Malpedia Library

2018-06-15 ⋅ Bleeping Computer ⋅ Catalin Cimpanu
Chinese Cyber-Espionage Group Hacked Government Data Center
APT27

2018-06-13 ⋅ Threatpost ⋅ Tara Seals
Banco de Chile Wiper Attack Just a Cover for $10M SWIFT Heist
Lazarus Group

2018-06-13 ⋅ Kaspersky Labs ⋅ Denis Legezo
LuckyMouse hits national data center to organize country-level waterholing campaign
HyperBro APT27

2018-05-17 ⋅ Minerva Labs ⋅ Gal Bitensky
Analyzing an AZORult Attack – Evasion in a Cloak of Multiple Layers
Azorult

2018-04-13 ⋅ NewSky Security ⋅ NewSky Security
Understanding the IoT Hacker — A Conversation With Owari/Sora IoT Botnet Author
Owari

2018-03-30 ⋅ Trend Micro ⋅ David Sancho, Massimiliano Michenz, Numaan Huq
Cashing in on ATM Malware: A Comprehensive Look at Various Attack Types
Project Alice ATMitch Ploutus ATM Ripper ATM Skimer SUCEFUL Tyupkin

2018-02-01 ⋅ Bitdefender ⋅ Bogdan Botezatu, Ivona Alexandra Chili
Operation PZChao: a possible return of the Iron Tiger APT
APT27

2018-01-24 ⋅ Objective-See ⋅ Patrick Wardle
Analyzing CrossRAT: A cross-platform implant, utilized in a global cyber-espionage campaign
CrossRAT

2018-01-17 ⋅ Malwarebytes ⋅ hasherezade
A coin miner with a “Heaven’s Gate”
Coinminer

2018-01-13 ⋅ The Washington Post ⋅ Ellen Nakashima
Russian military was behind ‘NotPetya’ cyberattack in Ukraine, CIA concludes
EternalPetya

2018-01-12 ⋅ Stormshield ⋅ Rémi Jullian
Analyzing an Agent Tesla campaign: from a word document to the attacker credentials
Agent Tesla

2018-01-01 ⋅ Malwarebytes ⋅ hasherezade
A coin miner with a “Heaven’s Gate”
Coinminer

2017-11-27 ⋅ Blacklake ⋅ Brian Krebs
WHO WAS THE NSA CONTRACTOR ARRESTED FOR LEAKING THE ‘SHADOW BROKERS’ HACKING TOOLS?
The Shadow Brokers

2017-11-08 ⋅ Palo Alto Networks Unit 42 ⋅ Robert Falcone
OilRig Deploys “ALMA Communicator” – DNS Tunneling Trojan
Alma Communicator

2017-11-01 ⋅ Virus Bulletin ⋅ Patrick Wardle
Offensive malware analysis: dissecting OSX/FruitFly.B via a custom C&C server
FruitFly

2017-10-30 ⋅ Kaspersky Labs ⋅ Ghareeb Saad, Mohamad Amin Hasbini
Gaza Cybergang – updated activity in 2017:
Molerats

2017-10-05 ⋅ Virus Bulletin ⋅ Catalin Valeriu Lita, Doina Cosovan
Linking Xpaj and Nymaim
Nymaim

2017-10-05 ⋅ Trend Micro ⋅ Jaromír Hořejší
SYSCON Backdoor Uses FTP as a C&C Channel
Syscon

2017-09-26 ⋅ Palo Alto Networks Unit 42 ⋅ Bryan Lee, Robert Falcone
Striking Oil: A Closer Look at Adversary Infrastructure
OilRig

2017-09-26 ⋅ Palo Alto Networks Unit 42 ⋅ Bryan Lee, Robert Falcone
Striking Oil: A Closer Look at Adversary Infrastructure
RGDoor