Malpedia Library

Click here to download all references as Bib-File.•

2021-02-16 ⋅ The Wall Street Journal ⋅ Sara Randazzo, Tawnell D. Hobbs
Hacker Claims to Have Stolen Files Belonging to Prominent Law Firm Jones Day

2020-12-21 ⋅ Cisco Talos ⋅ JON MUNSHAW
2020: The year in malware
WolfRAT Prometei Poet RAT Agent Tesla Astaroth Ave Maria CRAT Emotet Gozi IndigoDrop JhoneRAT Nanocore RAT NjRAT Oblique RAT SmokeLoader StrongPity WastedLocker Zloader

2020-12-13 ⋅ FireEye ⋅ Alex Berry, Alex Pennino, Alyssa Rahman, Andrew Archer, Andrew Rector, Andrew Thompson, Barry Vengerik, Ben Read, Ben Withnell, Chris DiGiamo, Christopher Glyer, Dan Perez, Dileep Jallepalli, Doug Bienstock, Eric Scales, Evan Reese, Fred House, Glenn Edwards, Ian Ahl, Isif Ibrahima, Jay Smith, John Gorman, John Hultquist, Jon Leathery, Lennard Galang, Marcin Siedlarz, Matt Dunwoody, Matthew McWhirt, Michael Sikorski, Microsoft, Mike Burns, Nalani Fraiser, Nick Bennett, Nick Carr, Nick Hornick, Nick Richard, Nicole Oppenheim, Omer Baig, Ramin Nafisi, Sarah Jones, Scott Runnels, Stephen Eckels, Steve Miller, Steve Stone, William Ballenthin
Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
SUNBURST SUPERNOVA TEARDROP UNC2452

2020-12-03 ⋅ Check Point Research ⋅ Aviran Hazum, Jonathan Shimonovich
Vulnerability in Google Play Core Library Remains Unpatched in Google Play Applications

2020-11-12 ⋅ circleid ⋅ Jonathan Zhang
An Investigative Analysis of the Silent Librarian IoCs

2020-10-14 ⋅ RiskIQ ⋅ Jon Gross, Steve Ginty
A Well-Marked Trail: Journeying through OceanLotus's Infrastructure
Cobalt Strike

2020-09-30 ⋅ RiskIQ ⋅ Jon Gross
Diving Into DONOT's Mobile Rabbit Hole
KnSpy

2020-09-21 ⋅ Cisco Talos ⋅ Joe Marshall, JON MUNSHAW, Nick Mavis
The art and science of detecting Cobalt Strike
Cobalt Strike

2020-09-16 ⋅ RiskIQ ⋅ Jon Gross
RiskIQ: Adventures in Cookie Land - Part 2
8.t Dropper Chinoxy Poison Ivy

2020-08-19 ⋅ RiskIQ ⋅ Cory Kennedy, Jon Gross
RiskIQ Adventures in Cookie Land - Part 1
8.t Dropper Chinoxy

2020-04-22 ⋅ FireEye ⋅ Ben Read, Gabby Roncone, John Hultquist, Sarah Jones, Scott Henderson
Vietnamese Threat Actors APT32 Targeting Wuhan Government and Chinese Ministry of Emergency Management in Latest Example of COVID-19 Related Espionage
METALJACK

2020-03-25 ⋅ FireEye ⋅ Christopher Glyer, Dan Perez, Sarah Jones, Steve Miller
This Is Not a Test: APT41 Initiates Global Intrusion Campaign Using Multiple Exploits
Speculoos Cobalt Strike

2020-02-06 ⋅ IronNet ⋅ Jonathan Lepore
DNS Tunneling Series, Part 3: The Siren Song of RogueRobin
RogueRobin

2019-09-18 ⋅ IronNet ⋅ Jonathan Lepore
Chirp of the PoisonFrog
BONDUPDATER

2019-01-10 ⋅ FireEye ⋅ Ben Read, Muks Hirani, Sarah Jones
Global DNS Hijacking Campaign: DNS Record Manipulation at Scale
DNSpionage DNSpionage

2019-01-09 ⋅ Mandiant ⋅ Ben Read, Muks Hirani, Sarah Jones
Global DNS Hijacking Campaign: DNS Record Manipulation at Scale
DNSpionage Sea Turtle

2018-11-19 ⋅ FireEye ⋅ Andrew Thompson, Ben Withnell, Jonathan Leathery, Matthew Dunwoody, Michael Matonis, Nick Carr
Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign
Cobalt Strike

2018-10-03 ⋅ Virus Bulletin ⋅ Michal Poslušný, Peter Kálnai
Lazarus Group A Mahjong Game Played with Different Sets of Tiles
Bankshot BanPolMex RAT FuwuqiDrama HOTWAX KillDisk (Lazarus) NACHOCHEESE REDSHAWL WannaCryptor