Malpedia Library

Click here to download all references as Bib-File.•

2023-12-15 ⋅ Malwarebytes Labs ⋅ Jérôme Segura
PikaBot distributed via malicious search ads
Pikabot

2023-12-14 ⋅ SentinelOne ⋅ Aleksandar Milenkoski
Gaza Cybergang | Unified Front Targeting Hamas Opposition
BarbWire Micropsia Pierogi AridViper

2023-12-14 ⋅ Mandiant ⋅ Adrian McCabe, Geoff Ackerman, Rufus Brown, Ryan Tomcik
Opening a Can of Whoop Ads: Detecting and Disrupting a Malvertising Campaign Distributing Backdoors
DanaBot DarkGate

2023-12-14 ⋅ Checkpoint ⋅ hasherezade
Rhadamanthys v0.5.0 – A Deep Dive into the Stealer’s Components
Rhadamanthys

2023-12-14 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Bad Zip and new Packer for Android/BianLian
BianLian

2023-12-13 ⋅ Sekoia ⋅ Sekoia TDR
CALISTO doxxing: Sekoia.io findings concurs to Reuters’ investigation on FSB-related Andrey Korinets
Callisto

2023-12-13 ⋅ Kaspersky Labs ⋅ GReAT
FakeSG campaign, Akira ransomware and AMOS macOS stealer
AMOS Akira Storm-1567

2023-12-13 ⋅ cocomelonc ⋅ cocomelonc
Malware in the wild book
AsyncRAT Babuk BlackCat BlackLotus Carbanak HelloKitty Paradise Stealc WinDealer

2023-12-13 ⋅ Fortinet ⋅ Amey Gat, Angelo Cris Deveraturda, Hongkei Chan, Jared Betts, Jayesh Zala, John Simmons, Ken Evans, Mark Robson
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793
GraphDrop

2023-12-13 ⋅ Stairwell ⋅ Silas Cutler
Kuiper ransomware analysis: Stairwell’s technical report

2023-12-13 ⋅ HackRead ⋅ WAQAS
Scammers Weaponize Google Forms in New BazarCall Attack

2023-12-13 ⋅ Lumen ⋅ Black Lotus Labs
Routers Roasting on an Open Firewall: the KV-botnet Investigation
KV

2023-12-13 ⋅ ShadowStackRE ⋅ ShadowStackRE
Rhysida Ransomware
Rhysida Rhysida

2023-12-12 ⋅ eSentire ⋅ Rob Pittman
Unraveling BatLoader and FakeBat
EugenLoader

2023-12-12 ⋅ Youtube (OALabs) ⋅ Sergei Frankoff
Tips For Analyzing Delphi Binaries in IDA (Danabot)
DanaBot

2023-12-12 ⋅ Ukrainska Pravda ⋅ Alona Mazurenko
Ukrainian intelligence attacks and paralyses Russia's tax system

2023-12-12 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Threat actors misuse OAuth applications to automate financially driven attacks
Storm-1283 Storm-1286

2023-12-12 ⋅ Check Point Research ⋅ Check Point
November 2023’s Most Wanted Malware: New AsyncRAT Campaign Discovered while FakeUpdates Re-Entered the Top Ten after Brief Hiatus
FAKEUPDATES AsyncRAT

2023-12-11 ⋅ Cisco Talos ⋅ Asheer Malhotra, Jungsoo An, Vitor Ventura
Operation Blacksmith: Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang
BottomLoader DLRAT HazyLoad NineRAT

2023-12-11 ⋅ Sentinel LABS ⋅ Aleksandar Milenkoski, Bendik Hagen
Sandman APT | China-Based Adversaries Embrace Lua
KEYPLUG LuaDream