Malpedia Library

Click here to download all references as Bib-File.•

2025-04-03 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Ransomhub Group & New Betruger Backdoor Technical Malware Analysis Report

2025-04-02 ⋅ ANALYST1 ⋅ analyst1
Inside BlackBasta: Actor Profiles, Extortion Tactics & Finances
Black Basta Black Basta

2025-04-02 ⋅ BushidoToken ⋅ BushidoToken
Tracking Adversaries: EvilCorp, the RansomHub affiliate
RansomHub

2025-04-02 ⋅ Intel 471 ⋅ Intel 471
An in-depth look at Black Basta's TTPs
Black Basta Black Basta

2025-04-01 ⋅ Hunt.io ⋅ Hunt.io
Same Russian-Speaking Threat Actor, New Tactics: Abuse of Cloudflare Services for Phishing and Telegram to Filter Victim IPs
Pyramid

2025-04-01 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0219: Cyber espionage using PowerShell stealer WRECKSTEEL (CERT-UA#14283)
WRECKSTEEL UAC-0219

2025-04-01 ⋅ ZW01f ⋅ Mohamed Ezat
Auto-color - Linux backdoor
Auto-Color

2025-03-31 ⋅ Aikido ⋅ Charlie Eriksen
Malware hiding in plain sight: Spying on North Korean Hackers
BeaverTail

2025-03-31 ⋅ Zscaler ⋅ Muhammed Irfan V A
Analyzing New HijackLoader Evasion Tactics
HijackLoader

2025-03-31 ⋅ Sekoia ⋅ Amaury G., Coline Chavane, Félix Aime, Sekoia TDR
From Contagious to ClickFake Interview: Lazarus leveraging the ClickFix tactic
FrostyFerret GolangGhost GolangGhost

2025-03-28 ⋅ Cisco Talos ⋅ Guilherme Venere
Gamaredon campaign abuses LNK files to distribute Remcos backdoor
Remcos

2025-03-28 ⋅ SUCURI ⋅ Puja Srivastava
Hidden Malware Strikes Again: Mu-Plugins Under Attack

2025-03-28 ⋅ Intrinsec ⋅ David Sardinha
From espionage to PsyOps: Tracking operations and bulletproof providers of UACs in 2025
sLoad NetSupportManager RAT Remcos SmokeLoader

2025-03-26 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Raton / Silly - Remote Access Trojan | Technical Malware Analysis Report
AsyncRAT

2025-03-25 ⋅ Suresh Reddy
Inside Kimsuky’s Latest Cyberattack: Analyzing Malicious Scripts and Payloads

2025-03-25 ⋅ IBM X-Force ⋅ Golo Mühr
IBM X-Force discovers new Sheriff Backdoor used to target Ukraine
Deputy Sheriff

2025-03-25 ⋅ JPCERT/CC ⋅ Hayato Sasaki
Tempted to Classifying APT Actors: Practical Challenges of Attribution in the Case of Lazarus’s Subgroup

2025-03-25 ⋅ DomainTools ⋅ DomainTools
Phishing Campaign Targets Defense and Aerospace Firms Linked to Ukraine Conflict

2025-03-25 ⋅ Kaspersky Labs ⋅ Boris Larin, Igor Kuznetsov
Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain
Operation ForumTroll

2025-03-24 ⋅ SYGNIA ⋅ Sygnia Team
Weaver Ant, the Web Shell Whisperer: Tracking a Live China-nexus Operation
CHINACHOPPER reGeorg