Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2018-08-01SophosLabsPeter Mackenzie, Dorka Palotay, Andrew Brandt, Mark Stockley, Luca Nagy, Simon Porter, Hajnalka Kope, Claire Mackenzie
@techreport{mackenzie:20180801:samsam:73fdb9a, author = {Peter Mackenzie and Dorka Palotay and Andrew Brandt and Mark Stockley and Luca Nagy and Simon Porter and Hajnalka Kope and Claire Mackenzie}, title = {{SamSam: The (Almost) Six Million Dollar Ransomware}}, date = {2018-08-01}, institution = {SophosLabs}, url = {https://www.sophos.com/en-us/medialibrary/PDFs/technical-papers/SamSam-The-Almost-Six-Million-Dollar-Ransomware.pdf}, language = {English}, urldate = {2022-03-22} } SamSam: The (Almost) Six Million Dollar Ransomware
SamSam
2018-07-13Trend MicroTony Yang, Peter Lee
@online{yang:20180713:vpnfilteraffected:a08c4ae, author = {Tony Yang and Peter Lee}, title = {{VPNFilter-affected Devices Still Riddled with 19 Vulnerabilities}}, date = {2018-07-13}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/vpnfilter-affected-devices-still-riddled-with-19-vulnerabilities}, language = {English}, urldate = {2020-01-08} } VPNFilter-affected Devices Still Riddled with 19 Vulnerabilities
VPNFilter
2018-04-03ESET ResearchPeter Kálnai, Anton Cherepanov
@online{klnai:20180403:lazarus:14ff18c, author = {Peter Kálnai and Anton Cherepanov}, title = {{Lazarus KillDisks Central American casino}}, date = {2018-04-03}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2018/04/03/lazarus-killdisk-central-american-casino/}, language = {English}, urldate = {2023-03-27} } Lazarus KillDisks Central American casino
KillDisk (Lazarus) Lazarus Group
2018-04SophosDorka Palotay, Peter Mackenzie
@online{palotay:201804:samsam:9ca3687, author = {Dorka Palotay and Peter Mackenzie}, title = {{SamSam Ransomware Chooses Its Targets Carefully}}, date = {2018-04}, organization = {Sophos}, url = {https://www.sophos.com/en-us/medialibrary/pdfs/technical-papers/samsam-ransomware-chooses-its-targets-carefully-wpna.aspx}, language = {English}, urldate = {2019-12-20} } SamSam Ransomware Chooses Its Targets Carefully
SamSam
2017-09-28ESET ResearchPeter Kálnai, Michal Poslušný
@online{klnai:20170928:moneymaking:ac6e685, author = {Peter Kálnai and Michal Poslušný}, title = {{Money‑making machine: Monero‑mining malware}}, date = {2017-09-28}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2017/09/28/monero-money-mining-malware/}, language = {English}, urldate = {2019-11-14} } Money‑making machine: Monero‑mining malware
Monero Miner
2017-06-09AT&TPeter Ewane
@online{ewane:20170609:macspy:608f090, author = {Peter Ewane}, title = {{MacSpy: OS X Mac RAT as a Service}}, date = {2017-06-09}, organization = {AT&T}, url = {https://www.alienvault.com/blogs/labs-research/macspy-os-x-rat-as-a-service}, language = {English}, urldate = {2019-12-04} } MacSpy: OS X Mac RAT as a Service
MacSpy
2017-02-16ESET ResearchPeter Kálnai
@online{klnai:20170216:demystifying:7ae8785, author = {Peter Kálnai}, title = {{Demystifying targeted malware used against Polish banks}}, date = {2017-02-16}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2017/02/16/demystifying-targeted-malware-used-polish-banks/}, language = {English}, urldate = {2019-11-14} } Demystifying targeted malware used against Polish banks
BanPolMex RAT HOTWAX NACHOCHEESE
2017-01-05ESET ResearchRobert Lipovsky, Peter Kálnai
@online{lipovsky:20170105:killdisk:5d49eac, author = {Robert Lipovsky and Peter Kálnai}, title = {{KillDisk now targeting Linux: Demands $250K ransom, but can’t decrypt}}, date = {2017-01-05}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt}, language = {English}, urldate = {2022-08-25} } KillDisk now targeting Linux: Demands $250K ransom, but can’t decrypt
KillDisk Sandworm
2017-01-05ESET ResearchRobert Lipovsky, Peter Kálnai
@online{lipovsky:20170105:killdisk:43eba48, author = {Robert Lipovsky and Peter Kálnai}, title = {{KillDisk now targeting Linux: Demands $250K ransom, but can’t decrypt}}, date = {2017-01-05}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/}, language = {English}, urldate = {2019-12-10} } KillDisk now targeting Linux: Demands $250K ransom, but can’t decrypt
2016-12-20ESET ResearchPeter Kálnai, Michal Malík
@online{klnai:20161220:new:05597b1, author = {Peter Kálnai and Michal Malík}, title = {{New Linux/Rakos threat: devices and servers under SSH scan (again)}}, date = {2016-12-20}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2016/12/20/new-linuxrakos-threat-devices-servers-ssh-scan/}, language = {English}, urldate = {2019-11-14} } New Linux/Rakos threat: devices and servers under SSH scan (again)
