Malpedia Library

Click here to download all references as Bib-File.•

2025-02-18 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team
An Update on Fake Updates: Two New Actors, and New Mac Malware
Marcher FAKEUPDATES FrigidStealer Lumma Stealer

2025-02-15 ⋅ ⋅ Youtube (greenplan) ⋅ greenplan
[BINARY REFINERY] (Emmenhtal) - Deobfuscation of a custom obfuscation algorithm
Emmenhtal

2025-02-15 ⋅ Medium TRAC Labs ⋅ TRAC Labs
Don’t Ghost the SocGholish: GhostWeaver Backdoor
FAKEUPDATES GhostWeaver

2025-02-15 ⋅ c-b.io ⋅ cyb3rjerry
Dissecting a fresh BlankGrabber sample
BlankGrabber

2025-02-14 ⋅ Twitter (@DTCERT) ⋅ Deutsche Telekom CERT
Twitter Thread on a password-protected loader observed in a vishing campaign
Unidentified 120

2025-02-13 ⋅ Zscaler ⋅ ThreatLabZ research team, Zscaler
Technical Analysis of Xloader Versions 6 and 7 | Part 2
Xloader

2025-02-13 ⋅ Moonlock ⋅ Moonlock
Cybercrooks Are Using Fake Job Listings to Steal Crypto
GolangGhost

2025-02-13 ⋅ Elastic ⋅ Andrew Pease, Seth Goodwin
From South America to Southeast Asia: The Fragile Web of REF7707
FINALDRAFT FINALDRAFT GUIDLOADER PATHLOADER REF7707

2025-02-13 ⋅ Securonix ⋅ Den Iyzvyk, Tim Peck
Analyzing DEEP#DRIVE: North Korean Threat Actors Observed Exploiting Trusted Platforms for Targeted Attacks
RandomQuery

2025-02-13 ⋅ Intel 471 ⋅ Intel 471
Threat hunting case study: SocGholish
FAKEUPDATES

2025-02-13 ⋅ Symantec ⋅ Threat Hunter Team
China-linked Espionage Tools Used in Ransomware Attacks
PlugX

2025-02-13 ⋅ Elastic ⋅ Cyril François, Daniel Stepanic, Jia Yu Chan, Salim Bitam
You've Got Malware: FINALDRAFT Hides in Your Drafts
FINALDRAFT FINALDRAFT PATHLOADER

2025-02-13 ⋅ Recorded Future ⋅ Recorded Future
Inside the Scam: North Korea’s IT Worker Threat
BeaverTail OtterCookie InvisibleFerret

2025-02-13 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Storm-2372 conducts device code phishing campaign
Storm-2372

2025-02-13 ⋅ Volexity ⋅ Charlie Gardner, Steven Adair, Tom Lancaster
Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication

2025-02-13 ⋅ Recorded Future ⋅ Insikt Group
RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers
GhostEmperor

2025-02-12 ⋅ Medium (@mvaks) ⋅ mvaks
Two tales and one Antidot(e) — a new mobile malware campaign in Poland
Antidot

2025-02-12 ⋅ cyble ⋅ Cyble
BTMOB RAT: Newly Discovered Android Malware Spreading via Phishing Sites
BTMOB RAT

2025-02-12 ⋅ Group-IB ⋅ Mahmoud Zohdy, Nam Le Phuong, Vito Alfano
RansomHub Never Sleeps Episode 1: The evolution of modern ransomware
RansomHub

2025-02-12 ⋅ Hunt.io ⋅ Hunt.io
Tracking Pyramid C2: Identifying Post-Exploitation Servers in Hunt
Pyramid