GitHub

2025-05-19 ⋅ RalfHacker
GitHub - Adaptix-Framework//AdaptixC2
AdaptixC2

2025-05-01 ⋅ Github (VenzoV) ⋅ VenzoV
Deep Dive Fog ransomware
Fog

2025-04-28 ⋅ Github (Censys Research) ⋅ Github (Censys-Research)
Public Github Archive of Scout C2
ScoutC2

2025-03-15 ⋅ Github (TheRavenFile) ⋅ Rakesh Krishnan
IoCs for Anubis Backdoor
Anubis Backdoor

2025-03-11 ⋅ Github (prodaft) ⋅ PRODAFT
IOCs for Anubis Backdoor
Anubis Backdoor

2025-03-11 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks
AsyncRAT NjRAT Quasar RAT Remcos

2025-03-11 ⋅ Trend Micro ⋅ Cj Arsley Mateo, Darrel Tristan Virtusio, Jacob Santos, Junestherry Dela Cruz, Paul John Bardon
AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution
Lumma Stealer SmartLoader

2025-03-04 ⋅ Nisos ⋅ Nisos
Likely DPRK Network Backstops on GitHub, Targets Companies Globally

2025-03-04 ⋅ Github (prodaft) ⋅ PRODAFT
Ragnar Loader Indicators of Compromise (IOC)
Unidentified 103 (FIN8)

2025-02-27 ⋅ Github (knight0x07) ⋅ neeraj
NailaoLoader: Hiding Execution Flow via Patching
NailaoLocker

2025-02-24 ⋅ Kaspersky Labs ⋅ Georgy Kucherin, João Godinho
The GitVenom campaign: cryptocurrency theft using GitHub
AsyncRAT Quasar RAT

2025-02-23 ⋅ Github (albertzsigovits) ⋅ Albert Zsigovits
ToxicEye RAT config extraction and YARA signatures
ToxicEye