Malpedia Library

Click here to download all references as Bib-File.•

2023-03-30 ⋅ Zscaler ⋅ Brett Stone-Gross, Javier Vicente, Nikolaos Pantazopoulos
Technical Analysis of Xloader’s Code Obfuscation in Version 4.3
Formbook

2023-03-30 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
eSentire Threat Intelligence Malware Analysis: BatLoader
BATLOADER Cobalt Strike ISFB SystemBC Vidar

2023-03-30 ⋅ Recorded Future ⋅ Insikt Group
With KEYPLUG, China’s RedGolf Spies On, Steals From Wide Field of Targets
KEYPLUG Cobalt Strike PlugX RedGolf

2023-03-30 ⋅ hasherezade's 1001 nights ⋅ hasherezade
Magniber ransomware analysis: Tiny Tracer in action
Magniber

2023-03-30 ⋅ United States District Court (Eastern District of New York) ⋅ Fortra, HEALTH-ISAC, Microsoft
Cracked Cobalt Strike (1:23-cv-02447)
Black Basta BlackCat LockBit RagnarLocker LockBit Black Basta BlackCat Cobalt Strike Cuba Emotet LockBit Mount Locker PLAY QakBot RagnarLocker Royal Ransom Zloader

2023-03-30 ⋅ K7 Security ⋅ Lathashree K
GoatRAT Attacks Automated Payment Systems
GoatRAT

2023-03-30 ⋅ Google ⋅ Google Threat Analysis Group, Shane Huntley
TAG Bulletin: Q1 2023

2023-03-30 ⋅ loginsoft ⋅ Saharsh Agrawal
From Innocence to Malice: The OneNote Malware Campaign Uncovered
Agent Tesla AsyncRAT DOUBLEBACK Emotet Formbook IcedID NetWire RC QakBot Quasar RAT RedLine Stealer XWorm

2023-03-30 ⋅ IBM ⋅ Fred Chidsey, John Dwyer, Joseph Lozowski
X-Force Prevents Zero Day from Going Anywhere
Silence

2023-03-30 ⋅ OALabs ⋅ Sergei Frankoff
3CX Supply Chain Attack
3CX Backdoor

2023-03-30 ⋅ Fortiguard ⋅ FortiGuard Labs
3CX Desktop App Compromised (CVE-2023-29059)
3CX Backdoor

2023-03-30 ⋅ Rapid7 Labs ⋅ Rapid7
Backdoored 3CXDesktopApp Installer Used in Active Threat Campaign
3CX Backdoor

2023-03-30 ⋅ Huntress Labs ⋅ John Hammond
3CX VoIP Software Compromise & Supply Chain Threats
3CX Backdoor

2023-03-30 ⋅ Cado Security ⋅ Cado Security
Forensic Triage of a Windows System running the Backdoored 3CX Desktop App
3CX Backdoor

2023-03-30 ⋅ CrowdStrike ⋅ CS ENGINEER
2023-03-29 // SITUATIONAL AWARENESS // CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers
3CX Backdoor

2023-03-30 ⋅ Symantec ⋅ Threat Hunter Team
3CX: Supply Chain Attack Affects Thousands of Users Worldwide
3CX Backdoor IconicStealer

2023-03-30 ⋅ Elastic ⋅ Daniel Stepanic, Devon Kerr, Joe Desimone, Remco Sprooten, Samir Bousseaden
Elastic users protected from SUDDENICON’s supply chain attack
3CX Backdoor

2023-03-30 ⋅ Trend Micro ⋅ Trend Micro Research
Developing Story: Information on Attacks Involving 3CX Desktop App
3CX Backdoor IconicStealer

2023-03-30 ⋅ Mandiant ⋅ Alden Wahlstrom, Daniel Kapellmann Zafra, Gabby Roncone, Keith Lunden
Contracts Identify Cyber Operations Projects from Russian Company NTC Vulkan
INCONTROLLER

2023-03-30 ⋅ Volexity ⋅ Ankur Saini, Callum Roxan, Charlie Gardner, Paul Rascagnères, Steven Adair, Thomas Lancaster
3CX Supply Chain Compromise Leads to ICONIC Incident
3CX Backdoor IconicStealer