2016-12-20ESET ResearchPeter Kálnai, Michal Malík
@online{klnai:20161220:new:4044e88, author = {Peter Kálnai and Michal Malík}, title = {{New Linux/Rakos threat: devices and servers under SSH scan (again)}}, date = {2016-12-20}, organization = {ESET Research}, url = {http://www.welivesecurity.com/2016/12/20/new-linuxrakos-threat-devices-servers-ssh-scan/}, language = {English}, urldate = {2019-12-20} } New Linux/Rakos threat: devices and servers under SSH scan (again)
Rakos
2016-01-01Virus BulletinPeter Kálnai, Jaromír Hořejší
@online{klnai:20160101:notes:100f4d8, author = {Peter Kálnai and Jaromír Hořejší}, title = {{Notes on click fraud: American story}}, date = {2016-01-01}, organization = {Virus Bulletin}, url = {https://www.virusbulletin.com/virusbulletin/2016/01/paper-notes-click-fraud-american-story/}, language = {English}, urldate = {2020-03-04} } Notes on click fraud: American story
Alureon ZeroAccess
2016Palo Alto Networks Unit 42Peter Renals, Simon Conant
@techreport{renals:2016:silverterrier:56ebc9b, author = {Peter Renals and Simon Conant}, title = {{SILVERTERRIER}}, date = {2016}, institution = {Palo Alto Networks Unit 42}, url = {https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/reports/Unit_42/silverterrier-next-evolution-in-nigerian-cybercrime.pdf}, language = {English}, urldate = {2020-01-08} } SILVERTERRIER
SilverTerrier
2015-12-02BotconfPeter Kleissner
@techreport{kleissner:20151202:sality:791ea01, author = {Peter Kleissner}, title = {{Sality: 2003 - Today}}, date = {2015-12-02}, institution = {Botconf}, url = {https://www.botconf.eu/wp-content/uploads/2015/12/OK-P18-Kleissner-Sality.pdf}, language = {English}, urldate = {2020-01-13} } Sality: 2003 - Today
Sality
2015-10-13Trend MicroBrooks Li, Feike Hacquebord, Peter Pi
@online{li:20151013:new:34dc6b1, author = {Brooks Li and Feike Hacquebord and Peter Pi}, title = {{New Adobe Flash Zero-Day Used in Pawn Storm Campaign Targeting Foreign Affairs Ministries}}, date = {2015-10-13}, organization = {Trend Micro}, url = {http://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-flash-zero-day-used-in-pawn-storm-campaign/}, language = {English}, urldate = {2019-10-15} } New Adobe Flash Zero-Day Used in Pawn Storm Campaign Targeting Foreign Affairs Ministries
Seduploader
2015-10-13Trend MicroBrooks Li, Feike Hacquebord, Peter Pi
@online{li:20151013:new:f451b34, author = {Brooks Li and Feike Hacquebord and Peter Pi}, title = {{New Adobe Flash Zero-Day Used in Pawn Storm Campaign Targeting Foreign Affairs Ministries}}, date = {2015-10-13}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-flash-zero-day-used-in-pawn-storm-campaign/}, language = {English}, urldate = {2019-12-19} } New Adobe Flash Zero-Day Used in Pawn Storm Campaign Targeting Foreign Affairs Ministries
APT28
2015-09Virus BulletinPeter Kálnai, Jaromír Hořejší
@techreport{klnai:201509:ddos:21c35c6, author = {Peter Kálnai and Jaromír Hořejší}, title = {{DDOS TROJAN: A MALICIOUS CONCEPT THAT CONQUERED THE ELF FORMAT}}, date = {2015-09}, institution = {Virus Bulletin}, url = {https://www.virusbulletin.com/uploads/pdf/conference/vb2015/KalnaiHorejsi-VB2015.pdf}, language = {English}, urldate = {2023-08-31} } DDOS TROJAN: A MALICIOUS CONCEPT THAT CONQUERED THE ELF FORMAT
Bashlite MrBlack XOR DDoS BillGates
2015-08-05Black HatMichael Sandee, Tillmann Werner, Elliott Peterson
@techreport{sandee:20150805:gameover:fa47096, author = {Michael Sandee and Tillmann Werner and Elliott Peterson}, title = {{Gameover Zeus – Bad Guys and Backends}}, date = {2015-08-05}, institution = {Black Hat}, url = {https://www.blackhat.com/docs/us-15/materials/us-15-Peterson-GameOver-Zeus-Badguys-And-Backends.pdf}, language = {English}, urldate = {2020-01-06} } Gameover Zeus – Bad Guys and Backends
Gameover P2P
2015-06-10Kleissner & AssociatesPeter Kleissner
@online{kleissner:20150610:pony:2dbaf47, author = {Peter Kleissner}, title = {{Pony + Pkybot + Automated Transfer System = Banker}}, date = {2015-06-10}, organization = {Kleissner & Associates}, url = {http://blog.kleissner.org/?p=788}, language = {English}, urldate = {2020-01-08} } Pony + Pkybot + Automated Transfer System = Banker
Pkybot
2015-01-06AvastPeter Kálnai
@online{klnai:20150106:linux:d8e30ec, author = {Peter Kálnai}, title = {{Linux DDoS Trojan hiding itself with an embedded rootkit}}, date = {2015-01-06}, organization = {Avast}, url = {https://blog.avast.com/2015/01/06/linux-ddos-trojan-hiding-itself-with-an-embedded-rootkit/}, language = {English}, urldate = {2020-02-25} } Linux DDoS Trojan hiding itself with an embedded rootkit
XOR DDoS