Malpedia Library

Click here to download all references as Bib-File.•

2023-04-01 ⋅ Objective-See ⋅ Patrick Wardle
Ironing out (the macOS) details of a Smooth Operator (Part II)
3CX Backdoor

2023-04-01 ⋅ Github (dodo-sec) ⋅ dodo-sec
SmoothOperator
3CX Backdoor

2023-03-31 ⋅ Group-IB ⋅ Group-IB
36gate: supply chain attack
3CX Backdoor

2023-03-31 ⋅ vmware ⋅ Threat Analysis Unit
Investigating 3CX Desktop Application Attacks: What You Need to Know
3CX Backdoor

2023-03-31 ⋅ Reversing Labs ⋅ Karlo Zanki
Red flags flew over software supply chain-compromised 3CX update
3CX Backdoor

2023-03-31 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team
Initial Implants and Network Analysis Suggest the 3CX Supply Chain Operation Goes Back to Fall 2022
3CX Backdoor

2023-03-31 ⋅ cyble ⋅ Cyble
A Comprehensive Analysis of the 3CX Attack
3CX Backdoor

2023-03-31 ⋅ splunk ⋅ Splunk Threat Research Team
Splunk Insights: Investigating the 3CXDesktopApp Supply Chain Compromise
3CX Backdoor

2023-03-31 ⋅ Zscaler ⋅ Meghraj Nandanwar, Niraj Shivtarkar, Rohit Hegde
3CX Supply Chain Attack Campaign Campaign Analysis
3CX Backdoor

2023-03-31 ⋅ Youtube (ThreatCatch) ⋅ ThreatCat.ch
Sinkholing the Domain Generation Algorithm of m0yv
Expiro m0yv

2023-03-30 ⋅ Zscaler ⋅ Brett Stone-Gross, Javier Vicente, Nikolaos Pantazopoulos
Technical Analysis of Xloader’s Code Obfuscation in Version 4.3
Formbook

2023-03-30 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
eSentire Threat Intelligence Malware Analysis: BatLoader
BATLOADER Cobalt Strike ISFB SystemBC Vidar

2023-03-30 ⋅ United States District Court (Eastern District of New York) ⋅ Fortra, HEALTH-ISAC, Microsoft
Cracked Cobalt Strike (1:23-cv-02447)
Black Basta BlackCat LockBit RagnarLocker LockBit Black Basta BlackCat Cobalt Strike Cuba Emotet LockBit Mount Locker PLAY QakBot RagnarLocker Royal Ransom Zloader

2023-03-30 ⋅ K7 Security ⋅ Lathashree K
GoatRAT Attacks Automated Payment Systems
GoatRAT

2023-03-30 ⋅ Google ⋅ Google Threat Analysis Group, Shane Huntley
TAG Bulletin: Q1 2023

2023-03-30 ⋅ OALabs ⋅ Sergei Frankoff
3CX Supply Chain Attack
3CX Backdoor

2023-03-30 ⋅ Rapid7 Labs ⋅ Rapid7
Backdoored 3CXDesktopApp Installer Used in Active Threat Campaign
3CX Backdoor

2023-03-30 ⋅ Huntress Labs ⋅ John Hammond
3CX VoIP Software Compromise & Supply Chain Threats
3CX Backdoor

2023-03-30 ⋅ CrowdStrike ⋅ CS ENGINEER
2023-03-29 // SITUATIONAL AWARENESS // CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers
3CX Backdoor

2023-03-30 ⋅ Symantec ⋅ Threat Hunter Team
3CX: Supply Chain Attack Affects Thousands of Users Worldwide
3CX Backdoor IconicStealer