Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-02-22Avast DecodedAnh ho
@online{ho:20210222:masslogger:632f622, author = {Anh ho}, title = {{MassLogger v3: a .NET stealer with serious obfuscation}}, date = {2021-02-22}, organization = {Avast Decoded}, url = {https://decoded.avast.io/anhho/masslogger-v3-a-net-stealer-with-serious-obfuscation/}, language = {English}, urldate = {2021-02-25} } MassLogger v3: a .NET stealer with serious obfuscation
MASS Logger
2021-02-03Avast DecodedJan Vojtěšek, Jan Rubín
@online{vojtek:20210203:backdoored:21906b8, author = {Jan Vojtěšek and Jan Rubín}, title = {{Backdoored Browser Extensions Hid Malicious Traffic in Analytics Requests}}, date = {2021-02-03}, organization = {Avast Decoded}, url = {https://decoded.avast.io/janvojtesek/backdoored-browser-extensions-hid-malicious-traffic-in-analytics-requests/}, language = {English}, urldate = {2021-02-04} } Backdoored Browser Extensions Hid Malicious Traffic in Analytics Requests
2020-12-09Avast DecodedLuigino Camastra, Igor Morgenstern
@online{camastra:20201209:targeting:952844f, author = {Luigino Camastra and Igor Morgenstern}, title = {{APT Group Targeting Governmental Agencies in East Asia}}, date = {2020-12-09}, organization = {Avast Decoded}, url = {https://decoded.avast.io/luigicamastra/apt-group-targeting-governmental-agencies-in-east-asia/}, language = {English}, urldate = {2021-01-27} } APT Group Targeting Governmental Agencies in East Asia
Albaniiutas HyperBro PlugX Tmanger
2020-10-27AvastLisandro Ubiedo
@online{ubiedo:20201027:data:285fc7a, author = {Lisandro Ubiedo}, title = {{Data exfiltration via IPv6}}, date = {2020-10-27}, organization = {Avast}, url = {https://blog.avast.com/data-exfiltration-via-ipv6-avast}, language = {English}, urldate = {2020-11-02} } Data exfiltration via IPv6
2020-10-14Avast DecodedJan Vojtěšek
@online{vojtek:20201014:fakembam:abce405, author = {Jan Vojtěšek}, title = {{FakeMBAM: Backdoor Delivered Through Software Updates}}, date = {2020-10-14}, organization = {Avast Decoded}, url = {https://decoded.avast.io/janvojtesek/fakembam-backdoor-delivered-through-software-updates/}, language = {English}, urldate = {2020-10-23} } FakeMBAM: Backdoor Delivered Through Software Updates
2020-09-25Avast DecodedMartin Hron
@online{hron:20200925:fresh:41ed4d0, author = {Martin Hron}, title = {{The Fresh Smell of ransomed coffee}}, date = {2020-09-25}, organization = {Avast Decoded}, url = {https://decoded.avast.io/martinhron/the-fresh-smell-of-ransomed-coffee/}, language = {English}, urldate = {2020-09-25} } The Fresh Smell of ransomed coffee
2020-09-17Avast DecodedJan Rubín
@online{rubn:20200917:complex:e1b3abc, author = {Jan Rubín}, title = {{Complex obfuscation? Meh… (1/2)}}, date = {2020-09-17}, organization = {Avast Decoded}, url = {https://decoded.avast.io/janrubin/complex-obfuscation-meh/}, language = {English}, urldate = {2020-09-24} } Complex obfuscation? Meh… (1/2)
2020-05-20Avast DecodedDavid Jursa, Simi Musilova, Jan Rubín, Alexej Savčin
@online{jursa:20200520:ghostdns:43190d5, author = {David Jursa and Simi Musilova and Jan Rubín and Alexej Savčin}, title = {{GhostDNS Source Code Leaked}}, date = {2020-05-20}, organization = {Avast Decoded}, url = {https://decoded.avast.io/simonamusilova/ghostdns-source-code-leaked/}, language = {English}, urldate = {2020-05-23} } GhostDNS Source Code Leaked
2020-05-14Avast DecodedLuigino Camastra
@online{camastra:20200514:planted:03eab5a, author = {Luigino Camastra}, title = {{APT Group Planted Backdoors Targeting High Profile Networks in Central Asia}}, date = {2020-05-14}, organization = {Avast Decoded}, url = {https://decoded.avast.io/luigicamastra/apt-group-planted-backdoors-targeting-high-profile-networks-in-central-asia/}, language = {English}, urldate = {2020-05-14} } APT Group Planted Backdoors Targeting High Profile Networks in Central Asia
BYEBY Microcin Microcin
2020-04-02AvastJan Rubín
@online{rubn:20200402:coviper:f06be6d, author = {Jan Rubín}, title = {{CoViper locking down computers during lockdown}}, date = {2020-04-02}, organization = {Avast}, url = {https://decoded.avast.io/janrubin/coviper-locking-down-computers-during-lockdown/}, language = {English}, urldate = {2020-04-07} } CoViper locking down computers during lockdown
CoViper
2019-12-10Sentinel LABSVitali Kremez, Joshua Platt, Jason Reaves
