Malpedia Library

2017-08-01 ⋅ ESET Research ⋅ Gazing at Gazer, Turla’s new second stage backdoor
Gazing at Gazer Turla’s new second stage backdoor
Turla

2017-08-01 ⋅ Malwarebytes ⋅ Malwarebytes Labs
TrickBot comes up with new tricks: attacking Outlook and browsing data
TrickBot

2017-07-31 ⋅ Palo Alto Networks Unit 42 ⋅ Bryan Lee, Robert Falcone
TwoFace Webshell: Persistent Access Point for Lateral Movement
TwoFace OilRig

2017-07-31 ⋅ Proofpoint ⋅ Darien Huss, Matthew Mesa
FIN7/Carbanak threat actor unleashes Bateleur JScript backdoor
Bateleur FIN7

2017-07-27 ⋅ Trend Micro ⋅ Benson Sy, CH Lei, Kawabata Kohei
ChessMaster Makes its Move: A Look into the Campaign’s Cyberespionage Arsenal
Emdivi

2017-07-27 ⋅ Flashpoint ⋅ Flashpoint
New Version of “Trickbot” Adds Worm Propagation Module
TrickBot

2017-07-27 ⋅ Forbes ⋅ Thomas Brewster
With Fake News And Femmes Fatales, Iran's Spies Learn To Love Facebook
Charming Kitten

2017-07-27 ⋅ Palo Alto Networks Unit 42 ⋅ Bryan Lee, Robert Falcone
OilRig Uses ISMDoor Variant; Possibly Linked to Greenbug Threat Group
Greenbug

2017-07-27 ⋅ Trend Micro ⋅ Benson Sy, CH Lei, Kawabata Kohei
ChessMaster Makes its Move: A Look into the Campaign’s Cyberespionage Arsenal
APT10

2017-07-25 ⋅ ClearSky ⋅ ClearSky Research Team
Operation Wilted Tulip – Exposing a Cyber Espionage Apparatus
Matryoshka RAT TDTESS CopyKittens

2017-07-25 ⋅ FireEye ⋅ Swapnil Patil, Yogesh Londhe
HawkEye Credential Theft Malware Distributed in Recent Phishing Campaign
HawkEye Keylogger

2017-07-25 ⋅ Palo Alto Networks Unit 42 ⋅ Kaoru Hayashi
“Tick” Group Continues Attacks
Daserf Tick

2017-07-25 ⋅ Gigamon ⋅ Applied Threat Research Team
Footprints of Fin7: Tracking Actor Patterns (Part 1)
FIN7

2017-07-24 ⋅ Vitali Kremez Blog ⋅ Vitali Kremez
Let's Learn: Reversing Credential and Payment Card Information Stealer 'AZORult V2'
Azorult

2017-07-24 ⋅ Kaspersky Labs ⋅ Noushin Shabab
Spring Dragon – Updated Activity
LOTUS PANDA

2017-07-20 ⋅ G Data ⋅ G Data
Rurktar - Spyware under Construction
Rurktar

2017-07-20 ⋅ ESET Research ⋅ Frédéric Vachon, Matthieu Faou
Stantinko: A massive adware campaign operating covertly since 2012
Stantinko

2017-07-19 ⋅ Kaspersky Labs ⋅ Sergey Yunakovsky
The NukeBot banking Trojan: from rough drafts to real threats
TinyNuke

2017-07-18 ⋅ Bitdefender ⋅ Alexandru Maximciuc, Alexandru Rusu, Cristina Vatamanu
Inexsmar: An unusual DarkHotel campaign
DarkHotel

2017-07-18 ⋅ Trend Micro ⋅ Brian Cayanan, Mohamad Mokbel, Tim Yeh
Linux Users Urged to Update as a New Threat Exploits SambaCry
ShellBind