Malpedia Library

Click here to download all references as Bib-File.•

2021-04-29 ⋅ FireEye ⋅ Justin Moore, Raymond Leong, Tyler McLellan
UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat
Cobalt Strike FiveHands HelloKitty

2021-04-29 ⋅ Palo Alto Networks Unit 42 ⋅ Robert Falcone, Simon Conant
New Shameless Commodity Cryptocurrency Stealer (WeSteal) and Commodity RAT (WeControl)
WeControl WeSteal

2021-04-26 ⋅ Intel 471 ⋅ Intel 471
The cybercriminal underground hasn’t forgotten about financial services

2021-04-21 ⋅ SophosLabs Uncut ⋅ Anand Aijan, Andrew Brandt, Markel Picado, Michael Wood, Sean Gallagher, Sivagnanam Gn, Suriya Natarajan
Nearly half of malware now use TLS to conceal communications
Agent Tesla Cobalt Strike Dridex SystemBC

2021-03-31 ⋅ Kaspersky ⋅ Kaspersky
Financial Cyberthreats in 2020
BetaBot DanaBot Emotet Gozi Ramnit RTM SpyEye TrickBot Zeus

2021-03-18 ⋅ ⋅ Poliisi ⋅ Poliisi
Eduskunnan tietojärjestelmiin kohdistuneen tietomurron tutkinnassa selvitetään yhteyttä APT31-toimijaan
APT31

2021-03-12 ⋅ splunk ⋅ Amy Heng, Dave Herrald, Derek King, James Brodsky, John Stoner, Jose Hernandez, Marcus LaFerrera, Michael Haag, Mick Baccio, Ryan Kovar, Shannon Davis
Detecting Microsoft Exchange Vulnerabilities - 0 + 8 Days Later…

2021-03-11 ⋅ Trustwave ⋅ Diana Lopera
Image File Trickery Part II: Fake Icon Delivers NanoCore
Nanocore RAT

2021-03-11 ⋅ Cofense ⋅ Elmer Hernandez
AutoHotKey Leveraged by Metamorfo/Mekotio Banking Trojan
Metamorfo

2021-03-09 ⋅ Attivo NETWORKS ⋅ Anil Gupta, Gorang Joshi, Saravanan Mohan
Hafnium – Active Exploitation of Microsoft Exchange and Lateral Movement

2021-02-26 ⋅ YouTube (Black Hat) ⋅ Kevin Perlow
FASTCash and INJX_Pure: How Threat Actors Use Public Standards for Financial Fraud
FastCash

2021-02-22 ⋅ AdvIntel ⋅ Beatriz Pimenta Klein
Economic Growth, Digital Inclusion, & Specialized Crime: Financial Cyber Fraud in LATAM
BRATA Mekotio Metamorfo Ploutus ATM VictoryGate

2021-02-18 ⋅ Symantec ⋅ Threat Hunter Team
Lazarus: Three North Koreans Charged for Financially Motivated Attacks
AppleJeus POOLRAT Unidentified macOS 001 (UnionCryptoTrader) AppleJeus Unidentified 077 (Lazarus Downloader)

2021-02-17 ⋅ US Department of Defense ⋅ US Department of Justice
Three North Korean Military Hackers Indicted in Wide-Ranging Scheme to Commit Cyberattacks and Financial Crimes Across the Globe

2021-02-16 ⋅ SophosLabs Uncut ⋅ Anand Ajjan, Andrew Brandt
Conti ransomware: Evasive by nature
Conti

2021-02-16 ⋅ Confiant ⋅ Eliya Stein
Malvertiser “ScamClub” Bypasses Iframe Sandboxing With postMessage() Shenanigans [CVE-2021–1801]

2021-02-04 ⋅ Chainanalysis ⋅ Chainalysis Team
Blockchain Analysis Shows Connections Between Four of 2020’s Biggest Ransomware Strains
DoppelPaymer Egregor Maze SunCrypt

2021-02-02 ⋅ ⋅ CRONUP ⋅ Germán Fernández
De ataque con Malware a incidente de Ransomware
Avaddon BazarBackdoor Buer Clop Cobalt Strike Conti DanaBot Dharma Dridex Egregor Emotet Empire Downloader FriedEx GootKit IcedID MegaCortex Nemty Phorpiex PwndLocker PyXie QakBot RansomEXX REvil Ryuk SDBbot SmokeLoader TrickBot Zloader

2021-01-26 ⋅ FireEye ⋅ Bernard Sapaden, Mohammed Mohsin Dalla, Rahul Mohandas, Sachin Shukla, Srini Seethapathy, Sujnani Ravindra
Phishing Campaign Leverages WOFF Obfuscation and Telegram Channels for Communication

2021-01-19 ⋅ Trend Micro ⋅ Fernando Mercês, Stephen Hilt
VPNFilter Two Years Later: Routers Still Compromised
VPNFilter