Malpedia Library

Click here to download all references as Bib-File.•

2025-05-22 ⋅ Sekoia ⋅ Félix Aime, Jeremy Scion
ViciousTrap – Infiltrate, Control, Lure: Turning edge devices into honeypots en masse.

2025-05-07 ⋅ FBI ⋅ FBI
Cyber Criminal Services Target End-of-Life Routers to Launch Attacks and Hide Their Activities
TheMoon

2025-05-07 ⋅ FBI ⋅ FBI
Alert Number: I-050725-PSA Cyber Criminal Proxy Services Exploiting End of Life Routers
TheMoon

2025-05-06 ⋅ Akamai ⋅ Kyle Lefton
Here Comes Mirai: IoT Devices RSVP to Active Exploitation
LZRD

2025-04-29 ⋅ ⋅ France Diplomatie ⋅ France Diplomatie
Russia – Assignment of cyber attacks against France to the Russian military intelligence service (APT28) (29 April 2025)

2025-04-25 ⋅ Censys ⋅ Censys
The Persistent Threat of Salt Typhoon: Tracking Exposures of Potentially Targeted Devices
MASOL

2025-04-17 ⋅ FORTRA ⋅ Max Ickert
Threat Actor Profile: SheByte Phishing-as-a-Service

2025-04-16 ⋅ Intel 471 ⋅ Intel 471
LabHost: A defunct but potent phishing service

2025-04-06 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Target espionage activity UAC-0226 in relation to the centers of innovation, state and law enforcement services using the GIFTEDCROOK (CERT-UA#14303)
GIFTEDCROOK UAC-0226

2025-04-01 ⋅ Hunt.io ⋅ Hunt.io
Same Russian-Speaking Threat Actor, New Tactics: Abuse of Cloudflare Services for Phishing and Telegram to Filter Victim IPs
Pyramid

2025-03-28 ⋅ ThreatFabric ⋅ ThreatFabric
Exposing Crocodilus: New Device Takeover Malware Targeting Android Devices
Crocodilus

2025-03-13 ⋅ EclecticIQ ⋅ Arda Büyükkaya
Inside BRUTED: Black Basta (RaaS) Members Used Automated Brute Forcing Framework to Target Edge Network Devices
Black Basta

2025-02-28 ⋅ Greynoise ⋅ Noah Stone
New DDoS Botnet Discovered: Over 30,000 Hacked Devices, Majority of Observed Activity Traced to Iran
Mirai

2025-02-13 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Storm-2372 conducts device code phishing campaign
Storm-2372

2025-02-13 ⋅ Volexity ⋅ Charlie Gardner, Steven Adair, Tom Lancaster
Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication

2025-02-13 ⋅ Recorded Future ⋅ Insikt Group
RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers
GhostEmperor

2025-02-12 ⋅ The Hacker News ⋅ Ravie Lakshmanan
North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack

2025-01-28 ⋅ Group-IB ⋅ Nikolay Kichatov, Pietro Albuquerque, Sharmine Low
Cat’s out of the bag: Lynx Ransomware-as-a-Service
Lynx

2025-01-22 ⋅ ESET Research ⋅ Facundo Muñoz
PlushDaemon compromises supply chain of Korean VPN service
SlowStepper PlushDaemon

2025-01-13 ⋅ Halcyon ⋅ Halcyon Research Team
Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C
Codefinger