Malpedia Library

2024-12-05 ⋅ Recorded Future ⋅ Insikt Group
BlueAlpha Abuses Cloudflare Tunneling Service for GammaDrop Staging Infrastructure

2024-12-05 ⋅ Trend Micro ⋅ Daniel Lunghi, Joseph Chen
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks

2024-12-05 ⋅ LinkedIn (Idan Tarab) ⋅ Idan Tarab
The Diplomatic Deception: Patchwork’s Use of Fake U.S. Embassy Alerts in Cyber Espionage

2024-12-05 ⋅ Orange Cyberdefense ⋅ Alexandre Matousek, Marine PICHON
Edam Dropper
Edam Emmenhtal

2024-12-04 ⋅ Rapid7 ⋅ Tyler McGraw
Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware
Zloader

2024-12-04 ⋅ Lumen ⋅ Black Lotus Labs, Danny Adamitis, Ryan English
Snowblind: The Invisible Hand of Secret Blizzard
Crimson RAT TwoDash

2024-12-04 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage
Crimson RAT MiniPocket TwoDash Wainscot Operation C-Major Storm-0473

2024-12-04 ⋅ Cleafy ⋅ Alessandro Strino, Federico Valentini, Simone Mattia
DroidBot: Insights from a new Turkish MaaS fraud operation
DroidBot

2024-12-03 ⋅ Hunt.io ⋅ Hunt.io
Rare Watermark Links Cobalt Strike 4.10 Team Servers to Ongoing Suspicious Activity
Cobalt Strike

2024-12-03 ⋅ Check Point Research ⋅ Check Point Research
Inside Akira Ransomware’s Rust Experiment
Akira

2024-12-03 ⋅ BitSight ⋅ Bitsight TRACE
PROXY.AM Powered by Socks5Systemz Botnet
Socks5 Systemz

2024-12-02 ⋅ Kaspersky Labs ⋅ Artem Ushkov
Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT
NetSupportManager RAT RMS

2024-12-02 ⋅ FortiGuard Labs ⋅ Pei Han Liao
SmokeLoader Attack Targets Companies in Taiwan
SmokeLoader

2024-12-02 ⋅ Medium b.magnezi ⋅ 0xMrMagnezi
LokiBot Malware Analysis
Loki Password Stealer (PWS)

2024-12-02 ⋅ Zscaler ⋅ Muhammed Irfan V A
Unveiling RevC2 and Venom Loader
RevC2 VenomLoader

2024-11-30 ⋅ Technical Evolution ⋅ techevo
REKOOBE APT-31 Linux Backdoor Analysis
Rekoobe

2024-11-28 ⋅ Hunt.io ⋅ Hunt.io
Uncovering Threat Actor Tactics: How Open Directories Provide Insight into XWorm Delivery Strategies
XWorm

2024-11-28 ⋅ StrikeReady ⋅ StrikeReady Labs
RU APT targeting Energy Infrastructure (Unknown unknowns, part 3)
Edam Emmenhtal

2024-11-27 ⋅ Rapid7 ⋅ Natalie Zargarov
New “CleverSoar” Installer Targets Chinese and Vietnamese Users
ValleyRAT

2024-11-27 ⋅ ESET Research ⋅ Martin Smolár, Peter Strýček
Bootkitty: Analyzing the first UEFI bootkit for Linux
Bootkitty