@online{kremez:20191210:morphisec:c0fc51c, author = {Vitali Kremez and Joshua Platt and Jason Reaves}, title = {{MORPHISEC DISCOVERS CCLEANER BACKDOOR SAVING MILLIONS OF AVAST USERS}}, date = {2019-12-10}, organization = {Sentinel LABS}, url = {https://labs.sentinelone.com/the-deadly-planeswalker-how-the-trickbot-group-united-high-tech-crimeware-apt/}, language = {English}, urldate = {2020-01-08} } MORPHISEC DISCOVERS CCLEANER BACKDOOR SAVING MILLIONS OF AVAST USERS
Anchor
2019-09-12AvastAdolf Středa, Luigino Camastra
@online{steda:20190912:tangle:204c26f, author = {Adolf Středa and Luigino Camastra}, title = {{The tangle of WiryJMPer’s obfuscation}}, date = {2019-09-12}, organization = {Avast}, url = {https://decoded.avast.io/adolfstreda/the-tangle-of-wiryjmpers-obfuscation/}, language = {English}, urldate = {2020-01-13} } The tangle of WiryJMPer’s obfuscation
NetWire RC
2019-08-28AvastJan Vojtěšek
@online{vojtek:20190828:putting:c1bf82c, author = {Jan Vojtěšek}, title = {{Putting an end to Retadup: A malicious worm that infected hundreds of thousands}}, date = {2019-08-28}, organization = {Avast}, url = {https://decoded.avast.io/janvojtesek/putting-an-end-to-retadup-a-malicious-worm-that-infected-hundreds-of-thousands/}, language = {English}, urldate = {2019-10-15} } Putting an end to Retadup: A malicious worm that infected hundreds of thousands
Retadup
2019-08-06AvastJan Rubín
@online{rubn:20190806:clipsa:81eb577, author = {Jan Rubín}, title = {{Clipsa – Multipurpose password stealer}}, date = {2019-08-06}, organization = {Avast}, url = {https://decoded.avast.io/janrubin/clipsa-multipurpose-password-stealer/}, language = {English}, urldate = {2020-01-13} } Clipsa – Multipurpose password stealer
Sysraw Stealer
2019-07-16enSiloChen Erlich
@online{erlich:20190716:avast:b3dec63, author = {Chen Erlich}, title = {{The Avast Abuser: Metamorfo Banking Malware Hides By Abusing Avast Executable}}, date = {2019-07-16}, organization = {enSilo}, url = {https://medium.com/@chenerlich/the-avast-abuser-metamorfo-banking-malware-hides-by-abusing-avast-executable-ac9b8b392767}, language = {English}, urldate = {2020-04-13} } The Avast Abuser: Metamorfo Banking Malware Hides By Abusing Avast Executable
Metamorfo
2019-06-25AvastJeff Elder
@online{elder:20190625:ransomware:4b72d11, author = {Jeff Elder}, title = {{Ransomware strain Troldesh spikes again – Avast tracks new attacks}}, date = {2019-06-25}, organization = {Avast}, url = {https://blog.avast.com/ransomware-strain-troldesh-spikes}, language = {English}, urldate = {2020-01-09} } Ransomware strain Troldesh spikes again – Avast tracks new attacks
Troldesh
2019-02-20Avast DecodedLuigino Camastra, Jan Širmer, Adolf Středa, Lukáš Obrdlík
@online{camastra:20190220:spoofing:f2e825b, author = {Luigino Camastra and Jan Širmer and Adolf Středa and Lukáš Obrdlík}, title = {{Spoofing in the reeds with Rietspoof}}, date = {2019-02-20}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatintel/spoofing-in-the-reeds-with-rietspoof/}, language = {English}, urldate = {2020-01-06} } Spoofing in the reeds with Rietspoof
Rietspoof
2019-02-16AvastThreat Intelligence Team
@online{team:20190216:spoofing:eeffd53, author = {Threat Intelligence Team}, title = {{Spoofing in the reeds with Rietspoof}}, date = {2019-02-16}, organization = {Avast}, url = {https://blog.avast.com/rietspoof-malware-increases-activity}, language = {English}, urldate = {2020-01-10} } Spoofing in the reeds with Rietspoof
Rietspoof
2018-12-04AvastAdolf Středa, Jan Neduchal
@online{steda:20181204:hide:4927f2a, author = {Adolf Středa and Jan Neduchal}, title = {{Hide ‘N Seek botnet continues infecting devices with default credentials, building a P2P network and more.}}, date = {2018-12-04}, organization = {Avast}, url = {https://blog.avast.com/hide-n-seek-botnet-continues}, language = {English}, urldate = {2019-11-26} } Hide ‘N Seek botnet continues infecting devices with default credentials, building a P2P network and more.
Hide and Seek
2018-09-27AvastThreat Intelligence Team
@online{team:20180927:torii:186f7d7, author = {Threat Intelligence Team}, title = {{Torii botnet - Not another Mirai variant}}, date = {2018-09-27}, organization = {Avast}, url = {https://blog.avast.com/new-torii-botnet-threat-research}, language = {English}, urldate = {2020-01-13} } Torii botnet - Not another Mirai variant
Torii