Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-11-12Avast DecodedJan Rubín
@online{rubn:20201112:password:fe2e566, author = {Jan Rubín}, title = {{Password stealer in Delphi? Meh… (2/2)}}, date = {2020-11-12}, organization = {Avast Decoded}, url = {https://decoded.avast.io/janrubin/meh-2-2/}, language = {English}, urldate = {2023-08-07} } Password stealer in Delphi? Meh… (2/2)
DarkGate
2020-10-27AvastLisandro Ubiedo
@online{ubiedo:20201027:data:285fc7a, author = {Lisandro Ubiedo}, title = {{Data exfiltration via IPv6}}, date = {2020-10-27}, organization = {Avast}, url = {https://blog.avast.com/data-exfiltration-via-ipv6-avast}, language = {English}, urldate = {2020-11-02} } Data exfiltration via IPv6
2020-10-14Avast DecodedJan Vojtěšek
@online{vojtek:20201014:fakembam:abce405, author = {Jan Vojtěšek}, title = {{FakeMBAM: Backdoor Delivered Through Software Updates}}, date = {2020-10-14}, organization = {Avast Decoded}, url = {https://decoded.avast.io/janvojtesek/fakembam-backdoor-delivered-through-software-updates/}, language = {English}, urldate = {2020-10-23} } FakeMBAM: Backdoor Delivered Through Software Updates
2020-09-25Avast DecodedMartin Hron
@online{hron:20200925:fresh:41ed4d0, author = {Martin Hron}, title = {{The Fresh Smell of ransomed coffee}}, date = {2020-09-25}, organization = {Avast Decoded}, url = {https://decoded.avast.io/martinhron/the-fresh-smell-of-ransomed-coffee/}, language = {English}, urldate = {2020-09-25} } The Fresh Smell of ransomed coffee
2020-09-17Avast DecodedJan Rubín
@online{rubn:20200917:complex:e1b3abc, author = {Jan Rubín}, title = {{Complex obfuscation? Meh… (1/2)}}, date = {2020-09-17}, organization = {Avast Decoded}, url = {https://decoded.avast.io/janrubin/complex-obfuscation-meh/}, language = {English}, urldate = {2023-08-07} } Complex obfuscation? Meh… (1/2)
DarkGate
2020-05-20Avast DecodedDavid Jursa, Simi Musilova, Jan Rubín, Alexej Savčin
@online{jursa:20200520:ghostdns:43190d5, author = {David Jursa and Simi Musilova and Jan Rubín and Alexej Savčin}, title = {{GhostDNS Source Code Leaked}}, date = {2020-05-20}, organization = {Avast Decoded}, url = {https://decoded.avast.io/simonamusilova/ghostdns-source-code-leaked/}, language = {English}, urldate = {2020-05-23} } GhostDNS Source Code Leaked
2020-05-14Avast DecodedLuigino Camastra
@online{camastra:20200514:planted:03eab5a, author = {Luigino Camastra}, title = {{APT Group Planted Backdoors Targeting High Profile Networks in Central Asia}}, date = {2020-05-14}, organization = {Avast Decoded}, url = {https://decoded.avast.io/luigicamastra/apt-group-planted-backdoors-targeting-high-profile-networks-in-central-asia/}, language = {English}, urldate = {2020-05-14} } APT Group Planted Backdoors Targeting High Profile Networks in Central Asia
BYEBY Microcin
2020-05-14Avast DecodedLuigino Camastra
@online{camastra:20200514:planted:7b94cc6, author = {Luigino Camastra}, title = {{APT Group Planted Backdoors Targeting High Profile Networks in Central Asia}}, date = {2020-05-14}, organization = {Avast Decoded}, url = {https://decoded.avast.io/luigicamastra/apt-group-planted-backdoors-targeting-high-profile-networks-in-central-asia}, language = {English}, urldate = {2022-07-25} } APT Group Planted Backdoors Targeting High Profile Networks in Central Asia
BYEBY Ghost RAT Microcin MimiKatz Vicious Panda
2020-04-02AvastJan Rubín
@online{rubn:20200402:coviper:f06be6d, author = {Jan Rubín}, title = {{CoViper locking down computers during lockdown}}, date = {2020-04-02}, organization = {Avast}, url = {https://decoded.avast.io/janrubin/coviper-locking-down-computers-during-lockdown/}, language = {English}, urldate = {2020-04-07} } CoViper locking down computers during lockdown
CoViper
2019-09-12AvastAdolf Středa, Luigino Camastra
@online{steda:20190912:tangle:204c26f, author = {Adolf Středa and Luigino Camastra}, title = {{The tangle of WiryJMPer’s obfuscation}}, date = {2019-09-12}, organization = {Avast}, url = {https://decoded.avast.io/adolfstreda/the-tangle-of-wiryjmpers-obfuscation/}, language = {English}, urldate = {2020-01-13} } The tangle of WiryJMPer’s obfuscation
NetWire RC
2019-08-28AvastJan Vojtěšek
