Malpedia Library

Click here to download all references as Bib-File.•

2024-12-19 ⋅ SpyCloud ⋅ James
LummaC2 Revisited: What’s Making this Stealer Stealthier and More Lethal
GhostSocks Lumma Stealer

2024-12-18 ⋅ Kaspersky Labs ⋅ Kaspersky
Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations
Babuk LockBit Revenge RAT SparkRAT Cyber Alliance Ukrainian Cyber Alliance

2024-12-18 ⋅ Bleeping Computer ⋅ Sergiu Gatlan
Raccoon Stealer malware operator gets 5 years in prison after guilty plea
Raccoon RecordBreaker

2024-12-17 ⋅ SOCRadar ⋅ SOCRadar
Dark Peep #17: Dark Web Manifesto, Hacker Forums, and Ransomware Misadventures
INDOHAXSEC TEAM

2024-12-17 ⋅ Trend Micro ⋅ Feike Hacquebord, Stephen Hilt
Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks

2024-12-17 ⋅ BitSight ⋅ Pedro Falé
BADBOX Botnet Is Back
BADBOX

2024-12-17 ⋅ Proofpoint ⋅ David Galazin, Konstantin Klinger, Nick Attfield, Pim Trouerbach
Hidden in Plain Sight: TA397’s New Attack Chain Delivers Espionage RATs
MiyaRAT WmRAT HAZY TIGER

2024-12-13 ⋅ Netskope ⋅ Jan Michael Alcantara, Nikhil Hegde
New Yokai Side-loaded Backdoor Targets Thai Officials
Yokai

2024-12-12 ⋅ Bleeping Computer ⋅ Bill Toulas
New IOCONTROL malware used in critical infrastructure attacks
elf.iocontrol

2024-12-12 ⋅ Hunt.io ⋅ Hunt.io
Oyster’s Trail: Resurgence of Infrastructure Linked to Ransomware and Cybercrime Actors
Broomstick

2024-12-12 ⋅ XLab ⋅ XLab Team
Glutton: A New Zero-Detection PHP Backdoor from Winnti Targets Cybercrimals
Winnti Glutton

2024-12-11 ⋅ JPCERT/CC ⋅ Tomoya Kamei
Attack Exploiting Legitimate Service by APT-C-60
SpyGrace

2024-12-11 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine
Amadey Kazuar Wipbot FlyingYeti

2024-12-10 ⋅ cyble ⋅ Cyble
Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor
PhantomCore Head Mare

2024-12-10 ⋅ Patreon (OALABS) ⋅ Sergei Frankoff
Live Stream VOD: The Many Faces of CryptBot (Paywall)
CryptBot

2024-12-10 ⋅ Hunt.io ⋅ Hunt.io
“Million OK !!!!” and the Naver Facade: Tracking Recent Suspected Kimsuky Infrastructure
Kimsuky

2024-12-09 ⋅ SOC Prime ⋅ Veronika Telychko
UAC-0185 aka UNC4221 Attack Detection: Hackers Target the Ukrainian Defense Forces and Military-Industrial Complex
UAC-0185

2024-12-08 ⋅ DataBreaches.net ⋅ Dissent
Is KillSec3 Trying to Extort Victims Using Publicly Leaked Data?

2024-12-07 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Targeted cyberattacks UAC-0185 in relation to the Defense Forces and enterprises of defense systems of Ukraine (CRT-UA#12414)
UAC-0185

2024-12-06 ⋅ OALabs ⋅ Sergei Frankoff
CryptBot Evolution Tracking the many iterations of this stealer
CryptBot