Malpedia Library

Click here to download all references as Bib-File.•

2023-05-18 ⋅ Nikhil Hegde
Looking Closer at BPF Bytecode in BPFDoor
BPFDoor

2023-05-17 ⋅ SPUR ⋅ Riley Kilmer
Identifying the Nexus of Scaled Ad Fraud

2023-05-17 ⋅ ⋅ S2W LAB Inc. ⋅ BLKSMTH
Detailed Analysis of AlphaSeed, a new version of Kimsuky’s AppleSeed written in Golang
AlphaSeed

2023-05-17 ⋅ ANY.RUN ⋅ ANY.RUN
Deobfuscating the Latest GuLoader: Automating Analysis with Ghidra Scripting
CloudEyE

2023-05-17 ⋅ Sekoia ⋅ Félix Aime
APT28 leverages multiple phishing techniques to target Ukrainian civil society

2023-05-17 ⋅ Medium (@DCSO_CyTec) ⋅ Axel Wauer, Emilia Neuber, Jiro Minier, Johann Aydinbas, Kritika Roy
Andariel’s “Jupiter” malware and the case of the curious C2
Jupiter

2023-05-17 ⋅ Team Cymru ⋅ Team Cymru
Visualizing QakBot Infrastructure
QakBot

2023-05-17 ⋅ Group-IB ⋅ Joshua Penny, Nikita Rostovtsev, Yashraj Solanki
The distinctive rattle of APT SideWinder
SideWinder

2023-05-16 ⋅ Trend Micro ⋅ Sunil Bharti
8220 Gang Evolves With New Strategies
Water Sigbin

2023-05-16 ⋅ Recorded Future ⋅ Insikt Group
OilAlpha: A Likely Pro-Houthi Group Targeting Entities Across the Arabian Peninsula
OilAlpha

2023-05-16 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam
The Growing Threat from Infostealers
Graphiron GraphSteel Raccoon RedLine Stealer Rhadamanthys Taurus Stealer Vidar

2023-05-16 ⋅ Check Point Research ⋅ Itay Cohen, Radoslaw Madej
The Dragon Who Sold his Camaro: Analyzing a Custom Router Implant
Horse Shell Camaro Dragon

2023-05-16 ⋅ KrebsOnSecurity ⋅ Brian Krebs
Russian Hacker “Wazawaka” Indicted for Ransomware
Babuk Hive LockBit LockBit Babuk Hive LockBit

2023-05-16 ⋅ CyberRaiju ⋅ Jai Minton
Remcos RAT - Malware Analysis Lab
Remcos

2023-05-15 ⋅ Trend Micro ⋅ Jaromír Hořejší, Joseph C Chen
Water Orthrus's New Campaigns Deliver Rootkit and Phishing Modules
CopperStealth CopperStealer Water Orthrus

2023-05-15 ⋅ Metabase Q ⋅ Gerardo Corona, Julio Vidal
Botnet Fenix: New botnet going after tax payers in Mexico and Chile
Fenix

2023-05-15 ⋅ CrowdStrike ⋅ CrowdStrike
Hypervisor Jackpotting, Part 3: Lack of Antivirus Support Opens the Door to Adversary Attacks
BlackCat SystemBC

2023-05-15 ⋅ AhnLab ⋅ AhnLab ASEC Analysis Team
LokiLocker, a Ransomware Similar to BlackBit Being Distributed in Korea
LokiLocker

2023-05-15 ⋅ Symantec ⋅ Threat Hunter Team
Lancefly: Group Uses Custom Backdoor to Target Orgs in Government, Aviation, Other Sectors
Merdoor PlugX ShadowPad ZXShell Lancefly

2023-05-15 ⋅ embeeresearch ⋅ Embee_research
Quasar Rat Analysis - Identification of 64 Quasar Servers Using Shodan and Censys
Quasar RAT