Malpedia Library

Click here to download all references as Bib-File.•

2022-08-15 ⋅ Symantec ⋅ Threat Hunter Team
Shuckworm: Russia-Linked Group Maintains Ukraine Focus

2022-07-13 ⋅ Check Point ⋅ Check Point Research
A Hit is made: Suspected India-based Sidewinder APT successfully cyber attacks Pakistan military focused targets
Unidentified 093 (Sidewinder)

2022-05-30 ⋅ ⋅ NSFOCUS ⋅ NSFOCUS
Operation DarkCasino: In-Depth Analysis of Recent Attacks by APT Group EVILNUM
DarkMe

2022-05-04 ⋅ Twitter (@ESETresearch) ⋅ Twitter (@ESETresearch)
Twitter thread on code similarity analysis, focussing on IsaacWiper and recent Cluster25 publication
IsaacWiper

2022-03-10 ⋅ Talos ⋅ Arnaud Zobec, Asheer Malhotra, Vitor Ventura
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
STARWHALE

2022-02-17 ⋅ NCC Group ⋅ Michael Mullen, Richard Footman, Simon Biggs
Detecting Karakurt – an extortion focused threat actor

2022-01-27 ⋅ Gigamon ⋅ Joe Slowik
Focusing on “Left of Boom”
WhisperGate

2021-12-07 ⋅ Mandiant ⋅ Jake Nicastro, Nick Richard, Rufus Brown, Van Ta
FIN13: A Cybercriminal Threat Actor Focused on Mexico
jspRAT win.rekoobe FIN13

2021-11-23 ⋅ NSFOCUS ⋅ NSFOCUS
2021 Analysis Report on Lorec53 Group
SaintBear

2021-11-19 ⋅ ⋅ FOCUS ⋅ Jan-Philipp Hein
Im Rätsel um gruselige Spionage-Software führt die Spur über Wirecard in den Kreml
Subzero

2021-11-11 ⋅ Trend Micro ⋅ Alfredo Oliveira, David Fiser
TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments

2021-11-03 ⋅ Trend Micro ⋅ Alfredo Oliveira, David Fiser
TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments
TeamTNT

2021-10-25 ⋅ Gigamon ⋅ Joe Slowik
Bear in the Net: A Network-Focused Perspective on Berserk Bear

2021-09-26 ⋅ NSFOCUS ⋅ Jie Ji
Insights into Ransomware Spread Using Exchange 1-Day Vulnerabilities 1-2
Cobalt Strike LockFile

2021-08-05 ⋅ ⋅ NSFOCUS ⋅ NSFOCUS
LOREC53 Organizational Analysis Report - Attack Activity Part

2021-07-20 ⋅ Trend Micro ⋅ Alfredo Oliveira, David Fiser
Tracking the Activities of TeamTNT: A Closer Look at a Cloud-Focused Malicious Actor Group
TeamTNT

2021-07-15 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Kristin Berdan, Ron Deibert
Hooking Candiru Another Mercenary Spyware Vendor Comes into Focus
Chainshot

2021-06-18 ⋅ ⋅ NSFOCUS ⋅ Fuying Laboratory
Ryuk Botnet, Simps Botnet, Gods of Destny Botnet

2021-06-11 ⋅ ⋅ NSFOCUS ⋅ Fuying Laboratory
Nigerian Hacker Organization SWEED is Distributing Phishing Documents Targeting the Logistics Industry
Agent Tesla

2021-03-24 ⋅ Proofpoint ⋅ Assaf Friedman, Itir Clarke
OAuth Abuse: Think SolarWinds/Solorigate Campaign with Focus on Cloud Applications