Malpedia Library

Click here to download all references as Bib-File.•

2024-12-12 ⋅ Hunt.io ⋅ Hunt.io
Oyster’s Trail: Resurgence of Infrastructure Linked to Ransomware and Cybercrime Actors
Broomstick

2024-12-12 ⋅ XLab ⋅ XLab Team
Glutton: A New Zero-Detection PHP Backdoor from Winnti Targets Cybercrimals
Winnti Glutton

2024-12-12 ⋅ Kaspersky ⋅ Georgy Kucherin & Marc Rivero López
The Mask Has Been Unmasked Again
Careto

2024-12-11 ⋅ Silent Push ⋅ Silent Push
Silent Push Unwraps the AIZ—Aggressive Inventory Zombies—Retail & Crypto Phishing Network Campaign
Aggressive Inventory Zombies

2024-12-11 ⋅ JPCERT/CC ⋅ Tomoya Kamei
Attack Exploiting Legitimate Service by APT-C-60
SpyGrace

2024-12-11 ⋅ Lookout ⋅ Kyle Schmittle, Paul Shunk
Lookout Discovers Two Russian Android Spyware Families from Gamaredon APT
BoneSpy DroidWatcher PlainGnome

2024-12-11 ⋅ Lookout ⋅ Kristina Balaam
Lookout Discovers New Chinese Surveillance Tool Used by Public Security Bureaus
EagleMsgSpy

2024-12-11 ⋅ Sublime ⋅ Sublime Security
Xloader deep dive: Link-based malware delivery via SharePoint impersonation
Xloader Formbook

2024-12-11 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine
Amadey Kazuar Wipbot FlyingYeti

2024-12-10 ⋅ cyble ⋅ Cyble
Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor
PhantomCore Head Mare

2024-12-10 ⋅ Zscaler ⋅ ThreatLabZ research team
Inside Zloader’s Latest Trick: DNS Tunneling
GhostSocks Zloader

2024-12-10 ⋅ Patreon (OALABS) ⋅ Sergei Frankoff
Live Stream VOD: The Many Faces of CryptBot (Paywall)
CryptBot

2024-12-10 ⋅ Hunt.io ⋅ Hunt.io
“Million OK !!!!” and the Naver Facade: Tracking Recent Suspected Kimsuky Infrastructure
Kimsuky

2024-12-09 ⋅ SOC Prime ⋅ Veronika Telychko
UAC-0185 aka UNC4221 Attack Detection: Hackers Target the Ukrainian Defense Forces and Military-Industrial Complex
UAC-0185

2024-12-08 ⋅ DataBreaches.net ⋅ Dissent
Is KillSec3 Trying to Extort Victims Using Publicly Leaked Data?

2024-12-07 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Targeted cyberattacks UAC-0185 in relation to the Defense Forces and enterprises of defense systems of Ukraine (CRT-UA#12414)
UAC-0185

2024-12-06 ⋅ OALabs ⋅ Sergei Frankoff
CryptBot Evolution Tracking the many iterations of this stealer
CryptBot

2024-12-05 ⋅ Recorded Future ⋅ Insikt Group
BlueAlpha Abuses Cloudflare Tunneling Service for GammaDrop Staging Infrastructure

2024-12-05 ⋅ Trend Micro ⋅ Daniel Lunghi, Joseph Chen
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks

2024-12-05 ⋅ LinkedIn (Idan Tarab) ⋅ Idan Tarab
The Diplomatic Deception: Patchwork’s Use of Fake U.S. Embassy Alerts in Cyber Espionage