Malpedia Library

Click here to download all references as Bib-File.•

2024-12-11 ⋅ JPCERT/CC ⋅ Tomoya Kamei
Attack Exploiting Legitimate Service by APT-C-60
SpyGrace

2024-12-11 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine
Amadey Kazuar Wipbot FlyingYeti

2024-12-10 ⋅ cyble ⋅ Cyble
Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor
PhantomCore Head Mare

2024-12-10 ⋅ Patreon (OALABS) ⋅ Sergei Frankoff
Live Stream VOD: The Many Faces of CryptBot (Paywall)
CryptBot

2024-12-10 ⋅ Hunt.io ⋅ Hunt.io
“Million OK !!!!” and the Naver Facade: Tracking Recent Suspected Kimsuky Infrastructure
Kimsuky

2024-12-09 ⋅ SOC Prime ⋅ Veronika Telychko
UAC-0185 aka UNC4221 Attack Detection: Hackers Target the Ukrainian Defense Forces and Military-Industrial Complex
UAC-0185

2024-12-08 ⋅ DataBreaches.net ⋅ Dissent
Is KillSec3 Trying to Extort Victims Using Publicly Leaked Data?

2024-12-07 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Targeted cyberattacks UAC-0185 in relation to the Defense Forces and enterprises of defense systems of Ukraine (CRT-UA#12414)
UAC-0185

2024-12-06 ⋅ OALabs ⋅ Sergei Frankoff
CryptBot Evolution Tracking the many iterations of this stealer
CryptBot

2024-12-05 ⋅ Trend Micro ⋅ Daniel Lunghi, Joseph Chen
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks

2024-12-04 ⋅ Rapid7 ⋅ Tyler McGraw
Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware
Black Basta Cobalt Strike DarkGate SystemBC Zloader

2024-12-04 ⋅ Lumen ⋅ Black Lotus Labs, Danny Adamitis, Ryan English
Snowblind: The Invisible Hand of Secret Blizzard
Crimson RAT TwoDash

2024-12-03 ⋅ Hunt.io ⋅ Hunt.io
Rare Watermark Links Cobalt Strike 4.10 Team Servers to Ongoing Suspicious Activity
Cobalt Strike

2024-12-03 ⋅ BitSight ⋅ Bitsight TRACE
PROXY.AM Powered by Socks5Systemz Botnet
Socks5 Systemz

2024-12-02 ⋅ Red Canary ⋅ Red Canary Intelligence
Storm-1811 exploits RMM tools to drop Black Basta ransomware
UNC4393

2024-12-02 ⋅ TechSpot ⋅ Alfonso Maruccia
Hacking group claims to have cracked Microsoft's software licensing security on a massive scale
Massgrave

2024-12-02 ⋅ FortiGuard Labs ⋅ Pei Han Liao
SmokeLoader Attack Targets Companies in Taiwan
SmokeLoader

2024-11-30 ⋅ Technical Evolution ⋅ techevo
REKOOBE APT-31 Linux Backdoor Analysis
Rekoobe

2024-11-28 ⋅ Hunt.io ⋅ Hunt.io
Uncovering Threat Actor Tactics: How Open Directories Provide Insight into XWorm Delivery Strategies
XWorm

2024-11-26 ⋅ Trend Micro ⋅ Hara Hiroaki
Guess Who’s Back - The Return of ANEL in the Recent Earth Kasha Spear-phishing Campaign in 2024
Anel MirrorFace