Malpedia Library

Click here to download all references as Bib-File.•

2022-04-01 ⋅ The Hacker News ⋅ Ravie Lakshmanan
Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit
Fire Chili Ghost RAT

2022-03-29 ⋅ vmware ⋅ Jason Zhang, Oleg Boyarchuk, Threat Analysis Unit
Emotet C2 Configuration Extraction and Analysis
Emotet

2022-03-27 ⋅ Bleeping Computer ⋅ Lawrence Abrams
Hive ransomware ports its Linux VMware ESXi encryptor to Rust
BlackCat Hive Hive

2022-03-23 ⋅ vmware ⋅ Sagar Daundkar, Threat Analysis Unit
SysJoker – An Analysis of a Multi-OS RAT
SysJoker SysJoker SysJoker

2022-03-09 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
Exploitation of VMware Horizon Servers by TunnelVision Threat Actor
Drokbk

2022-03-04 ⋅ vmware ⋅ Giovanni Vigna, Oleg Boyarchuk, Stefano Ortolani, Threat Analysis Unit
Hermetic Malware: Multi-component Threat Targeting Ukraine Organizations
HermeticWiper

2022-02-25 ⋅ vmware ⋅ Sudhir Devkar, Threat Analysis Unit
AvosLocker – Modern Linux Ransomware Threats
Avoslocker

2022-02-17 ⋅ SentinelOne ⋅ Amitai Ben, Shushan Ehrlich
Log4j2 In The Wild | Iranian-Aligned Threat Actor “TunnelVision” Actively Exploiting VMware Horizon
APT35

2022-02-09 ⋅ vmware ⋅ VMWare
Exposing Malware in Linux-Based Multi-Cloud Environments
ACBackdoor BlackMatter DarkSide Erebus HelloKitty Kinsing PLEAD QNAPCrypt RansomEXX REvil Sysrv-hello TeamTNT Vermilion Strike Cobalt Strike

2022-02-07 ⋅ vmware ⋅ Jason Zhang, Threat Analysis Unit
Emotet Is Not Dead (Yet) – Part 2
Emotet

2022-01-27 ⋅ vmware ⋅ VMWare
BlackSun Ransomware – The Dark Side of PowerShell
BlackSun

2022-01-24 ⋅ Trend Micro ⋅ Junestherry Dela Cruz
Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant
LockBit LockBit

2022-01-21 ⋅ vmware ⋅ Jason Zhang, Threat Analysis Unit
Emotet Is Not Dead (Yet)
Emotet

2022-01-20 ⋅ Morphisec ⋅ Michael Gorelik
Log4j Exploit Hits Again: Vulnerable VMWare Horizon Servers at Risk
Cobalt Strike

2022-01-17 ⋅ Cybleinc ⋅ Cyble
AvosLocker Ransomware Linux Version Targets VMware ESXi Servers
Avoslocker AvosLocker

2022-01-15 ⋅ Huntress Labs ⋅ Team Huntress
Threat Advisory: VMware Horizon Servers Actively Being Hit With Cobalt Strike (by DEV-0401)
Cobalt Strike

2022-01-11 ⋅ Twitter (@cglyer) ⋅ Christopher Glyer
Thread on DEV-0401, a china based ransomware operator exploiting VMware Horizon with log4shell and deploying NightSky ransomware
Cobalt Strike NightSky

2021-12-23 ⋅ vmware ⋅ Threat Analysis Unit
Introducing DARTH: Distributed Analysis for Research and Threat Hunting

2021-12-03 ⋅ vmware ⋅ VMWare
TigerRAT – Advanced Adversaries on the Prowl
Tiger RAT

2021-11-16 ⋅ vmware ⋅ Takahiro Haruyama
Monitoring Winnti 4.0 C2 Servers for Two Years
Winnti