Malpedia Library

Click here to download all references as Bib-File.•

2023-09-06 ⋅ Zscaler ⋅ Avinash Kumar, Niraj Shivtarkar
Steal-It Campaign
Mocky LNK

2023-09-06 ⋅ Darktrace ⋅ DarkTrace
The Rise of the Lumma Info-Stealer
Lumma Stealer

2023-09-06 ⋅ Microsoft ⋅ Microsoft Security Response Center (MSRC)
Results of Major Technical Investigations for Storm-0558 Key Acquisition

2023-09-06 ⋅ TRUESEC ⋅ Jakob Nordenlund
DarkGate Loader Malware Delivered via Microsoft Teams
DarkGate

2023-09-05 ⋅ CISA ⋅ CISA
MAR-10454006.r5.v1 SUBMARINE, SKIPJACK, SEASPRAY, WHIRLPOOL, and SALTWATER Backdoors
SALTWATER WHIRLPOOL UNC4841

2023-09-05 ⋅ Github (JoelGMSec) ⋅ Joel Gámez Molina
MultiPlatform HTTP Reverse Shell
HTTP-Shell

2023-09-05 ⋅ ⋅ AhnLab ⋅ Sanseo
BlueShell malware used in APT attacks targeting Korea and Thailand
BlueShell SparkRAT

2023-09-05 ⋅ Morphisec ⋅ Arnold Osipov, Hido Cohen
Chae$ 4: New Chaes Malware Variant Targeting Financial and Logistics Customers
Chaes

2023-09-04 ⋅ VMRay ⋅ VMRay Labs Team
Amadey: New encoding with old tricks
Amadey

2023-09-04 ⋅ ⋅ Cert-UA ⋅ Cert-UA
APT28 cyberattack: msedge as a bootloader, TOR and mockbin.org/website.hook services as a control center (CERT-UA#7469)

2023-09-04 ⋅ AhnLab ⋅ Sanseo
CHM Malware Using Fukushima Contaminated Water Discharge: RedEyes (ScarCruft)

2023-09-04 ⋅ Baltic News Network ⋅ , BNN
Cert.lv: activist groups supported by Russia perform cyber attacks on Latvian state institutions

2023-09-04 ⋅ Github (muha2xmad) ⋅ Muhammad Hasan Ali
A deep dive into DCRAT/DarkCrystalRAT malware
DCRat

2023-09-01 ⋅ Trellix ⋅ Adithya Chandra, Joao Marques, Raghav Kapoor
ICYMI: Emotet Reappeared Early This Year, Unfortunately
Emotet

2023-09-01 ⋅ VMRay ⋅ Emre Güler
Understanding BumbleBee: BumbleBee’s malware configuration and clusters
BumbleBee

2023-09-01 ⋅ Microsoft ⋅ Microsoft Threat Analysis Center (MTAC)
Russia’s influence networks in Sahel activated after coups

2023-09-01 ⋅ ⋅ AhnLab ⋅ Ye Eun
Malicious LNK that distributes backdoors: RedEyes (ScarCruft)

2023-08-31 ⋅ DataBreaches.net ⋅ Dissent
One month later, Ranhill still hasn’t fully recovered from cyberattack
Desorden Group

2023-08-31 ⋅ Rapid7 Labs ⋅ Evan McCann, Natalie Zargarov, Thomas Elkins, Tyler McGraw
Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers
FAKEUPDATES Amadey HijackLoader Lumma Stealer SectopRAT

2023-08-31 ⋅ Cyber Geeks ⋅ CyberMasterV
A Deep Dive into Brute Ratel C4 Payloads
Brute Ratel C4