@online{vojtek:20190828:putting:c1bf82c, author = {Jan Vojtěšek}, title = {{Putting an end to Retadup: A malicious worm that infected hundreds of thousands}}, date = {2019-08-28}, organization = {Avast}, url = {https://decoded.avast.io/janvojtesek/putting-an-end-to-retadup-a-malicious-worm-that-infected-hundreds-of-thousands/}, language = {English}, urldate = {2019-10-15} } Putting an end to Retadup: A malicious worm that infected hundreds of thousands
Retadup
2019-08-06AvastJan Rubín
@online{rubn:20190806:clipsa:81eb577, author = {Jan Rubín}, title = {{Clipsa – Multipurpose password stealer}}, date = {2019-08-06}, organization = {Avast}, url = {https://decoded.avast.io/janrubin/clipsa-multipurpose-password-stealer/}, language = {English}, urldate = {2020-01-13} } Clipsa – Multipurpose password stealer
Sysraw Stealer
2019-07-16enSiloChen Erlich
@online{erlich:20190716:avast:b3dec63, author = {Chen Erlich}, title = {{The Avast Abuser: Metamorfo Banking Malware Hides By Abusing Avast Executable}}, date = {2019-07-16}, organization = {enSilo}, url = {https://medium.com/@chenerlich/the-avast-abuser-metamorfo-banking-malware-hides-by-abusing-avast-executable-ac9b8b392767}, language = {English}, urldate = {2020-04-13} } The Avast Abuser: Metamorfo Banking Malware Hides By Abusing Avast Executable
Metamorfo
2019-06-25AvastJeff Elder
@online{elder:20190625:ransomware:4b72d11, author = {Jeff Elder}, title = {{Ransomware strain Troldesh spikes again – Avast tracks new attacks}}, date = {2019-06-25}, organization = {Avast}, url = {https://blog.avast.com/ransomware-strain-troldesh-spikes}, language = {English}, urldate = {2020-01-09} } Ransomware strain Troldesh spikes again – Avast tracks new attacks
Troldesh
2019-02-20Avast DecodedLuigino Camastra, Jan Širmer, Adolf Středa, Lukáš Obrdlík
@online{camastra:20190220:spoofing:f2e825b, author = {Luigino Camastra and Jan Širmer and Adolf Středa and Lukáš Obrdlík}, title = {{Spoofing in the reeds with Rietspoof}}, date = {2019-02-20}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatintel/spoofing-in-the-reeds-with-rietspoof/}, language = {English}, urldate = {2020-01-06} } Spoofing in the reeds with Rietspoof
Rietspoof
2019-02-16AvastThreat Intelligence Team
@online{team:20190216:spoofing:eeffd53, author = {Threat Intelligence Team}, title = {{Spoofing in the reeds with Rietspoof}}, date = {2019-02-16}, organization = {Avast}, url = {https://blog.avast.com/rietspoof-malware-increases-activity}, language = {English}, urldate = {2020-01-10} } Spoofing in the reeds with Rietspoof
Rietspoof
2018-12-04AvastAdolf Středa, Jan Neduchal
@online{steda:20181204:hide:4927f2a, author = {Adolf Středa and Jan Neduchal}, title = {{Hide ‘N Seek botnet continues infecting devices with default credentials, building a P2P network and more.}}, date = {2018-12-04}, organization = {Avast}, url = {https://blog.avast.com/hide-n-seek-botnet-continues}, language = {English}, urldate = {2019-11-26} } Hide ‘N Seek botnet continues infecting devices with default credentials, building a P2P network and more.
Hide and Seek
2018-09-27AvastThreat Intelligence Team
@online{team:20180927:torii:186f7d7, author = {Threat Intelligence Team}, title = {{Torii botnet - Not another Mirai variant}}, date = {2018-09-27}, organization = {Avast}, url = {https://blog.avast.com/new-torii-botnet-threat-research}, language = {English}, urldate = {2020-01-13} } Torii botnet - Not another Mirai variant
Torii
2018-05-04AvastAdolf Středa, Jan Širmer
@online{steda:20180504:botception:3a422fe, author = {Adolf Středa and Jan Širmer}, title = {{Botception with Necurs: Botnet distributes script with bot capabilities}}, date = {2018-05-04}, organization = {Avast}, url = {https://blog.avast.com/botception-with-necurs-botnet-distributes-script-with-bot-capabilities-avast-threat-labs}, language = {English}, urldate = {2019-11-29} } Botception with Necurs: Botnet distributes script with bot capabilities
Necurs
2018-04-17AvastOndrej Vlcek
@online{vlcek:20180417:recent:a452125, author = {Ondrej Vlcek}, title = {{Recent findings from CCleaner APT investigation reveal that attackers entered the Piriform network via TeamViewer}}, date = {2018-04-17}, organization = {Avast}, url = {https://blog.avast.com/update-ccleaner-attackers-entered-via-teamviewer}, language = {English}, urldate = {2019-12-06} } Recent findings from CCleaner APT investigation reveal that attackers entered the Piriform network via TeamViewer
CCleaner Backdoor