Malpedia Library

Click here to download all references as Bib-File.•

2025-02-26 ⋅ POLITICO ⋅ Antoaneta Roussi
Chinese hackers siphoned off Belgian state security emails, report says

2025-02-26 ⋅ Medium extensiontotal ⋅ Amit Assaraf
A Wolf in Dark Mode: The Malicious VS Code Theme That Fooled Millions

2025-02-25 ⋅ Félix Aime, Jeremy Scion, Sekoia TDR
PolarEdge: Unveiling an uncovered ORB network
PolarEdge

2025-02-25 ⋅ Sentinel LABS ⋅ Tom Hegel
Ghostwriter | New Campaign Targets Ukrainian Government and Belarusian Opposition

2025-02-24 ⋅ Palo Alto Networks Unit 42 ⋅ Alex Armstrong
Auto-Color: An Emerging and Evasive Linux Backdoor

2025-02-24 ⋅ EUR-Lex ⋅ Official Journal of the European Union
Council Implementing Regulation (EU) 2025/389 of 24 February 2025 implementing Regulation (EU) No 269/2014 concerning restrictive measures in respect of actions undermining or threatening the territorial integrity, sovereignty and independence of Ukraine

2025-02-24 ⋅ SecurityScorecard ⋅ SecurityScorecard STRIKE Team
Massive Botnet Targets M365 with Stealthy Password Spraying Attacks

2025-02-24 ⋅ Intel 471 ⋅ Intel 471
Android trojan TgToxic updates its capabilities
TgToxic

2025-02-24 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick 45: hiding and extracting payload in PNGs (with cats). Simple C example.
OceanLotus DuQu StegoLoader

2025-02-24 ⋅ K7 Security ⋅ Suresh Reddy
LCRYX Ransomware: How a VB Ransomware Locks Your System
LCRYX

2025-02-24 ⋅ Kaspersky Labs ⋅ Georgy Kucherin, João Godinho
The GitVenom campaign: cryptocurrency theft using GitHub
AsyncRAT Quasar RAT

2025-02-24 ⋅ Medium SlowMist ⋅ SlowMist
Cryptocurrency APT Intelligence: Unveiling Lazarus Group’s Intrusion Techniques

2025-02-23 ⋅ The Guardian ⋅ Joanna Partridge
Hackers steal $1.5bn from crypto exchange in ‘biggest digital heist ever’

2025-02-23 ⋅ Github (albertzsigovits) ⋅ Albert Zsigovits
ToxicEye RAT config extraction and YARA signatures
ToxicEye

2025-02-22 ⋅ ⋅ Youtube (greenplan) ⋅ greenplan
[BINARY REFINERY] (MintsLoader) - Deobfuscation of a simple XOR to get the URL
MintsLoader

2025-02-22 ⋅ CrowdStrike ⋅ CrowdStrike
Curly Spider
UNC4393

2025-02-22 ⋅ CrowdStrike ⋅ CrowdStrike
Wandering Spider
Black Basta Black Basta GOLD REBELLION

2025-02-22 ⋅ Cointelegraph ⋅ Vince Quill
Lazarus Group moves funds to multiple wallets as Bybit offers bounty

2025-02-21 ⋅ cyjax ⋅ Cymon
How’s that for a malicious Linkc, new group launches DLS
LinkC Pub

2025-02-21 ⋅ Medium SarvivaMalwareAnalyst ⋅ sarviya
Process Hollowing — Malware Reverse Engineering.