Malpedia Library

Click here to download all references as Bib-File.•

2025-06-04 ⋅ Proofpoint ⋅ Abdallah Elshinbary, Jonas Wagner, Konstantin Klinger, Nick Attfield
The Bitter End: Unraveling Eight Years of Espionage Antics—Part One
Artra Downloader Havoc

2025-06-03 ⋅ cocomelonc ⋅ cocomelonc
Linux hacking part 5: building a Linux keylogger. Simple C example

2025-06-03 ⋅ K7 Security ⋅ Praveen Babu
In-depth Analysis of a 2025 ViperSoftX Variant
ViperSoftX

2025-06-03 ⋅ ANY.RUN ⋅ ANY.RUN
OtterCookie: Analysis of Lazarus Group Malware Targeting Finance and Tech Professionals
BeaverTail OtterCookie InvisibleFerret

2025-05-31 ⋅ Medium (@mvaks) ⋅ mvaks
Crocodilus in the wild: Mapping the campaign in Poland
Crocodilus

2025-05-31 ⋅ The Insider ⋅ Christo Grozev, Michael Weiss, Roman Dobrokhotov
Hidden Bear: The GRU hackers of Russia’s most notorious kill squad

2025-05-30 ⋅ Censys ⋅ Himaja Motheram
Tracking AyySSHush: a Newly Discovered ASUS Router Botnet Campaign

2025-05-30 ⋅ Intrinsec ⋅ David Sardinha
BtHoster: Identifying noisy networks emitting malicious traffic through masscan servers

2025-05-29 ⋅ cocomelonc ⋅ cocomelonc
Malware and cryptography 42 - encrypt/decrypt payload via Speck cipher. Simple C example.

2025-05-28 ⋅ Medium (@mvaks) ⋅ mvaks
Bombardino Crocodilo in Poland — analysis of IKO Lokaty mobile malware campaign
Crocodilus

2025-05-28 ⋅ Rapid7 ⋅ Anna Širokova, Ivan Feigl
NSIS Abuse and sRDI Shellcode: Anatomy of the Winos 4.0 Campaign
Winos

2025-05-28 ⋅ EclecticIQ ⋅ Alon Gal, Arda Büyükkaya
Pakistan Telecommunication Company (PTCL) Targeted by Bitter APT During Heightened Regional Conflict
WmRAT

2025-05-28 ⋅ Darktrace ⋅ Tara Gould
PumaBot: Novel Botnet Targeting IoT Surveillance Devices
PumaBot

2025-05-28 ⋅ Google ⋅ Patrick Whitsell
Mark Your Calendar: APT41 Innovative Tactics
TOUGHPROGRESS

2025-05-28 ⋅ Trustwave ⋅ Cris Tomboc, King Orande
PhaaS the Secrets: The Hidden Ties Between Tycoon2FA and Dadsec's Operations

2025-05-28 ⋅ Greynoise ⋅ GreyNoise Research
GreyNoise Discovers Stealthy Backdoor Campaign Affecting Thousands of ASUS Routers

2025-05-27 ⋅ AIVD ⋅ AIVD
Unknown Russian group behind hacks Dutch targets
Void Blizzard

2025-05-27 ⋅ Fortinet ⋅ Xiaopeng Zhang
Infostealer Malware FormBook Spread via Phishing Campaign – Part II
Formbook

2025-05-27 ⋅ DCSO ⋅ Bennet Conrads, Denis Szadkowski, Johann Aydinbas, Moaath Oudeh
SafePay: The new kid on the block
SafePay

2025-05-26 ⋅ Yonhap News Agency ⋅ Kim Boram
Investigation into SK Telecom data breach expands to KT, LG Uplus: sources
BPFDoor