Malpedia Library

Click here to download all references as Bib-File.•

2024-07-13 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 25. Create symlink from legit to evil. Simple C example.

2024-07-11 ⋅ Orange Cyberdefense ⋅ Simon Vernin
R0BL0CH0N TDS: A deep dive into the infrastructure of an affiliate marketing scam

2024-07-11 ⋅ Google ⋅ DianaE
Finding Malware: Detecting EMPTYSPACE with Google Security Operations
Vetta Loader

2024-07-11 ⋅ Zscaler ⋅ Sudeep Singh, Yin Hong Chang
MoonWalk: A deep dive into the updated arsenal of APT41 | Part 2
MoonWalk

2024-07-11 ⋅ sysdig ⋅ Miguel Hernández
CRYSTALRAY: Inside the Operations of a Rising Threat Actor Exploiting OSS Tools
CRYSTALRAY

2024-07-11 ⋅ McAfee ⋅ Vignesh Dhatchanamoorthy, Yashvi Shah
ClickFix Deception: A Social Engineering Tactic to Deploy Malware
DarkGate Lumma Stealer

2024-07-10 ⋅ Zscaler ⋅ Sudeep Singh, Yin Hong Chang
DodgeBox: A deep dive into the updated arsenal of APT41 | Part 1
Cobalt Strike DUSTPAN DUSTTRAP

2024-07-10 ⋅ Risky.biz ⋅ Catalin Cimpanu
Risky Biz News: US takes down RT's Twitter bot farm
Lifting Zmiy

2024-07-09 ⋅ US Department of Justice ⋅ Office of Public Affairs
Justice Department Leads Efforts Among Federal, International, and Private Sector Partners to Disrupt Covert Russian Government-Operated Social Media Bot Farm

2024-07-09 ⋅ Twitter (@H4ckManac) ⋅ HackManac
Tweet on data breaches caused by 888 group
Threat Actor 888

2024-07-09 ⋅ Spamhaus ⋅ Spamhaus Malware Labs
Spamhaus Botnet Threat Update January to June 2024
Coper FluBot Hook Bashlite Mirai FAKEUPDATES AsyncRAT BianLian Cobalt Strike DCRat Havoc NjRAT QakBot Quasar RAT RedLine Stealer Remcos Rhadamanthys RisePro Sliver

2024-07-08 ⋅ Kaspersky Labs ⋅ GReAT
CloudSorcerer – A new APT targeting Russian government entities
CloudSorcerer

2024-07-06 ⋅ unknown
xeno-RAT open-source remote access tool (RAT)
XenoRAT

2024-07-05 ⋅ ⋅ Weixin ⋅ 360 Threat Intelligence Center
APT-C-26 (Lazarus) uses PyPI to attack Windows, Linux, and macOS platforms
SimpleTea SimpleTea

2024-07-05 ⋅ Cloudways ⋅ Abdul Rehman
Hacker Allegedly Leaks Data from Shopify Breach on BreachForums
Threat Actor 888

2024-07-05 ⋅ Kroll ⋅ Ryan Hicks
CLEARFAKE Update Tricks Victim into Executing Malicious PowerShell Code
ClearFake

2024-07-02 ⋅ Malsada Tech ⋅ Aaron Samala, April Bucaneg, Casey Kuwada
The LandUpdate808 Fake Update Variant
KongTuke

2024-07-02 ⋅ K7 Security ⋅ Arunkumar
Kematian Stealer forked from PowerShell Token Grabber
Kematian Stealer

2024-07-02 ⋅ Sekoia ⋅ Quentin Bourgue
Exposing FakeBat loader: distribution methods and adversary infrastructure
BlackCat Royal Ransom EugenLoader Carbanak Cobalt Strike DICELOADER Gozi IcedID Lumma Stealer NetSupportManager RAT Pikabot RedLine Stealer SectopRAT Sliver SmokeLoader Vidar

2024-07-01 ⋅ Speakerdeck (takahiro_haruyama) ⋅ Takahiro Haruyama
The Art of Malware C2 Scanning - How to Reverse and Emulate Protocol Obfuscated by Compiler
DOPLUGS Hodur