Malpedia Library

Click here to download all references as Bib-File.•

2025-12-16 ⋅ sysdig ⋅ Sysdig Threat Research Team
EtherRAT dissected: How a React2Shell implant delivers 5 payloads through blockchain C2
EtherRAT

2025-12-10 ⋅ SpyCloud ⋅ SpyCloud Labs Research Team
Analyzing the Impact of the Operation Endgame Takedown on Rhadamanthys & the MaaS Ecosystem
Rhadamanthys

2025-12-08 ⋅ sysdig ⋅ Sysdig Threat Research Team
EtherRAT: DPRK uses novel Ethereum implant in React2Shell attacks
EtherRAT

2025-11-04 ⋅ Twitter (@nextronresearch) ⋅ Nextron Threat Research Team
Tweet about BQT ransomware on Linux
BQTlock

2025-10-14 ⋅ Reliaquest ⋅ RELIAQUEST THREAT RESEARCH TEAM
SOE-phisticated Persistence: Inside Flax Typhoon's ArcGIS Compromise

2025-10-13 ⋅ SpyCloud ⋅ SpyCloud Labs Research Team
More Than Meets the YY: Analyzing the YYlaiyu PhaaS Panel

2025-10-13 ⋅ Proofpoint ⋅ Kyle Cucci, Proofpoint Threat Research Team, Selena Larson, Tommy Madjar
When the monster bytes: tracking TA585 and its arsenal
MonsterV2

2025-09-16 ⋅ Proofpoint ⋅ Greg Lesnewich, Mark Kelly, Nick Attfield, Proofpoint Threat Research Team
Going Underground: China-aligned TA415 Conducts U.S.-China Economic Relations Targeting Using VS Code Remote Tunnels

2025-09-15 ⋅ Zscalar ⋅ ThreatLabZ research team
SmokeLoader Rises From the Ashes
SmokeLoader

2025-09-03 ⋅ Proofpoint ⋅ Kyle Cucci, Proofpoint Threat Research Team, Rob Kinner
Not Safe for Work: Tracking and Investigating Stealerium and Phantom Infostealers
Phantom Stealer

2025-08-26 ⋅ Sophos ⋅ Sophos Counter Threat Unit Research Team
Velociraptor incident response tool abused for remote access

2025-08-01 ⋅ Infrawatch Research Team
Belarus-Linked DSLRoot Proxy Network Deploys Hardware in U.S. Residences, Including Military Homes

2025-07-16 ⋅ Proofpoint ⋅ Mark Kelly, Proofpoint Threat Research Team
Phish and Chips: China-Aligned Espionage Actors Ramp Up Taiwan Semiconductor Industry Targeting
Cobalt Strike Voldemort UNK_DropPitch UNK_FistBump UNK_SparkyCarp

2025-07-14 ⋅ Arda Büyükkaya ⋅ EclecticIQ Threat Research Team
GLOBAL GROUP: Emerging Ransomware-as-a-Service, Supporting AI Driven Negotiation and Mobile Control Panel for Their Affiliates
Global

2025-07-01 ⋅ SpyCloud ⋅ SpyCloud Labs Research Team
State Secrets for Sale: More Leaks from the Chinese Hack-for-Hire Industry

2025-06-30 ⋅ Proofpoint ⋅ David Galazin, Greg Lesnewich, Kelsey Merriman, Proofpoint Threat Research Team, Selena Larson
10 Things I Hate About Attribution: RomCom vs. TransferLoader
MeltingClaw RustyClaw ShadyHammock SlipScreen TransferLoader

2025-06-16 ⋅ Proofpoint ⋅ Jeremy Hedges, Proofpoint Threat Research Team, Tommy Madjar
Amatera Stealer: Rebranded ACR Stealer With Improved Evasion, Sophistication
ACR Stealer Amatera

2025-06-09 ⋅ Zscaler ⋅ ThreatLabZ research team, Zscaler
DanaBleed: DanaBot C2 Server Memory Leak Bug
DanaBot

2025-06-05 ⋅ Reliaquest ⋅ RELIAQUEST THREAT RESEARCH TEAM
Scattered Spider Targets Tech Companies for Help-Desk Exploitation

2025-05-14 ⋅ Zscaler ⋅ ThreatLabZ research team
Technical Analysis of TransferLoader
TransferLoader