Malpedia Library

2018-02-23 ⋅ Palo Alto Networks Unit 42 ⋅ Bryan Lee, Robert Falcone
OopsIE! OilRig Uses ThreeDollars to Deliver New Trojan
OopsIE

2018-02-07 ⋅ Palo Alto Networks Unit 42 ⋅ Brad Duncan, Vicky Ray
Compromised Servers & Fraud Accounts: Recent Hancitor Attacks
Hancitor

2018-02-07 ⋅ Palo Alto Networks Unit 42 ⋅ Simon Conant
RAT Trapped? LuminosityLink Falls Foul of Vermin Eradication Efforts
Luminosity RAT

2018-01-29 ⋅ Palo Alto Networks Unit 42 ⋅ Juan Cortes, Tom Lancaster
VERMIN: Quasar RAT and Custom Malware Used In Ukraine
Vermin

2018-01-26 ⋅ Palo Alto Networks Unit 42 ⋅ Josh Grunzweig
The TopHat Campaign: Attacks Within The Middle East Region Using Popular Third-Party Services
Scote

2018-01-25 ⋅ Palo Alto Networks Unit 42 ⋅ Robert Falcone
OilRig uses RGDoor IIS Backdoor on Targets in the Middle East
OilRig

2018-01-25 ⋅ Palo Alto Networks Unit 42 ⋅ Robert Falcone
OilRig uses RGDoor IIS Backdoor on Targets in the Middle East
RGDoor

2017-12-15 ⋅ Palo Alto Networks Unit 42 ⋅ Ryan Olson
Introducing the Adversary Playbook: First up, OilRig
OilRig

2017-12-11 ⋅ Palo Alto Networks Unit 42 ⋅ Robert Falcone
OilRig Performs Tests on the TwoFace Webshell
TwoFace

2017-11-20 ⋅ Palo Alto Networks Unit 42 ⋅ Anthony Kasza, Juan Cortes, Micah Yates
Operation Blockbuster Goes Mobile
HARDRAIN

2017-11-14 ⋅ Palo Alto Networks Unit 42 ⋅ Tom Lancaster
Muddying the Water: Targeted Attacks in the Middle East
POWERSTATS MuddyWater

2017-11-10 ⋅ Palo Alto Networks Unit 42 ⋅ Jen Miller-Osborn, Josh Grunzweig
New Malware with Ties to SunOrcal Discovered
Reaver SunOrcal

2017-11-08 ⋅ Palo Alto Networks Unit 42 ⋅ Robert Falcone
OilRig Deploys “ALMA Communicator” – DNS Tunneling Trojan
Alma Communicator

2017-11-02 ⋅ Palo Alto Networks Unit 42 ⋅ Jacob Soo, Josh Grunzweig
Recent InPage Exploits Lead to Multiple Malware Families
Confucius

2017-11-02 ⋅ Palo Alto Networks Unit 42 ⋅ Jacob Soo, Josh Grunzweig
Recent InPage Exploits Lead to Multiple Malware Families
BioData

2017-11-01 ⋅ Palo Alto Networks Unit 42 ⋅ Brandon Levene, Brandon Young, Dominik Reichel
Everybody Gets One: QtBot Used to Distribute Trickbot and Locky
QtBot

2017-10-27 ⋅ Palo Alto Networks Unit 42 ⋅ Unit42
Tracking Subaat: Targeted Phishing Attack Leads to Threat Actor’s Repository
The Gorgon Group

2017-10-27 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Tracking Subaat: Targeted Phishing Attack Leads to Threat Actor’s Repository

2017-10-09 ⋅ Palo Alto Networks Unit 42 ⋅ Bryan Lee, Robert Falcone
OilRig Group Steps Up Attacks with New Delivery Documents and New Injector Trojan
OilRig

2017-10-05 ⋅ Palo Alto Networks Unit 42 ⋅ Esmid Idrizovic, Juan Cortes
FreeMilk: A Highly Targeted Spear Phishing Campaign
APT37