Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-06-08Intel 471Intel 471
@online{471:20210608:blurry:5b278e5, author = {Intel 471}, title = {{The blurry boundaries between nation-state actors and the cybercrime underground}}, date = {2021-06-08}, organization = {Intel 471}, url = {https://www.intel471.com/blog/cybercrime-russia-china-iran-nation-state}, language = {English}, urldate = {2021-06-16} } The blurry boundaries between nation-state actors and the cybercrime underground
Dridex Gameover P2P
2021-06-02Intel 471Greg Otto
@online{otto:20210602:call:ad8156c, author = {Greg Otto}, title = {{Call for crimes? Russian-language forum runs contest for cryptocurrency hacks}}, date = {2021-06-02}, organization = {Intel 471}, url = {https://intel471.com/blog/call-for-crimes-russian-language-forum-runs-contest-for-cryptocurrency-hacks}, language = {English}, urldate = {2021-06-24} } Call for crimes? Russian-language forum runs contest for cryptocurrency hacks
2021-05-19Intel 471Intel 471
@online{471:20210519:look:5ba9516, author = {Intel 471}, title = {{Look how many cybercriminals love Cobalt Strike}}, date = {2021-05-19}, organization = {Intel 471}, url = {https://www.intel471.com/blog/Cobalt-strike-cybercriminals-trickbot-qbot-hancitor}, language = {English}, urldate = {2021-05-19} } Look how many cybercriminals love Cobalt Strike
BazarBackdoor Cobalt Strike Hancitor QakBot SmokeLoader SystemBC TrickBot
2021-05-14Intel 471Intel 471
@online{471:20210514:moral:83d138a, author = {Intel 471}, title = {{The moral underground? Ransomware operators retreat after Colonial Pipeline hack}}, date = {2021-05-14}, organization = {Intel 471}, url = {https://www.intel471.com/blog/darkside-ransomware-shut-down-revil-avaddon-cybercrime}, language = {English}, urldate = {2021-05-17} } The moral underground? Ransomware operators retreat after Colonial Pipeline hack
DarkSide DarkSide
2021-05-10Intel 471Intel 471
@online{471:20210510:heres:ebc6e81, author = {Intel 471}, title = {{Here’s what we know about DarkSide ransomware}}, date = {2021-05-10}, organization = {Intel 471}, url = {https://www.intel471.com/blog/darkside-ransomware-colonial-pipeline-attack}, language = {English}, urldate = {2021-05-13} } Here’s what we know about DarkSide ransomware
DarkSide
2021-04-26Intel 471Intel 471
@online{471:20210426:cybercriminal:a1f6da3, author = {Intel 471}, title = {{The cybercriminal underground hasn’t forgotten about financial services}}, date = {2021-04-26}, organization = {Intel 471}, url = {https://www.intel471.com/blog/financial-cybercrime-2021-jackpotting-atm-malware}, language = {English}, urldate = {2021-05-03} } The cybercriminal underground hasn’t forgotten about financial services
2021-04-19Intel 471Intel 471
@online{471:20210419:how:2cba4f2, author = {Intel 471}, title = {{How China’s cybercrime underground is making money off big data}}, date = {2021-04-19}, organization = {Intel 471}, url = {https://intel471.com/blog/china-cybercrime-big-data-privacy-laws/}, language = {English}, urldate = {2021-04-20} } How China’s cybercrime underground is making money off big data
2021-04-06Intel 471Intel 471
@online{471:20210406:ettersilent:b591f59, author = {Intel 471}, title = {{EtterSilent: the underground’s new favorite maldoc builder}}, date = {2021-04-06}, organization = {Intel 471}, url = {https://intel471.com/blog/ettersilent-maldoc-builder-macro-trickbot-qbot/}, language = {English}, urldate = {2021-04-06} } EtterSilent: the underground’s new favorite maldoc builder
BazarBackdoor ISFB QakBot TrickBot
2021-02-17Intel 471Intel 471
@online{471:20210217:egregor:6194a4b, author = {Intel 471}, title = {{Egregor operation takes huge hit after police raids}}, date = {2021-02-17}, organization = {Intel 471}, url = {https://intel471.com/blog/egregor-arrests-ukraine-sbu-maze-ransomware}, language = {English}, urldate = {2021-02-20} } Egregor operation takes huge hit after police raids
Egregor
2021-01-27Intel 471Intel 471
@online{471:20210127:emotet:0a7344b, author = {Intel 471}, title = {{Emotet takedown is not like the Trickbot takedown}}, date = {2021-01-27}, organization = {Intel 471}, url = {https://intel471.com/blog/emotet-takedown-2021/}, language = {English}, urldate = {2021-01-29} } Emotet takedown is not like the Trickbot takedown
Emotet
2021-01-15Intel 471Intel 471
