Malpedia Library

Click here to download all references as Bib-File.•

2021-01-07 ⋅ ClearSky ⋅ ClearSky Research Team
Operation ‘Kremlin’
Unidentified 002 (Operation Kremlin)

2021-01-06 ⋅ SecureCoding ⋅ SecureCoding
All About Doki Malware
Doki

2021-01-06 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Hackers start exploiting the new backdoor in Zyxel devices

2021-01-06 ⋅ MITRE ⋅ MITRE ATT&CK
ATT&CK Navigator layer for UNC2452
SUNBURST

2021-01-06 ⋅ Malwarebytes ⋅ Hossein Jazi
Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat
RokRAT

2021-01-06 ⋅ DomainTools ⋅ Joe Slowik
Holiday Bazar: Tracking a TrickBot-Related Ransomware Incident
BazarBackdoor TrickBot

2021-01-06 ⋅ QuoIntelligence ⋅ QuoIntelligence
ReconHellcat Uses NIST Theme as Lure To Deliver New BlackSoul Malware
BlackSoul

2021-01-06 ⋅ Talos ⋅ Holger Unterbrink, Irshad Muhammad
A Deep Dive into Lokibot Infection Chain
Loki Password Stealer (PWS)

2021-01-05 ⋅ AhnLab ⋅ AhnLab ASEC Analysis Team
[Threat Analysis] CLOP Ransomware that Attacked Korean Distribution Giant
Clop

2021-01-05 ⋅ Lacework Labs ⋅ Lacework Labs
TeamTNT Builds Botnet from Chinese Cloud Servers
TeamTNT TNTbotinger TeamTNT

2021-01-05 ⋅ Intezer ⋅ Avigayil Mechtinger
Operation ElectroRAT: Attacker Creates Fake Companies to Drain Your Crypto Wallets
ElectroRAT

2021-01-05 ⋅ ⋅ Sangfor ⋅ Clairvoyance Safety Laboratory
Red team's perspective on the TTPs in Sunburst's backdoor
SUNBURST

2021-01-05 ⋅ ⋅ Sangfor ⋅ Clairvoyance Safety Laboratory
Attack from Mustang Panda? My rabbit is back!
NjRAT

2021-01-05 ⋅ Objective-See ⋅ Patrick Wardle
Discharging ElectroRAT
ElectroRAT

2021-01-05 ⋅ Twitter (@Sebdraven) ⋅ Sébastien Larinier
Tweet on link between Babuk and Vasa locker
Babuk

2021-01-05 ⋅ Trend Micro ⋅ Trend Micro Research
Earth Wendigo Injects JavaScript Backdoor to Service Worker for Mailbox Exfiltration
Cobalt Strike Earth Wendigo

2021-01-04 ⋅ ⋅ NSFOCUS ⋅ NSFOCUS
Steganography, Little Fire Dragon and AGENTVX: A Detailed Analysis of APT Organization EVILNUM's New Attack Activities
EVILNUM

2021-01-04 ⋅ Cisco Talos ⋅ Azim Khodjibaev, Dmytro Korzhevin, Kendall McKay
Interview with a LockBit ransomware operator
LockBit

2021-01-04 ⋅ Bleeping Computer ⋅ Ionut Ilascu
China's APT hackers move to ransomware attacks
Clambling PlugX

2021-01-04 ⋅ Twitter (@TheEnergyStory) ⋅ Dominik Reichel
Some small detail on compiler used for TEARDROP
TEARDROP