Malpedia Library

Click here to download all references as Bib-File.•

2026-03-05 ⋅ Symantec ⋅ Threat Hunter Team
Seedworm: Iranian APT on Networks of U.S. Bank, Airport, Software Company
Tsundere

2026-02-24 ⋅ Symantec ⋅ Threat Hunter Team
North Korean Lazarus Group Now Working With Medusa Ransomware
ComeBacker Medusa

2026-02-11 ⋅ Intel 471 ⋅ Intel 471
Winter Olympics 2026: Hacktivism Surges Ahead of Protests and Suspected Sabotage
Z-Pentest Alliance

2026-02-05 ⋅ Symantec ⋅ Threat Hunter Team
Reynolds: Defense Evasion Capability Embedded in Ransomware Payload
Reynolds

2026-01-30 ⋅ LevelBlue ⋅ Evgeny Ananin, Mark Tsipershtein, Nikita Kazymirskyi
19 Shades of LockBit5.0, Inside the Latest Cross-Platform Ransomware: Part 1
LockBit LockBit

2026-01-28 ⋅ Hunt.io ⋅ Hunt.io
Exposed Open Directory Leaks a Full BYOB Deployment Across Windows, Linux, and macOS

2026-01-12 ⋅ Securonix ⋅ Aaron Beardslee, Akshay Gaikwad, Shikha Sangwan
SHADOW#REACTOR – Text-Only Staging, .NET Reactor, and In-Memory Remcos RAT Deployment
Remcos

2025-12-29 ⋅ Kaspersky ⋅ Noushin Shabab
The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor
PlugX TONESHELL

2025-11-19 ⋅ John Basmayor, Nathaniel Morales, Nikita Kazymirskyi
SpiderLabs IDs New Banking Trojan Distributed Through WhatsApp
Eternidade Stealer

2025-11-02 ⋅ Symantec ⋅ Broadcom, Symantec
Multi-Stage In-Memory Agent Tesla Campaign Targets LATAM
Agent Tesla

2025-10-22 ⋅ 01xyris ⋅ 01xyris
Aura Stealer #1 36bytesmademelosemymind
Aura Stealer

2025-10-15 ⋅ Symantec ⋅ Threat Hunter Team
Jewelbug: Chinese APT Group Widens Reach to Russia
REF7707

2025-10-01 ⋅ NetScout ⋅ ASERT Team
Keymous+ Threat Actor Profile
Keymous+

2025-09-03 ⋅ Darkrym ⋅ Darkrym
PXA Stealers Evolution to PureRAT: Part 6 - Finally, the Final Stage PureRAT (Stage 9)
PureRAT

2025-08-31 ⋅ Darkrym ⋅ Darkrym
PXA Stealers Evolution to PureRAT: Part 3 - Weaponised Python Stage (Stage 5)
PXA Stealer

2025-08-19 ⋅ IBM X-Force ⋅ Raymond Joseph Alfonso
IBM X-Force Threat Analysis: QuirkyLoader - A new malware loader delivering infostealers and RATs
QuirkyLoader

2025-06-20 ⋅ K7 Security ⋅ Baran S
SpyMax
SpyMax

2025-06-18 ⋅ Elastic ⋅ Salim Bitam
A Wretch Client: From ClickFix deception to information stealer deployment
HijackLoader Lumma Stealer SectopRAT

2025-06-12 ⋅ Symantec ⋅ Carbon Black, Threat Hunter Team
Fog Ransomware: Unusual Toolset Used in Recent Attack
Fog

2025-05-02 ⋅ Arctic Wolf ⋅ Arctic Wolf Labs Team
Venom Spider Uses Server-Side Polymorphism to Weave a Web Around Victims
More_eggs