Malpedia Library

Click here to download all references as Bib-File.•

2018-03-20 ⋅ Palo Alto Networks Unit 42 ⋅ Kyle Wilhoit, Ruchna Nigam
TeleRAT: Another Android Trojan Leveraging Telegram’s Bot API to Target Iranian Users
IRRat TeleRAT

2018-03-20 ⋅ CyberScoop ⋅ Chris Bing, Patrick Howell O'Neill
Kaspersky's 'Slingshot' report burned an ISIS-focused intelligence operation
Slingshot

2018-03-14 ⋅ Trend Micro ⋅ Jaromír Hořejší, Joey Chen, Joseph C. Chen
Tropic Trooper’s New Strategy
KeyBoy APT23

2018-03-14 ⋅ Symantec ⋅ Network Protection Security Labs, Security Response Attack Investigation Team
Inception Framework: Alive and Well, and Hiding Behind Proxies
Inception Framework

2018-03-14 ⋅ Threatpost ⋅ Tom Spring
New POS Malware PinkKite Takes Flight
AbaddonPOS

2018-03-13 ⋅ FireEye ⋅ Ben Read, Dileep Kumar Jallepalli, Sudeep Singh, Yogesh Londhe
Iranian Threat Group Updates Tactics, Techniques and Procedures in Spear Phishing Campaign
POWERSTATS MuddyWater

2018-03-13 ⋅ Kaspersky Labs ⋅ Denis Makrushin, Yury Namestnikov
Time of death? A therapeutic postmortem of connected medicine
PlugX

2018-03-12 ⋅ Trend Micro ⋅ Jaromír Hořejší
Campaign Possibly Connected to “MuddyWater” Surfaces in the Middle East and Central Asia
POWERSTATS MuddyWater

2018-03-12 ⋅ Veronica Valeros' Blog ⋅ Veronica Valeros
A Study of RATs: Third Timeline Iteration
XpertRAT

2018-03-09 ⋅ Kaspersky Labs ⋅ GReAT
Masha and these Bears - 2018 Sofacy Activity

2018-03-09 ⋅ Adam Senft, Bill Marczak, Jakub Dalek, John Scott-Railton, Ron Deibert, Sarah McKune
Sandvine’s PacketLogic Devices Used to Deploy Government Spyware in Turkey and Redirect Egyptian Users to Affiliate Ads?
StrongPity

2018-03-08 ⋅ Avast ⋅ Threat Intelligence Team
New investigations into the CCleaner incident point to a possible third stage that had keylogger capacities
CCleaner Backdoor

2018-03-08 ⋅ Kaspersky Labs ⋅ GReAT
The devil’s in the Rich header
Olympic Destroyer

2018-03-08 ⋅ Kaspersky Labs ⋅ GReAT
OlympicDestroyer is here to trick the industry
Olympic Destroyer

2018-03-07 ⋅ Palo Alto Networks Unit 42 ⋅ Brandon Levene, Brittany Ash, Josh Grunzweig
Patchwork Continues to Deliver BADNEWS to the Indian Subcontinent
BadNews

2018-03-05 ⋅ Github (TKCERT) ⋅ TKCERT
Suricata rules to detect Winnti communication
Winnti

2018-03-05 ⋅ Palo Alto Networks Unit 42 ⋅ Brandon Levene, Josh Grunzweig
Sure, I’ll take that! New ComboJack Malware Alters Clipboards to Steal Cryptocurrency
Combojack

2018-03-02 ⋅ eideon blog ⋅ Twitter (@darkquassar)
Tales of a Threat Hunter 2 Following the trace of WMI Backdoors & other nastiness

2018-03-02 ⋅ McAfee ⋅ Ryan Sherstobitoff
McAfee Uncovers Operation Honeybee, a Malicious Document Campaign Targeting Humanitarian Aid Groups
Honeybee

2018-03-02 ⋅ KrabsOnSecurity ⋅ Mr. Krabs
Analysing Remcos RAT’s executable
Remcos