Malpedia Library

Click here to download all references as Bib-File.•

2024-06-20 ⋅ Red Canary ⋅ The Red Canary Team
Gourav Khandelwal, Akash Chaudhuri, Matthew Mesa, Sagar Patil, Uri Oren, Krithika Ramakrishnan
UNC4393

2024-06-19 ⋅ AT&T ⋅ Fernando Dominguez
LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations
SquidLoader

2024-06-10 ⋅ The Hacker News ⋅ Ravie Lakshmanan
More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack
More_eggs

2024-05-14 ⋅ ESET Research ⋅ Marc-Etienne M.Léveillé
Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain
Ebury

2024-05-13 ⋅ ESET Research ⋅ Marc-Etienne M.Léveillé
Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain
Ebury

2024-05-01 ⋅ Mandiant ⋅ Adrian Hernandez, Asli Koksal, Jonathan Leathery, Ofir Rozmann, Sarah Bock
Uncharmed: Untangling Iran's APT42 Operations
TAMECAT

2024-05-01 ⋅ Trend Micro ⋅ Feike Hacquebord, Fernando Mercês
Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks
Ngioweb SSHDoor

2024-04-03 ⋅ Resecurity ⋅ Resecurity
The New Version Of JsOutProx Is Attacking Financial Institutions In APAC And MENA Via GitLab Abuse
JSOutProx

2024-04-02 ⋅ Kaspersky ⋅ Kaspersky Lab ICS CERT
APT and financial attacks on industrial organizations in H2 2023
HellHounds

2024-03-18 ⋅ Twitter (@juanandres_gs) ⋅ Juan Andrés Guerrero-Saade
Twitter thread on the sample identified
AcidPour

2024-03-09 ⋅ Asobancaria ⋅ CSIRT Financiero
New Backdoor Activity Socks5Systemz
Socks5 Systemz

2024-01-31 ⋅ Trend Micro ⋅ Feike Hacquebord, Fernando Mercês
Pawn Storm Uses Brute Force and Stealth Against High-Value Targets
Mocky LNK Unidentified 114 (APT28 InfoStealer)

2024-01-25 ⋅ JSAC 2024 ⋅ Dongwook Kim, Seulgi Lee
Lazarus Group’s Large-scale Threats via Watering Hole and Financial Software

2024-01-23 ⋅ Trend Micro ⋅ Christian Alpuerto, Christian Jason Geollegue, Don Ovid Ladores, Emmanuel Panopio, Emmanuel Roll, Francesca Villasanta, Gerald Fernandez, Julius Keith Estrellado, Raighen Sanchez, Raymart Yambot, Rhio Manaog, Shawn Austin Santos, Sophia Nilette Robles
Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver
Kasseika

2024-01-05 ⋅ AlienLabs ⋅ Fernando Martinez
AsyncRAT loader: Obfuscation, DGAs, decoys and Govno
MintsLoader AsyncRAT

2023-12-12 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Threat actors misuse OAuth applications to automate financially driven attacks
Storm-1283 Storm-1286

2023-11-21 ⋅ Checkpoint ⋅ Marc Salinas Fernandez
The Platform Matters: A Comparative Study on Linux and Windows Ransomware Attacks
Gwisin

2023-11-21 ⋅ Trellix ⋅ Ciana Driscoll, Ernesto Fernández Provecho, Pham Duy Phuc, Vinoo Thomas
The Continued Evolution of the DarkGate Malware-as-a-Service
DarkGate

2023-10-10 ⋅ Mandiant ⋅ Adrian Hernandez, Austin Larsen, JEFF JOHNSON, Michael Barnhart, Michelle Cantos, Taylor Long
Assessed Cyber Structure and Alignments of North Korea in 2023
TraderTraitor

2023-10-05 ⋅ ESET Research ⋅ Fernando Tavella
Operation Jacana: Foundling hobbits in Guyana
DinodasRAT