Malpedia Library

Click here to download all references as Bib-File.•

2025-03-28 ⋅ Intrinsec ⋅ David Sardinha
From espionage to PsyOps: Tracking operations and bulletproof providers of UACs in 2025
sLoad NetSupportManager RAT Remcos SmokeLoader

2025-03-26 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
The Long and Short(cut) of It: KoiLoader Analysis
Koi Loader

2025-03-26 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Raton / Silly - Remote Access Trojan | Technical Malware Analysis Report
AsyncRAT

2025-03-25 ⋅ GoDaddy ⋅ Denis Sinegubko
Inside DollyWay’s C2 Infrastructure: Traffic Direction Systems and the LosPollos Connection
DollyWay

2025-03-25 ⋅ Suresh Reddy
Inside Kimsuky’s Latest Cyberattack: Analyzing Malicious Scripts and Payloads

2025-03-25 ⋅ IBM X-Force ⋅ Golo Mühr
IBM X-Force discovers new Sheriff Backdoor used to target Ukraine
Deputy Sheriff

2025-03-25 ⋅ JPCERT/CC ⋅ Hayato Sasaki
Tempted to Classifying APT Actors: Practical Challenges of Attribution in the Case of Lazarus’s Subgroup

2025-03-25 ⋅ DomainTools ⋅ DomainTools
Phishing Campaign Targets Defense and Aerospace Firms Linked to Ukraine Conflict

2025-03-25 ⋅ Kaspersky Labs ⋅ Boris Larin, Igor Kuznetsov
Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain
Operation ForumTroll

2025-03-25 ⋅ SpyCloud ⋅ James
On the Hunt for Ghost(Socks)
GhostSocks

2025-03-24 ⋅ SYGNIA ⋅ Sygnia Team
Weaver Ant, the Web Shell Whisperer: Tracking a Live China-nexus Operation
CHINACHOPPER reGeorg

2025-03-22 ⋅ Trend Micro ⋅ Junestherry Dela Cruz
Back to Business: Lumma Stealer Returns with Stealthier Methods
Lumma Stealer

2025-03-19 ⋅ cocomelonc ⋅ cocomelonc
MD MZ Book: Russian translation

2025-03-19 ⋅ Natto Thoughts ⋅ Natto Team
Zhou Shuai: A Hacker’s Road to APT27

2025-03-18 ⋅ Trellix ⋅ Jambul Tologonov, John Fokker
Analysis of Black Basta Ransomware Chat Leaks
Black Basta Black Basta

2025-03-18 ⋅ Expel ⋅ AARON WALTON
Code-signing certificate abuse in the Black Basta chat leaks (and how to fight back)
Black Basta Black Basta

2025-03-18 ⋅ WeLiveSecurity ⋅ Dominik Breitenbacher
Operation AkaiRyū: MirrorFace invites Europe to Expo 2025 and revives ANEL backdoor
Anel AsyncRAT

2025-03-17 ⋅ GoDaddy ⋅ Denis Sinegubko
DollyWay World Domination: Eight Years of Evolving Website Malware Campaigns
DollyWay

2025-03-17 ⋅ Cloudflare ⋅ Cloudflare
Black Basta’s blunder: exploiting the gang’s leaked chats
Black Basta Black Basta

2025-03-16 ⋅ SYGNIA ⋅ Sygnia Team
Bybit – What We Know So Far