Malpedia Library

Click here to download all references as Bib-File.•

2025-03-12 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
Golang backdoor with a side of ChromeUpdateAlert App

2025-03-12 ⋅ Youtube (AhmedS Kasmani) ⋅ AhmedS Kasmani
Initial Analysis of Black Basta Chat Leaks
Black Basta Black Basta

2025-03-12 ⋅ YouTube (John Hammond) ⋅ John Hammond
LEAKED Russian Hackers Internal Chats
Black Basta Black Basta

2025-03-12 ⋅ Red Canary ⋅ Red Canary
2025 Threat Detection Report
HijackLoader Lumma Stealer NetSupportManager RAT

2025-03-12 ⋅ Mandiant ⋅ Frank Tse, Jakub Jozwiak, Logeswaran Nadarajan, Lukasz Lamparski, Mathew Potaczek, Mustafa Nasser, Nick Harbour, Punsaen Boonyakarn, Shawn Chew
Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers
tsh

2025-03-11 ⋅ Cato Networks ⋅ Matan Mittleman, Ofek Vardi
Cato CTRL Threat Research: Ballista – New IoT Botnet Targeting Thousands of TP-Link Archer Routers
Ballista

2025-03-11 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks
AsyncRAT NjRAT Quasar RAT Remcos

2025-03-11 ⋅ Trend Micro ⋅ Cj Arsley Mateo, Darrel Tristan Virtusio, Jacob Santos, Junestherry Dela Cruz, Paul John Bardon
AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution
Lumma Stealer SmartLoader

2025-03-11 ⋅ Kaspersky Labs ⋅ AMR
DCRat backdoor returns
DCRat

2025-03-11 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
New Ermac Variant - Android Banking Trojan & Botnet
ERMAC

2025-03-10 ⋅ Cybershafarat ⋅ Treadstone 71
DieNet and #Shiite_Harvest claimed responsibility for disabling ten significant Iraqi websites
DieNet

2025-03-10 ⋅ LevelBlue ⋅ Ken Ng
Prevent, Detect, Contain: LevelBlue MDR’s Guide Against Black Basta Affiliates’ Attacks
Black Basta Black Basta ReedBed

2025-03-10 ⋅ Cofense ⋅ Max Gannon
Trump Cryptocurrency Delivers ConnectWise RAT

2025-03-07 ⋅ Fortinet ⋅ Faisal Abdul Malik Qureshi, Fred Gutierrez, Hossein Jazi, John Simmons, Mark Robson, Said Wali, Xiaopeng Zhang
Investigating Iranian Intrusion into Strategic Middle East Critical Infrastructure
Havoc

2025-03-07 ⋅ ⋅ Youtube (greenplan) ⋅ greenplan
[BINARY REFINERY] (MintsLoader) - Writing a Unit to deobfuscated JavaScript payload
MintsLoader

2025-03-07 ⋅ Proofpoint ⋅ Ole Villadsen, Proofpoint Threat Research Team, Selena Larson
Remote Monitoring and Management (RMM) Tooling Increasingly an Attacker’s First Choice

2025-03-07 ⋅ MalwareAnalysisSpace ⋅ Seeker
Akira Ransomware Expands to Linux: the attacking abilities and strategies
Akira

2025-03-06 ⋅ flare ⋅ Estelle Ruellan, Oleg Lypko, Tammy Harper
Deciphering Black Basta’s Infrastructure from the Chat Leak
Black Basta Black Basta

2025-03-06 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Threat Intelligence
Tweet about Moonstone Sleet dropping Qilin ransomware
Qilin

2025-03-06 ⋅ Medium SarvivaMalwareAnalyst ⋅ sarviya
XWorm Attack Chain: Leveraging Steganography from Phishing Email to Keylogging via C2 Communication
XWorm