Malpedia Library

2023-03-07 ⋅ The Record ⋅ Dina Temple-Raston, Will Jarvis
Internal documents show Mexican army used spyware against civilians, set up secret military intelligence unit
Chrysaor Guacamaya

2023-03-04 ⋅ ThreatZero ⋅ Raphael Mendonça
KL Remota - Brazilian Malware Bank

2023-02-26 ⋅ OALabs ⋅ Sergei Frankoff
PikaBot Tiny loader that seems very familiar
Pikabot

2023-02-09 ⋅ Trend Micro ⋅ Aliakbar Zahravi, Peter Girnus
Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs
Enigma Loader

2023-02-08 ⋅ Trend Micro ⋅ Ted Lee
Earth Zhulong: Familiar Patterns Target Southeast Asian Firms
Cobalt Strike MACAMAX 1937CN

2023-02-03 ⋅ Cleafy ⋅ Alessandro Strino, Francesco Iubatti
PixPirate: a new Brazilian Banking Trojan
PixPirate

2023-01-24 ⋅ ACSC ⋅ Australian Cyber Security Centre (ACSC)
2023-01: ACSC Ransomware Profile - Royal
Royal Ransom

2023-01-17 ⋅ Trend Micro ⋅ Aliakbar Zahravi, Peter Girnus
Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures
NjRAT

2023-01-09 ⋅ Trendmicro ⋅ Fe Cureg, Hitomi Kimura, Ryan Maglaque, Trent Bessell
Gootkit Loader Actively Targets Australian Healthcare Industry
GootLoader GootKit

2022-12-16 ⋅ Aon ⋅ John Ailes, Julia Paluch
SCL -1: The Dangerous Side Of Safe Senders

2022-12-15 ⋅ ThreatFabric ⋅ ThreatFabric
BrasDex: A new Brazilian ATS Android Banker with ties to Desktop malware
BrasDex

2022-11-16 ⋅ Ruptura InfoSecurity ⋅ Rad Kawar
Writing Tiny, Stealthy & Reliable Malware

2022-10-24 ⋅ Youtube (Virus Bulletin) ⋅ Axelle Apvrille
Hunting the AndroidBianLian botnet
BianLian

2022-10-19 ⋅ Mandiant ⋅ Jesse Valdez, Sandor Nemes, Sulian Lebegue
From RM3 to LDR4: URSNIF Leaves Banking Fraud Behind
LDR4

2022-10-13 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team
BianLian Ransomware Encrypts Files in the Blink of an Eye
BianLian

2022-10-12 ⋅ ThreatFabric ⋅ ThreatFabric
TOAD attacks: Vishing combined with Android banking malware now targeting Italian banks
BRATA Copybara Joker

2022-09-30 ⋅ NCC Group ⋅ Michael Mullen, Nikolaos Pantazopoulos, William Backhouse
A glimpse into the shadowy realm of a Chinese APT: detailed analysis of a ShadowPad intrusion
ShadowPad

2022-09-26 ⋅ CrowdStrike ⋅ Ioan Iacob, Iulian Madalin Ionita
The Anatomy of Wiper Malware, Part 3: Input/Output Controls
CaddyWiper DEADWOOD DistTrack DoubleZero DUSTMAN HermeticWiper IsaacWiper Meteor Petya Sierra(Alfa,Bravo, ...) StoneDrill WhisperGate ZeroCleare

2022-09-14 ⋅ Mandiant ⋅ James Maclachlan, Mathew Potaczek, Matt Williams, Nino Isakovic, Yash Gupta
It's Time to PuTTY! DPRK Job Opportunity Phishing via WhatsApp
BLINDINGCAN miniBlindingCan sRDI

2022-09-14 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), CSE Canada, FBI, NCSC UK, NSA, U.S. Cyber Command, U.S. Department of the Treasury, US-CERT
Alert (AA22-257A): Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations