Malpedia Library

Click here to download all references as Bib-File.•

2022-04-18 ⋅ CISA ⋅ CISA, FBI, U.S. Department of the Treasury
AA22-108A: TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies (PDF)
FastCash Bankshot

2022-04-18 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
Free decryptor released for Yanluowang ransomware victims
Yanluowang

2022-04-18 ⋅ SentinelOne ⋅ James Haughom
From the Front Lines | Peering into A PYSA Ransomware Attack
Chisel Chisel Cobalt Strike Mespinoza

2022-04-18 ⋅ ⋅ ASEC ⋅ ASEC Analysis Team
A new type of malware from the Lazarus attack group that exploits the INITECH process.

2022-04-17 ⋅ Malcat ⋅ malcat team
Reversing a NSIS dropper using quick and dirty shellcode emulation
Loki Password Stealer (PWS)

2022-04-16 ⋅ forensicitguy ⋅ Tony Lambert
Snip3 Crypter used with DCRat via VBScript
DCRat

2022-04-15 ⋅ Medium walmartglobaltech ⋅ Jason Reaves
Revisiting BatLoader C2 structure
BATLOADER

2022-04-15 ⋅ Bleeping Computer ⋅ Ionut Ilascu
Karakurt revealed as data extortion arm of Conti cybercrime syndicate
Anchor BazarBackdoor Conti TrickBot

2022-04-15 ⋅ Arctic Wolf ⋅ Arctic Wolf
The Karakurt Web: Threat Intel and Blockchain Analysis Reveals Extension of Conti Business Model
Conti Diavol Ryuk TrickBot

2022-04-15 ⋅ splunk ⋅ Splunk Threat Research Team
STRT-TA03 CPE - Destructive Software
AcidRain CyclopsBlink

2022-04-14 ⋅ Symantec ⋅ Threat Hunter Team
Lazarus Targets Chemical Sector
Racket Downloader

2022-04-14 ⋅ Cynet ⋅ Max Malyutin
Orion Threat Alert: Flight of the BumbleBee
BumbleBee Cobalt Strike

2022-04-14 ⋅ Claroty ⋅ Uri Katz
Blinding Snort: Breaking The Modbus OT Preprocessor

2022-04-14 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyberattack on Ukrainian state organizations using IcedID malware (CERT-UA#4464)
IcedID

2022-04-14 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team
Threat Thursday: HeaderTip Backdoor Shows Attackers from China Preying on Ukraine
HeaderTip

2022-04-14 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Michael Chen, Vanja Svajcer
Threat Spotlight: "Haskers Gang" Introduces New ZingoStealer
RedLine Stealer

2022-04-14 ⋅ PRODAFT Threat Intelligence ⋅ PRODAFT
PYSA (Mespinoza) In-Depth Analysis
Mespinoza

2022-04-14 ⋅ NSHC RedAlert Labs ⋅ NSHC Threatrecon Team
Hacking activity of SectorB Group in 2021 Chinese government supported hacking group SectorB
PlugX

2022-04-13 ⋅ Mandiant ⋅ Corey Hildebrandt, Daniel Kapellmann Zafra, Keith Lunden, Ken Proska, Muhammad Umair, Nathan Brubaker, Rob Caldwell
INCONTROLLER: New State-Sponsored Cyber Attack Tools Target Multiple Industrial Control Systems
INCONTROLLER

2022-04-13 ⋅ Malwarology ⋅ Gaetano Pellegrino
Qakbot Series: Configuration Extraction
QakBot