Malpedia Library

Click here to download all references as Bib-File.•

2024-07-16 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
MirrorFace Attack against Japanese Organisations
LODEINFO NOOPDOOR

2024-07-15 ⋅ Objective-See ⋅ Patrick Wardle
This Meeting Should Have Been an Email: A DPRK stealer, dubbed BeaverTail, targets users via a trojanized meeting app
BeaverTail BeaverTail InvisibleFerret

2024-07-15 ⋅ Sekoia ⋅ Sekoia TDR
MuddyWater replaces Atera by custom MuddyRot implant in a recent campaign
bugsleep

2024-07-15 ⋅ Check Point ⋅ Checkpoint Research
New BugSleep Backdoor Deployed in Recent MuddyWater Campaigns
bugsleep

2024-07-15 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Kematian Stealer Technical Malware Analysis
Kematian Stealer

2024-07-15 ⋅ Trendmicro ⋅ Aliakbar Zahravi, Peter Girnus
CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks
Void Banshee

2024-07-15 ⋅ Trend Micro ⋅ Aliakbar Zahravi, Peter Girnus
CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks

2024-07-14 ⋅ Phylum ⋅ Phylum Research Team
Fake AWS Packages Ship Command and Control Malware In JPEG Files

2024-07-13 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 25. Create symlink from legit to evil. Simple C example.

2024-07-11 ⋅ Orange Cyberdefense ⋅ Simon Vernin
R0BL0CH0N TDS: A deep dive into the infrastructure of an affiliate marketing scam

2024-07-11 ⋅ Zscaler ⋅ Sudeep Singh, Yin Hong Chang
MoonWalk: A deep dive into the updated arsenal of APT41 | Part 2
MoonWalk

2024-07-11 ⋅ McAfee ⋅ Vignesh Dhatchanamoorthy, Yashvi Shah
ClickFix Deception: A Social Engineering Tactic to Deploy Malware
DarkGate Lumma Stealer

2024-07-10 ⋅ Akamai ⋅ Allen West, Kyle Lefton, Sam Tinklenberg
CVE-2024-4577 Exploits in the Wild One Day After Disclosure
Tsunami Ghost RAT xmrig

2024-07-10 ⋅ Risky.biz ⋅ Catalin Cimpanu
Risky Biz News: US takes down RT's Twitter bot farm
Lifting Zmiy

2024-07-09 ⋅ Twitter (@H4ckManac) ⋅ HackManac
Tweet on data breaches caused by 888 group
Threat Actor 888

2024-07-08 ⋅ Kaspersky Labs ⋅ GReAT
CloudSorcerer – A new APT targeting Russian government entities
CloudSorcerer

2024-07-08 ⋅ ⋅ Solar 4RAYS ⋅ Solar 4RAYS
Lifting Zmiy: hacking SCADA controllers in pursuit of prime victims
Lifting Zmiy

2024-07-06 ⋅ unknown
xeno-RAT open-source remote access tool (RAT)
XenoRAT

2024-07-05 ⋅ ⋅ Weixin ⋅ 360 Threat Intelligence Center
APT-C-26 (Lazarus) uses PyPI to attack Windows, Linux, and macOS platforms
SimpleTea SimpleTea

2024-07-05 ⋅ Cloudways ⋅ Abdul Rehman
Hacker Allegedly Leaks Data from Shopify Breach on BreachForums
Threat Actor 888