Malpedia Library

Click here to download all references as Bib-File.•

2021-09-16 ⋅ Group-IB ⋅ Ivan Lebedev, Reza Rafati
RUNLIR - phishing campaign targeting Netherlands

2021-08-06 ⋅ Group-IB ⋅ Sergey Kokurin
Bold ad campaign

2021-08-06 ⋅ Group-IB ⋅ Andrey Zhdanov
It's alive! The story behind the BlackMatter ransomware strain
BlackMatter DarkSide BlackMatter DarkSide

2021-08-05 ⋅ Group-IB ⋅ Nikita Rostovcev, Viktor Okorokov
Prometheus TDS The key to success for Campo Loader, Hancitor, IcedID, and QBot
Prometheus Backdoor Buer campoloader Hancitor IcedID QakBot

2021-08-03 ⋅ Group-IB ⋅ Anastasia Tikhonova
The Art of Cyberwarfare: Chinese APTs attack Russia
Albaniiutas TaskMasters

2021-08-03 ⋅ Group-IB ⋅ Anastasia Tikhonova, Dmitry Kupin
The Art of Cyberwarfare Chinese APTs attack Russia
Albaniiutas Mail-O SManager TA428

2021-07-22 ⋅ Group-IB ⋅ Anton Ushakov, Roberto Martinez
The Fraud Family Fraud-as-a-Service operation targeting Dutch residents

2021-07-06 ⋅ Group-IB ⋅ Dmitry Volkov, Stephen Kavanagh
Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

2021-07-02 ⋅ Group-IB ⋅ Group-IB
The Brothers Grim - The reversing tale of GrimAgent malware used by Ryuk
GRIMAGENT

2021-07-02 ⋅ Group-IB ⋅ Albert Priego
The Brothers Grim - The reversing tale of GrimAgent malware used by Ryuk
GRIMAGENT

2021-06-30 ⋅ Group-IB ⋅ Oleg Skulkin
REvil Twins Deep Dive into Prolific RaaS Affiliates' TTPs
Cobalt Strike REvil

2021-06-10 ⋅ Group-IB ⋅ Nikita Rostovcev
Big airline heist APT41 likely behind massive supply chain attack
Cobalt Strike

2021-06-03 ⋅ Group-IB ⋅ Nikita Rostovtsev
FontPack: A dangerous update Attribution secrets: Who is behind stealing credentials and bank card data by asking to install fake Flash Player, browser or font updates?

2021-05-08 ⋅ Group-IB ⋅ Sergei Kokurin
When Karma Comes Back: The rise and fall of illicit cardshop breached twice in two years

2021-05-07 ⋅ Group-IB ⋅ Oleg Skulkin, Semyon Rogachev
Connecting the Bots Hancitor fuels Cuba Ransomware Operations
Cuba Hancitor

2021-05-06 ⋅ Group-IB ⋅ Viktor Okorokov
GrelosGTM group abuses Google Tag Manager to attack e-commerce websites

2021-04-29 ⋅ International Computing Centre ⋅ International Computing Centre
Saving World Health Day: UNICC and Group-IB Take Down Scam Campaign Impersonating the World Health Organization

2021-04-14 ⋅ Group-IB ⋅ Victor Okorokov
Lazarus BTC Changer Back in action with JS sniffers redesigned to steal crypto

2021-04-12 ⋅ Group-IB ⋅ Ivan Lebedev
Deep water: exploring phishing kits

2021-04-05 ⋅ Group-IB ⋅ Group-IB
Kremlin RATs from Nigeria