Malpedia Library

2022-01-28 ⋅ Group-IB ⋅ Iaroslav Polianskii, Vesta Matveeva
Shedding light on the dark web

2022-01-25 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
BianLian C&C domain name
BianLian Hydra

2022-01-25 ⋅ Trellix ⋅ Alexandre Mundo, Christiaan Beek, Leandro Velasco, Marc Elias, Max Kersten
Prime Minister’s Office Compromised: Details of Recent Espionage Campaign
Graphite

2022-01-17 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Android/BianLian payload
BianLian Hydra

2022-01-14 ⋅ Medium (Cryptax) ⋅ Axelle Apvrille
Multidex trick to unpack Android/BianLian
BianLian

2021-12-22 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), CISA, Computer Emergency Response Team New Zealand (CERT NZ), FBI, New Zealand National Cyber Security Centre (NZ NCSC), NSA, United Kingdom’s National Cyber Security Centre (NCSC-UK)
Alert (AA21-356A) Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

2021-12-08 ⋅ Check Point Research ⋅ Aliaksandr Trafimchuk, David Driker, Raman Ladutska, Yali Magiel
When old friends meet again: why Emotet chose Trickbot for rebirth
Emotet TrickBot

2021-11-30 ⋅ Bleeping Computer ⋅ Ionut Ilascu
Yanluowang ransomware operation matures with experienced affiliates
FiveHands

2021-11-29 ⋅ Mandiant ⋅ Brandan Schondorfer, Tyler McLellan
Kitten.gif: Meet the Sabbath Ransomware Affiliate Program, Again
Cobalt Strike ROLLCOAST

2021-11-17 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), CISA, FBI, NCSC UK
Alert (AA21-321A): Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

2021-11-17 ⋅ IBM ⋅ Shahar Tavor
BrazKing Android Malware Upgraded and Targeting Brazilian Banks
PixStealer

2021-11-17 ⋅ ⋅ Investigative reporting project Italy ⋅ Lorenzo Bagnoli, Riccardo Coluccini
Sorveglianza: l’azienda italiana che vuole sfidare i colossi NSO e Palantir
Chrysaor

2021-11-09 ⋅ CrowdStrike ⋅ Lukas Kupczyk, Max Julian Hofmann
Scheming with URLs: One-Click Attack Surface in Linux Desktop Environments

2021-11-08 ⋅ Department of Justice ⋅ Department of Justice
Indictment of Yaroslav Vasinskyi (REvil affiliate)
REvil REvil

2021-11-08 ⋅ FBI ⋅ FBI
WANTED poster for Yevhgyeniy Polyanin (REvil affiliate)
REvil REvil

2021-11-08 ⋅ Department of Justice ⋅ Department of Justice
Indictment of Yevgeniy Polyanin, one off the REvil affliates
REvil REvil

2021-11-08 ⋅ Europol ⋅ Europol
Five Affiliates to Sodinokibi/REvil Unplugged
REvil

2021-10-28 ⋅ ⋅ BR.DE ⋅ Hakan Tanriverdi, Maximilian Zierer
Mutmaßlicher Ransomware-Millionär identifiziert
REvil REvil

2021-10-26 ⋅ cyjax ⋅ william thomas
Mercenary APTs – An Exploration
Chrysaor

2021-09-29 ⋅ Flashpoint ⋅ Flashpoint
Russian hacker Q&A: An Interview With REvil-Affiliated Ransomware Contractor
REvil REvil