Malpedia Library

Click here to download all references as Bib-File.•

2021-05-25 ⋅ Huntress Labs ⋅ Matthew Brennan
Cobalt Strikes Again: An Analysis of Obfuscated Malware
Cobalt Strike

2021-05-17 ⋅ Fortinet ⋅ Fred Gutierrez, Gayathri Thirugnanasambandam, Val Saengphaibul
Newly Discovered Function in DarkSide Ransomware Variant Targets Disk Partitions
DarkSide

2021-05-14 ⋅ NortonLifeLock ⋅ Armin Buescher, Gokulakrishnan S
How Flubot targets Android phone users and their money
FluBot

2021-05-12 ⋅ FBI ⋅ FBI
PIN Number 20210512-001: Spear-Phishing Attack Directing Recipients to Download a Fake Windows Application Impersonating a Financial Institution

2021-05-11 ⋅ nviso ⋅ Jeroen Beckers
Android overlay attacks on Belgian financial applications
Anatsa

2021-05-03 ⋅ Rewterz Information Security ⋅ Rewterz Information Security
Rewterz Threat Alert – Financially Motivated Aggressive Group Carrying Out Ransomware Campaigns – Active IOCs
FiveHands SombRAT UNC2447

2021-04-29 ⋅ FireEye ⋅ Justin Moore, Raymond Leong, Tyler McLellan
UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat
Cobalt Strike FiveHands HelloKitty

2021-04-29 ⋅ Palo Alto Networks Unit 42 ⋅ Robert Falcone, Simon Conant
New Shameless Commodity Cryptocurrency Stealer (WeSteal) and Commodity RAT (WeControl)
WeControl WeSteal

2021-04-26 ⋅ Intel 471 ⋅ Intel 471
The cybercriminal underground hasn’t forgotten about financial services

2021-04-21 ⋅ SophosLabs Uncut ⋅ Anand Aijan, Andrew Brandt, Markel Picado, Michael Wood, Sean Gallagher, Sivagnanam Gn, Suriya Natarajan
Nearly half of malware now use TLS to conceal communications
Agent Tesla Cobalt Strike Dridex SystemBC

2021-03-31 ⋅ Kaspersky ⋅ Kaspersky
Financial Cyberthreats in 2020
BetaBot DanaBot Emotet Gozi Ramnit RTM SpyEye TrickBot Zeus

2021-03-18 ⋅ ⋅ Poliisi ⋅ Poliisi
Eduskunnan tietojärjestelmiin kohdistuneen tietomurron tutkinnassa selvitetään yhteyttä APT31-toimijaan
APT31

2021-03-12 ⋅ splunk ⋅ Amy Heng, Dave Herrald, Derek King, James Brodsky, John Stoner, Jose Hernandez, Marcus LaFerrera, Michael Haag, Mick Baccio, Ryan Kovar, Shannon Davis
Detecting Microsoft Exchange Vulnerabilities - 0 + 8 Days Later…

2021-03-11 ⋅ Trustwave ⋅ Diana Lopera
Image File Trickery Part II: Fake Icon Delivers NanoCore
Nanocore RAT

2021-03-11 ⋅ Cofense ⋅ Elmer Hernandez
AutoHotKey Leveraged by Metamorfo/Mekotio Banking Trojan
Metamorfo

2021-03-09 ⋅ Attivo NETWORKS ⋅ Anil Gupta, Gorang Joshi, Saravanan Mohan
Hafnium – Active Exploitation of Microsoft Exchange and Lateral Movement

2021-02-26 ⋅ YouTube (Black Hat) ⋅ Kevin Perlow
FASTCash and INJX_Pure: How Threat Actors Use Public Standards for Financial Fraud
FastCash

2021-02-22 ⋅ AdvIntel ⋅ Beatriz Pimenta Klein
Economic Growth, Digital Inclusion, & Specialized Crime: Financial Cyber Fraud in LATAM
BRATA Mekotio Metamorfo Ploutus ATM VictoryGate

2021-02-18 ⋅ Symantec ⋅ Threat Hunter Team
Lazarus: Three North Koreans Charged for Financially Motivated Attacks
AppleJeus POOLRAT Unidentified macOS 001 (UnionCryptoTrader) AppleJeus Unidentified 077 (Lazarus Downloader)

2021-02-17 ⋅ US Department of Defense ⋅ US Department of Justice
Three North Korean Military Hackers Indicted in Wide-Ranging Scheme to Commit Cyberattacks and Financial Crimes Across the Globe