Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-01-01ThreatMonSeyit Sigirci (@h3xecute), ThreatMon Malware Research Team
Reverse Engineering RokRAT: A Closer Look at APT37’s Onedrive-Based Attack Vector
RokRAT
2022-12-09SecureworksSecureWorks' Counter Threat Unit Research Team
Drokbk Malware Uses GitHub as Dead Drop Resolver
Drokbk
2022-12-09Positive TechnologiesPTSecurity
APT Cloud Atlas: Unbroken Threat
2022-11-04DataBreaches.netDissent
Malaysian online stock brokerage firm victim of cyberattack
Desorden Group
2022-09-28Twitter (@ESETresearch)ESET Research
Twitter Thread linking CloudMensis to RokRAT / ScarCruft
CloudMensis RokRAT
2022-09-07GoogleGoogle Threat Analysis Group, Pierre-Marc Bureau
Initial access broker repurposing techniques in targeted attacks against Ukraine
AnchorMail Cobalt Strike IcedID
2022-09-06ESET ResearchThibaut Passilly
Worok: The big picture
MimiKatz PNGLoad reGeorg ShadowPad Worok
2022-08-17Group-IBVictor Okorokov
Switching side jobs Links between ATMZOW JS-sniffer and Hancitor
Hancitor
2022-08-02Recorded FutureInsikt Group
Initial Access Brokers Are Key to Rise in Ransomware Attacks
Azorult BlackMatter Conti Mars Stealer Raccoon RedLine Stealer Taurus Stealer Vidar
2022-07-14SophosAlexander Giles
Rapid Response: The Ngrok Incident Guide
2022-06-13SekoiaPierre Le Bourhis, Quentin Bourgue, Threat & Detection Research Team
BumbleBee: a new trendy loader for Initial Access Brokers
BumbleBee
2022-05-23Trend MicroDaniel Lunghi, Jaromír Hořejší
Operation Earth Berberoka
reptile oRAT Ghost RAT PlugX pupy Earth Berberoka
2022-05-19Trend MicroAdolph Christian Silverio, Jeric Miguel Abordo, Khristian Joseph Morales, Maria Emreen Viray
Bruised but Not Broken: The Resurgence of the Emotet Botnet Malware
Emotet QakBot
2022-04-27Trend MicroDaniel Lunghi, Jaromír Hořejší
New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware
HelloBot AsyncRAT Ghost RAT HelloBot PlugX Quasar RAT Earth Berberoka
2022-04-27TrendmicroTrendmicro
IOCs for Earth Berberoka - Windows
AsyncRAT Cobalt Strike PlugX Quasar RAT Earth Berberoka
2022-04-27TrendmicroTrendmicro
IOCs for Earth Berberoka - Linux
Rekoobe pupy Earth Berberoka
2022-04-27TrendmicroTrendmicro
IOCs for Earth Berberoka - MacOS
oRAT Earth Berberoka
2022-04-27TrendmicroTrendmicro
IOCs for Earth Berberoka
Earth Berberoka
2022-03-17GoogleBenoit Sevens, Vladislav Stolyarov
Exposing initial access broker with ties to Conti
BazarBackdoor BumbleBee Conti EXOTIC LILY
2022-03-17GoogleBenoit Sevens, Google Threat Analysis Group, Vladislav Stolyarov
Exposing initial access broker with ties to Conti
BazarBackdoor BumbleBee Cobalt Strike Conti