Malpedia Library

Click here to download all references as Bib-File.•

2024-03-15 ⋅ Palo Alto Networks Unit 42 ⋅ Amanda Tanner, Anthony Galiette, Jerome Tujague
Inside the Rabbit Hole: BunnyLoader 3.0 Unveiled
BunnyLoader

2024-02-13 ⋅ Palo Alto Networks Unit 42 ⋅ Ofir Ozer, Or Chechik
A Deep Dive Into Malicious Direct Syscall Detection
Lumma Stealer

2024-02-12 ⋅ Palo Alto Networks Unit 42 ⋅ Dan Yashnik, Lior Rochberger
Diving Into Glupteba's UEFI Bootkit
Glupteba

2023-12-07 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Fighting Ursa Aka APT28: Illuminating a Covert Campaign

2023-11-21 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors
BeaverTail InvisibleFerret WageMole

2023-11-06 ⋅ Palo Alto Networks Unit 42 ⋅ Assaf Dahan, Daniel Frank, Or Chechik, Tom Fakterman
Agonizing Serpens (Aka Agrius) Targeting the Israeli Higher Education and Tech Sectors
Apostle Pink Sandstorm

2023-10-31 ⋅ Palo Alto Networks Unit 42 ⋅ Daniel Frank, Tom Fakterman
Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla)
Kazuar

2023-09-22 ⋅ Palo Alto Networks Unit 42 ⋅ Lior Rochberger, Robert Falcone, Tom Fakterman
Cyberespionage Attacks Against Southeast Asian Government Linked to Stately Taurus, Aka Mustang Panda
Cobalt Strike MimiKatz RemCom ShadowPad TONESHELL

2023-09-22 ⋅ Palo Alto Networks Unit 42 ⋅ Lior Rochberger, Robert Falcone, Tom Fakterman
Persistent Attempts at Cyberespionage Against Southeast Asian Government Target Have Links to Alloy Taurus
Reshell GALLIUM

2023-08-01 ⋅ Palo Alto Networks Unit 42 ⋅ Lior Rochberger
NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts
BitRAT NodeStealer XWorm

2023-07-19 ⋅ Palo Alto Networks Unit 42 ⋅ Nathaniel Quist, Nelson William Gamazo Sanchez, Unit 42
P2PInfect: The Rusty Peer-to-Peer Self-Replicating Worm
P2Pinfect

2023-07-12 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Diplomats Beware: Cloaked Ursa Phishing With a Twist
GraphDrop

2023-07-12 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Diplomats Beware: Cloaked Ursa Phishing With a Twist

2023-06-16 ⋅ Palo Alto Networks: Cortex Threat Research ⋅ Lior Rochberger
Through the Cortex XDR Lens: Uncovering a New Activity Group Targeting Governments in the Middle East and Africa
CHINACHOPPER Ladon Yasso CL-STA-0043

2023-05-30 ⋅ Palo Alto Networks Unit 42 ⋅ Brad Duncan
Cold as Ice: Answers to Unit 42 Wireshark Quiz for IcedID
IcedID PhotoLoader

2023-05-26 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Threat Brief: Attacks on Critical Infrastructure Attributed to Insidious Taurus (aka Volt Typhoon)
Volt Typhoon

2023-05-03 ⋅ Palo Alto Networks Unit 42 ⋅ Bob Jung, Daniel Raygoza, Mark Lim
Teasing the Secrets From Threat Actors: Malware Configuration Parsing at Scale
IcedID PhotoLoader

2023-04-26 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
Chinese Alloy Taurus Updates PingPull Malware
PingPull Sword2033

2023-03-16 ⋅ Palo Alto Networks Unit 42 ⋅ Frank Lee, Scott Roland
Bee-Ware of Trigona, An Emerging Ransomware Strain
Cryakl MimiKatz Trigona

2023-01-26 ⋅ Palo Alto Networks Unit 42 ⋅ Jen Miller-Osborn, Mike Harbison
Chinese PlugX Malware Hidden in Your USB Devices?
PlugX