Malpedia Library

Click here to download all references as Bib-File.•

2022-07-20 ⋅ Advanced Intelligence ⋅ Marley Smith, Vitali Kremez, Yelisey Boguslavskiy
Anatomy of Attack: Truth Behind the Costa Rica Government Ransomware 5-Day Intrusion
Cobalt Strike

2022-06-07 ⋅ AdvIntel ⋅ Marley Smith, Vitali Kremez, Yelisey Boguslavskiy
BlackCat — In a Shifting Threat Landscape, It Helps to Land on Your Feet: Tech Dive
BlackCat BlackCat Cobalt Strike

2022-05-20 ⋅ AdvIntel ⋅ Marley Smith, Vitali Kremez, Yelisey Boguslavskiy
DisCONTInued: The End of Conti’s Brand Marks New Chapter For Cybercrime Landscape
AvosLocker Black Basta BlackByte BlackCat Conti HelloKitty Hive

2022-05-17 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
Hydra with Three Heads: BlackByte & The Future of Ransomware Subsidiary Groups
BlackByte Conti

2022-05-01 ⋅ Github (k-vitali) ⋅ Vitali Kremez
REvil Reborn Ransom Config
REvil

2022-04-18 ⋅ AdvIntel ⋅ Vitali Kremez, Yelisey Boguslavskiy
Enter KaraKurt: Data Extortion Arm of Prolific Ransomware Group
AvosLocker BazarBackdoor BlackByte BlackCat Cobalt Strike HelloKitty Hive Karakurt

2022-02-23 ⋅ AdvIntel ⋅ Vitali Kremez, Yelisey Boguslavskiy
24 Hours From Log4Shell to Local Admin: Deep-Dive Into Conti Gang Attack on Fortune 500 (DFIR)
Cobalt Strike Conti

2021-12-17 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
Ransomware Advisory: Log4Shell Exploitation for Initial Access & Lateral Movement
Conti

2021-11-20 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
Corporate Loader "Emotet": History of "X" Project Return for Ransomware
Emotet

2021-09-29 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
Backup “Removal” Solutions - From Conti Ransomware With Love
Cobalt Strike Conti

2021-08-17 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
Hunting for Corporate Insurance Policies: Indicators of [Ransom] Exfiltration
Cobalt Strike Conti

2021-08-11 ⋅ Advanced Intelligence ⋅ Vitali Kremez
Secret "Backdoor" Behind Conti Ransomware Operation: Introducing Atera Agent
Cobalt Strike Conti

2021-08-05 ⋅ Twitter (@VK_intel) ⋅ Vitali Kremez
Tweet on Linux variant of BlackMatter
BlackMatter

2021-07-02 ⋅ Twitter (@VK_intel) ⋅ Vitali Kremez
Tweet on Revil ransomware analysis used in Kaseya attack
REvil

2021-06-29 ⋅ Twitter (@VK_intel) ⋅ Vitali Kremez
Tweet on Linux version of REvil ransomware
REvil

2021-06-28 ⋅ Twitter (@VK_intel) ⋅ Vitali Kremez
Tweet on ELF version of REvil
REvil

2021-06-16 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
The Rise & Demise of Multi-Million Ransomware Business Empire
Avaddon

2021-06-08 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
From QBot...with REvil Ransomware: Initial Attack Exposure of JBS
QakBot REvil

2021-05-14 ⋅ Advanced Intelligence ⋅ Vitali Kremez
From Dawn to "Silent Night": "DarkSide Ransomware" Initial Attack Vector Evolution
DarkSide

2021-04-17 ⋅ Advanced Intelligence ⋅ Al Calleo, Vitali Kremez, Yelisey Boguslavskiy
Adversary Dossier: Ryuk Ransomware Anatomy of an Attack in 2021
Ryuk