Malpedia Library

2023-10-25 ⋅ ESET Research ⋅ Matthieu Faou
Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers
Unidentified JS 006 (Winter Wyvern) Winter Vivern

2023-10-05 ⋅ ESET Research ⋅ Fernando Tavella
Operation Jacana: Foundling hobbits in Guyana
DinodasRAT

2023-09-29 ⋅ ESET Research ⋅ Peter Kálnai
Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company
CLOUDBURST LightlessCan miniBlindingCan sRDI

2023-09-21 ⋅ ESET Research ⋅ Zuzana Hromcová
OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes
Mango Solar

2023-08-10 ⋅ ESET Research ⋅ Matthieu Faou
MoustachedBouncer AitM-powered surveillance via Belarus ISPs
NightClub

2023-08-10 ⋅ ESET Research ⋅ Matthieu Faou
MoustachedBouncer: Espionage against foreign diplomats in Belarus
NightClub MoustachedBouncer

2023-06-15 ⋅ ESET Research ⋅ Lukáš Štefanko
Android GravityRAT goes after WhatsApp backups
Gravity RAT

2023-05-23 ⋅ ESET Research ⋅ Lukáš Štefanko
Android app breaking bad: From legitimate screen recording to file exfiltration within a year

2023-04-26 ⋅ ESET Research ⋅ Facundo Muñoz
Evasive Panda APT group delivers malware via updates for popular Chinese software
MgBot BRONZE HIGHLAND

2023-04-20 ⋅ ESET Research ⋅ Marc-Etienne M.Léveillé, Peter Kálnai
Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack
BADCALL SimpleTea POOLRAT 3CX Backdoor BADCALL IconicStealer

2023-03-14 ⋅ ESET Research ⋅ Facundo Muñoz
The slow Tick‑ing time bomb: Tick APT group compromise of a DLP software developer in East Asia

2023-03-07 ⋅ ESET Research ⋅ Lukáš Štefanko
Love scam or espionage? Transparent Tribe lures Indian and Pakistani officials
CapraRAT

2023-03-02 ⋅ ESET Research ⋅ Alexandre Côté Cyr
MQsTTang: Mustang Panda’s latest backdoor treads new ground with Qt and MQTT
MQsTTang

2023-03-01 ⋅ ESET Research ⋅ Martin Smolár
BlackLotus UEFI bootkit: Myth confirmed
BlackLotus

2023-02-24 ⋅ ESET Research ⋅ ESET Research
A year of wiper attacks in Ukraine

2023-02-23 ⋅ ESET Research ⋅ Vladislav Hrčka
WinorDLL64: A backdoor from the vast Lazarus arsenal?
WinorDLL64

2023-02-01 ⋅ ESET Research ⋅ ESET Research
Threat Report T3 2022

2023-01-30 ⋅ ESET Research ⋅ ESET Research
APT Activity Report T3 2022: Sandworm Deploying its Enhanced Wiper Arsenal

2023-01-27 ⋅ ESET Research ⋅ ESET Research
Tweets on SwiftSlicer
SwiftSlicer

2023-01-27 ⋅ ESET Research ⋅ ESET Research
SwiftSlicer: New destructive wiper malware strikes Ukraine
SwiftSlicer