Malpedia Library

2023-08-28 ⋅ Juniper ⋅ Paul Kimayong
DreamBus Botnet Resurfaces, Targets RocketMQ vulnerability
DreamBus

2023-08-26 ⋅ BushidoToken Blog ⋅ BushidoToken
Tracking Adversaries: Scattered Spider, the BlackCat affiliate
BlackLotus POORTRY

2023-08-25 ⋅ Github (telekom-security) ⋅ Fabian Marquardt
DarkGate configuration extractor
DarkGate

2023-08-25 ⋅ Github (muha2xmad) ⋅ Muhammad Hasan Ali
Warzone RAT configuration extractor
Ave Maria

2023-08-24 ⋅ ⋅ CYBERWISE ⋅ Ali Rıza Şahinkaya, Sevcan Kazdağ
“Proxy” Based Phishing Attacks Are on the Rise Again

2023-08-24 ⋅ Github (muha2xmad) ⋅ Muhammad Hasan Ali
StealC configuration extractor
Stealc

2023-08-24 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Flax Typhoon using legitimate software to quietly access Taiwanese organizations
Flax Typhoon

2023-08-23 ⋅ Avertium ⋅ Avertium
Unraveling SCATTERED SPIEDER: A Stealthy and Persistent Threat Actor Targeting Telecom Networks

2023-08-23 ⋅ Twitter (@embee_research) ⋅ Embee_research, Huntress Labs
Extracting Xworm from Bloated Golang Executable
XWorm

2023-08-22 ⋅ AhnLab ⋅ Sanseo
Analysis of APT Attack Cases Targeting Web Services of Korean Corporations
Ladon Meterpreter MimiKatz Dalbit

2023-08-22 ⋅ ⋅ AhnLab ⋅ ASEC Analysis Team
Analyzing the new attack activity of the Andariel group
Andardoor MimiKatz QuiteRAT Tiger RAT Volgmer

2023-08-22 ⋅ Symantec ⋅ Threat Hunter Team
Carderbee: APT Group use Legit Software in Supply Chain Attack Targeting Orgs in Hong Kong
PlugX Carderbee

2023-08-21 ⋅ SentinelOne ⋅ Dinesh Devadoss, Phil Stokes
XLoader's Latest Trick | New macOS Variant Disguised as Signed OfficeNote App
Xloader

2023-08-19 ⋅ Youtube (MalwareAnalysisForHedgehogs) ⋅ Karsten Hahn
Malware Analysis - Agniane Stealer, Native Stub to .NET Unpacking
Cinoshi

2023-08-17 ⋅ CISA ⋅ CISA
MAR-10459736.r1.v1 WHIRLPOOL Backdoor
WHIRLPOOL UNC4841

2023-08-17 ⋅ SentinelOne ⋅ Aleksandar Milenkoski, Tom Hegel
Chinese Entanglement | DLL Hijacking in the Asian Gambling Sector
Cobalt Strike HUI Loader BRONZE STARLIGHT

2023-08-17 ⋅ Lumen ⋅ Black Lotus Labs
No Rest For The Wicked: HiatusRAT Takes Little Time Off In A Return To Action
HiatusRAT

2023-08-15 ⋅ CyberInt ⋅ Noel Anthony Llimos
Raccoon Stealer Announce Return After Hiatus
Raccoon

2023-08-14 ⋅ Trend Micro ⋅ Joshua Paul Ignacio, Nathaniel Morales
Monti Ransomware Unleashes a New Encryptor for Linux
Monti

2023-08-10 ⋅ Avast Decoded ⋅ Threat Research Team
Unveiling the Dominance of Scams Amidst a 24% Surge in Blocked Attacks
Storm-1567