Malpedia Library

2022-08-12 ⋅ Sekoia ⋅ Threat & Detection Research Team
LuckyMouse uses a backdoored Electron app to target MacOS
HyperBro

2022-08-10 ⋅ Avast Decoded ⋅ Threat Research Team
Avast Q2/2022 Threat Report: Farewell to Conti, Zloader, and Maldocs; Hello Resurrection of Raccoon Stealer, and more Ransomware Attacks
Conti Raccoon RecordBreaker Zloader Caramel Tsunami

2022-08-09 ⋅ cyble ⋅ Cyble Research Labs
Bitter APT Group Using “Dracarys” Android Spyware
Dracarys

2022-08-04 ⋅ nccgroup ⋅ Michael Mathews, RIFT: Research and Intelligence Fusion Team
Top of the Pops: Three common ransomware entry techniques

2022-08-04 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
North Korean H0lyGh0st Ransomware Has Ties to Global Geopolitics
SiennaBlue SiennaPurple Storm-0530

2022-08-02 ⋅ cyble ⋅ Cyble Research Labs
Fake Atomic Wallet Website Distributing Mars Stealer
Mars Stealer

2022-07-29 ⋅ Blackberry ⋅ BlackBerry Research & Intelligence Team
SmokeLoader Malware Used to Augment Amadey Infostealer
Amadey SmokeLoader

2022-07-29 ⋅ Qualys ⋅ Viren Chaudhari
New Qualys Research Report: Evolution of Quasar RAT
Quasar RAT

2022-07-28 ⋅ Sekoia ⋅ Threat & Detection Research Team
SEKOIA.IO Mid-2022 Ransomware Threat Landscape

2022-07-27 ⋅ cyble ⋅ Cyble Research Labs
Targeted Attacks Being Carried Out Via DLL SideLoading
Cobalt Strike QakBot

2022-07-26 ⋅ IronNet ⋅ IronNet Threat Research
Robin Banks might be robbing your bank

2022-07-26 ⋅ splunk ⋅ Splunk Threat Research Team
ML Detection of Risky Command Exploit

2022-07-26 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team
Malicious IIS extensions quietly open persistent backdoors into servers
CHINACHOPPER MimiKatz

2022-07-22 ⋅ Sekoia ⋅ Threat & Detection Research Team
CALISTO continues its credential harvesting campaign
Callisto

2022-07-21 ⋅ Proofpoint ⋅ Bryan Campbell, Pim Trouerbach, Proofpoint Threat Research Team, Selena Larson
Buy, Sell, Steal, EvilNum Targets Cryptocurrency, Forex, Commodities
EVILNUM Evilnum

2022-07-19 ⋅ ESET Research ⋅ Marc-Etienne M.Léveillé
I see what you did there: A look at the CloudMensis macOS spyware
CloudMensis

2022-07-18 ⋅ Sekoia ⋅ Quentin Bourgue, Threat & Detection Research Team
Ongoing Roaming Mantis smishing campaign targeting France
MoqHao

2022-07-14 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team
GootLoader, From SEO Poisoning to Multi-Stage Downloader
GootLoader

2022-07-14 ⋅ Proofpoint ⋅ Crista Giering, Joshua Miller, Michael Raggi, Proofpoint Threat Research Team
Above the Fold and in Your Inbox: Tracing State-Aligned Activity Targeting Journalists, Media
Chinoxy APT31 Lazarus Group TA482

2022-07-13 ⋅ Microsoft ⋅ Jonathan Bar Or, Microsoft 365 Defender Research Team
Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706