Malpedia Library

Click here to download all references as Bib-File.•

2022-05-17 ⋅ Elastic ⋅ Alex Bell, Colson Wilhoit, Jake King, Rhys Rustad-Elliott
A peek behind the BPFDoor
BPFDoor

2022-05-17 ⋅ Sekoia ⋅ Quentin Bourgue, Threat & Detection Research Team
EternityTeam: a new prominent threat group on underground forums
Eternity Stealer

2022-05-17 ⋅ Palo Alto Networks Unit 42 ⋅ Brad Duncan
Emotet Summary: November 2021 Through January 2022
Emotet

2022-05-17 ⋅ Microsoft Security ⋅ Berman Enconado, Laurie Kirk
In hot pursuit of ‘cryware’: Defending hot wallets from attacks
Mars Stealer RedLine Stealer

2022-05-17 ⋅ Trend Micro ⋅ Trend Micro Research
Ransomware Spotlight: RansomEXX
LaZagne Cobalt Strike IcedID MimiKatz PyXie RansomEXX TrickBot

2022-05-17 ⋅ Positive Technologies ⋅ Positive Technologies
Space Pirates: analyzing the tools and connections of a new hacker group
FormerFirstRAT PlugX Poison Ivy Rovnix ShadowPad Zupdax

2022-05-17 ⋅ Advanced Intelligence ⋅ Vitali Kremez, Yelisey Boguslavskiy
Hydra with Three Heads: BlackByte & The Future of Ransomware Subsidiary Groups
BlackByte Conti

2022-05-17 ⋅ Fortinet ⋅ Gergely Revay, Shunichi Imano
Chaos Ransomware Variant Sides with Russia
Chaos

2022-05-17 ⋅ SUCURI ⋅ Denis Sinegubko
X-Cart Skimmer with DOM-based Obfuscation

2022-05-16 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 6. Windows netsh helper DLL. Simple C++ example.
CherryPicker POS Ramsay

2022-05-16 ⋅ Github (MythicAgents) ⋅ MythicAgents
Apollo on Github
Apollo

2022-05-16 ⋅ Department of Justice
Hacker and Ransomware Designer Charged for Use and Sale of Ransomware, and Profit Sharing Arrangements with Cybercriminals (APPLICATION FOR AN ARREST WARRANT)
Hakbit

2022-05-16 ⋅ RiskIQ ⋅ RiskIQ
RiskIQ: Storm Clauds - New C2 Over DNS Mimics CloudFront
Mirai

2022-05-16 ⋅ Github (Dump-GUY) ⋅ Jiří Vinopal
Malware Analysis Report – APT29 C2-Client Dropbox Loader
Unidentified 099 (APT29 Dropbox Loader)

2022-05-16 ⋅ FBI ⋅ FBI
FBI Flash MC-000170-MW: Cyber Actors Scrape Credit Card Data from US Business’ Online Checkout Page and Maintain Persistence by Injecting Malicious PHP Code

2022-05-16 ⋅ Webz.io ⋅ Hagar Margolin
New Ransomware Group: RansomHouse – Is it Real or Fake?
RansomHouse

2022-05-16 ⋅ Kaspersky ⋅ Roman Dedenok
HTML attachments in phishing e-mails

2022-05-16 ⋅ Trend Micro ⋅ Cifer Fang, Ford Qin, Zhengyu Dong
Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys
FaceStealer

2022-05-16 ⋅ vmware ⋅ Jason Zhang, Oleg Boyarchuk, Stefano Ortolani, Threat Analysis Unit
Emotet Moves to 64 bit and Updates its Loader
Emotet

2022-05-16 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
Analysis of HUI Loader
HUI Loader PlugX Poison Ivy Quasar RAT