@online{471:20210115:last:c976da0, author = {Intel 471}, title = {{Last Dash for Joker’s Stash: Carding forum may close in 30 days}}, date = {2021-01-15}, organization = {Intel 471}, url = {https://intel471.com/blog/jokers-stash-closed-february-2021/}, language = {English}, urldate = {2021-01-18} } Last Dash for Joker’s Stash: Carding forum may close in 30 days
2020-12-18Intel 471Intel 471
@online{471:20201218:ta505s:8fb97af, author = {Intel 471}, title = {{TA505’s modified loader means new attack campaign could be coming}}, date = {2020-12-18}, organization = {Intel 471}, url = {https://intel471.com/blog/ta505-get2-loader-malware-december-2020/}, language = {English}, urldate = {2020-12-19} } TA505’s modified loader means new attack campaign could be coming
Get2
2020-12-16Intel 471Intel 471
@online{471:20201216:intel471s:f245d05, author = {Intel 471}, title = {{Intel471's full statement on their knowledge of SolarWinds and the cybercriminal underground}}, date = {2020-12-16}, organization = {Intel 471}, url = {https://twitter.com/Intel471Inc/status/1339233255741120513}, language = {English}, urldate = {2020-12-17} } Intel471's full statement on their knowledge of SolarWinds and the cybercriminal underground
SUNBURST
2020-12-10Intel 471Intel 471
@online{471:20201210:no:9fd2ae1, author = {Intel 471}, title = {{No pandas, just people: The current state of China’s cybercrime underground}}, date = {2020-12-10}, organization = {Intel 471}, url = {https://intel471.com/blog/china-cybercrime-undergrond-deepmix-tea-horse-road-great-firewall/}, language = {English}, urldate = {2020-12-10} } No pandas, just people: The current state of China’s cybercrime underground
Anubis SpyNote AsyncRAT Cobalt Strike Ghost RAT NjRAT
2020-12-01Intel 471Intel 471
@online{471:20201201:steal:db9aadd, author = {Intel 471}, title = {{Steal, then strike: Access merchants are first clues to future ransomware attacks}}, date = {2020-12-01}, organization = {Intel 471}, url = {https://intel471.com/blog/ransomware-attack-access-merchants-infostealer-escrow-service/}, language = {English}, urldate = {2020-12-17} } Steal, then strike: Access merchants are first clues to future ransomware attacks
DoppelPaymer
2020-11-23Intel 471Intel 471
@online{471:20201123:heres:1435e96, author = {Intel 471}, title = {{Here’s what happens after a business gets hit with ransomware}}, date = {2020-11-23}, organization = {Intel 471}, url = {https://intel471.com/blog/how-to-recover-from-a-ransomware-attack/}, language = {English}, urldate = {2020-12-17} } Here’s what happens after a business gets hit with ransomware
2020-11-16Intel 471Intel 471
@online{471:20201116:ransomwareasaservice:11a5a8b, author = {Intel 471}, title = {{Ransomware-as-a-service: The pandemic within a pandemic}}, date = {2020-11-16}, organization = {Intel 471}, url = {https://public.intel471.com/blog/ransomware-as-a-service-2020-ryuk-maze-revil-egregor-doppelpaymer/}, language = {English}, urldate = {2020-11-17} } Ransomware-as-a-service: The pandemic within a pandemic
Avaddon Clop Conti DoppelPaymer Egregor Hakbit Mailto Maze Mespinoza RagnarLocker REvil Ryuk SunCrypt ThunderX
2020-11-10Intel 471Intel 471
@online{471:20201110:trickbot:5db76db, author = {Intel 471}, title = {{Trickbot down, but is it out?}}, date = {2020-11-10}, organization = {Intel 471}, url = {https://public.intel471.com/blog/trickbot-update-november-2020-bazar-loader-microsoft/}, language = {English}, urldate = {2020-11-11} } Trickbot down, but is it out?
BazarBackdoor TrickBot
2020-10-28Intel 471Intel 471
@online{471:20201028:alleged:46a2bb1, author = {Intel 471}, title = {{Alleged REvil member spills details on group’s ransomware operations}}, date = {2020-10-28}, organization = {Intel 471}, url = {https://public.intel471.com/blog/revil-ransomware-interview-russian-osint-100-million/}, language = {English}, urldate = {2020-11-02} } Alleged REvil member spills details on group’s ransomware operations
REvil
2020-10-20Intel 471Intel 471
@online{471:20201020:global:570e26f, author = {Intel 471}, title = {{Global Trickbot disruption operation shows promise}}, date = {2020-10-20}, organization = {Intel 471}, url = {https://public.intel471.com/blog/global-trickbot-disruption-operation-shows-promise/}, language = {English}, urldate = {2020-10-21} } Global Trickbot disruption operation shows promise
TrickBot