Malpedia Library

Click here to download all references as Bib-File.•

2024-10-19 ⋅ Emanuele De Lucia on Security ⋅ Emanuele De Lucia
“Hey ESET, Wait for the Leak”: Dissecting the “OctoberSeventh” Wiper targeting ESET customers in Israel
OctoberSeventh

2024-10-19 ⋅ Elastic ⋅ Salim Bitam
Tricks and Treats: GHOSTPULSE’s new pixel- level deception
HijackLoader

2024-10-18 ⋅ Netskope ⋅ Leandro Froes
New Bumblebee Loader Infection Chain Signals Possible Resurgence
BumbleBee

2024-10-18 ⋅ SpyCloud ⋅ Kyla Cardona
A Deep Dive Into the Intricate Chinese Cybercrime Ecosystem

2024-10-17 ⋅ Sekoia ⋅ Quentin Bourgue, Sekoia TDR
ClickFix tactic: The Phantom Meet
Rhadamanthys Stealc

2024-10-17 ⋅ Cisco Talos ⋅ Asheer Malhotra, Dmytro Korzhevin, Vanja Svajcer, Vitor Ventura
UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants
MeltingClaw ROMCOM RAT ShadyHammock RomCom

2024-10-17 ⋅ Loader Insight Agency ⋅ LIA
Correlating Vidar Stealer Build IDs Based on Loader Tasks
Lumma Stealer SmokeLoader Vidar

2024-10-17 ⋅ Hunt.io ⋅ Hunt.io
From Warm to Burned: Shedding Light on Updated WarmCookie Infrastructure
WarmCookie

2024-10-16 ⋅ nao_sec ⋅ nao_sec
IcePeony with the '996' work culture
IceCache IceEvent IcePeony

2024-10-16 ⋅ BitSight ⋅ André Tavares
Exfiltration over Telegram Bots: Skidding Infostealer Logs
404 Keylogger Agent Tesla

2024-10-16 ⋅ Trend Micro ⋅ Jaromír Hořejší, Nitesh Surana
Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data
BockLit

2024-10-16 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
X-ZIGZAG Technical Malware Analysis Report
AsyncRAT X-ZIGZAG

2024-10-15 ⋅ Microsoft ⋅ Akash Chaudhuri, Gourav Khandelwal, Krithika Ramakrishnan, Matthew Mesa, Sagar Patil, Uri Oren
Phish, Click, Breach: Hunting for a Sophisticated Cyber Attack
UNC4393

2024-10-15 ⋅ ⋅ Weixin ⋅ 360 Threat Intelligence Center
Analysis of the attack activities of APT-C-35 (belly brain worm) against a manufacturing company in South Asia
Unidentified 117 (Donot Loader)

2024-10-14 ⋅ Trend Micro ⋅ Adremel Redondo, Adriel Isidro, Andre Filipe Codod, Charles Adrian Marty, Christian Alpuerto, Kim Benedict Victorio, Lorenzo Laureano, Mark Jason Co
Water Makara Uses Obfuscated JavaScript in Spear Phishing Campaign, Targets Brazil With Astaroth Malware
Astaroth Water Makara

2024-10-13 ⋅ Elastic ⋅ Remco Sprooten, Ruben Groenewoud
Declawing PUMAKIT
PUMAKIT

2024-10-11 ⋅ HarfangLab ⋅ Alice Climent-Pommeret
HijackLoader evolution: abusing genuine signing certificates
HijackLoader

2024-10-11 ⋅ Trend Micro ⋅ Ahmed Kamal, Bahaa Yamany, Mohamed Fahmy, Nick Dai
Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against Middle East
STEALHOOK OilRig

2024-10-11 ⋅ zimperium ⋅ Aazim Yaswant
Expanding the Investigation: Deep Dive into Latest TrickMo Samples
TrickMo

2024-10-11 ⋅ Trend Micro ⋅ Ahmed Kamal, Bahaa Yamany, Mohamed Fahmy, Nick Dai
Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against UAE and Gulf Regions
STEALHOOK