Malpedia Library

Click here to download all references as Bib-File.•

2025-04-30 ⋅ Seqrite ⋅ Mahua Chakrabarthy, Sanjay Katkar
Advisory: Pahalgam Attack themed decoys used by APT36 to target the Indian Government
Crimson RAT

2025-04-29 ⋅ Nextron Systems ⋅ Maurice Fielenbach
Nitrogen Dropping Cobalt Strike – A Combination of “Chemical Elements”
Cobalt Strike Nitrogen Loader

2025-04-28 ⋅ SentinelOne ⋅ Aleksandar Milenkoski, Jim Walter, Tom Hegel
Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
PurpleHaze

2025-04-16 ⋅ SpyCloud ⋅ Aurora Johnson, Keegan Keplinger
Exposed Credentials & Ransomware Operations: Using LLMs to Digest 200K Messages from the Black Basta Chats
Black Basta Black Basta

2025-04-08 ⋅ Trustwave ⋅ Nikita Kazymirskyi, Serhii Melnyk
A deep Dive into the Leaked Black Basta Chat Logs
Black Basta Black Basta

2025-03-31 ⋅ Trend Micro ⋅ Lenart Bermejo, Ted Lee, Theo Chen
The Espionage Toolkit of Earth Alux: A Closer Look at its Advanced Techniques
Godzilla Webshell Cobalt Strike FINALDRAFT RAILSETTER Earth Alux

2025-03-22 ⋅ Trend Micro ⋅ Junestherry Dela Cruz
Back to Business: Lumma Stealer Returns with Stealthier Methods
Lumma Stealer

2025-03-18 ⋅ Expel ⋅ AARON WALTON
Code-signing certificate abuse in the Black Basta chat leaks (and how to fight back)
Black Basta Black Basta

2025-03-12 ⋅ Youtube (AhmedS Kasmani) ⋅ AhmedS Kasmani
Initial Analysis of Black Basta Chat Leaks
Black Basta Black Basta

2025-03-11 ⋅ Hunt.io ⋅ Hunt.io
JSPSpy and ‘filebroser’: A Custom File Management Tool in Webshell Infrastructure

2025-03-11 ⋅ Trend Micro ⋅ Cj Arsley Mateo, Darrel Tristan Virtusio, Jacob Santos, Junestherry Dela Cruz, Paul John Bardon
AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution
Lumma Stealer SmartLoader

2025-03-06 ⋅ Medium SarvivaMalwareAnalyst ⋅ sarviya
XWorm Attack Chain: Leveraging Steganography from Phishing Email to Keylogging via C2 Communication
XWorm

2025-03-05 ⋅ eSentire ⋅ Spence Hutchinson
Initial Takeaways from the Black Basta Chat Leaks
Black Basta Black Basta

2025-02-28 ⋅ Intel 471 ⋅ Intel 471
Black Basta exposed: A look at a cybercrime data leak
Black Basta Black Basta

2025-02-15 ⋅ ⋅ Youtube (greenplan) ⋅ greenplan
[BINARY REFINERY] (Emmenhtal) - Deobfuscation of a custom obfuscation algorithm
Emmenhtal

2025-02-02 ⋅ Team82 ⋅ Team82
Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? The Reality is More Complicated…
CMS8000 Backdoor

2025-01-13 ⋅ ⋅ Cert-AgID ⋅ Cert-AgID
Analisi di una campagna Lumma Stealer con falso CAPTCHA condotta attraverso domino italiano compromesso
Lumma Stealer

2025-01-07 ⋅ SOCRadar ⋅ Ameer Onwa
Turla Cyber Campaign Targeting Pakistan’s Critical Infrastructure

2025-01-07 ⋅ Hunt.io ⋅ Hunt.io
Golang Beacons and VS Code Tunnels: Tracking a Cobalt Strike Server Leveraging Trusted Infrastructure
Cobalt Strike

2024-12-29 ⋅ cocomelonc ⋅ cocomelonc
Malware and cryptography 38 - Encrypt/decrypt payload via Camellia cipher. S-box analyses examples. Simple C example.