Malpedia Library

2023-08-03 ⋅ OALabs ⋅ Sergei Frankoff
Golang Garble String Decryption
Bandit Stealer

2023-08-03 ⋅ Aon ⋅ Aon’s Cyber Labs
DarkGate Keylogger Analysis: Masterofnone
DarkGate

2023-08-03 ⋅ Kaspersky ⋅ Kaspersky
What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot
LokiBot DarkGate Emotet

2023-08-03 ⋅ DARKReading ⋅ Nate Nelson
Russian APT 'BlueCharlie' Swaps Infrastructure to Evade Detection
Callisto

2023-08-02 ⋅ Recorded Future ⋅ Insikt Group
BlueCharlie, Previously Tracked as TAG-53, Continues to Deploy New Infrastructure in 2023
Callisto

2023-08-02 ⋅ Checkmarx ⋅ Yehuda Gelb
Lazarus Group Launches First Open Source Supply Chain Attacks Targeting Crypto Sector

2023-08-02 ⋅ Recorded Future ⋅ Insikt Group
BlueCharlie, Previously Tracked as TAG 53, Continues to Deploy New Infrastructure in 2023

2023-08-02 ⋅ Recorded Future ⋅ Insikt Group
BlueCharlie, Previously Tracked as TAG-53, Continues to Deploy New Infrastructure in 2023

2023-08-01 ⋅ Infinitum IT ⋅ Kerime Gencay
White Snake Stealer Analysis Report (Paywall)
WhiteSnake Stealer

2023-08-01 ⋅ ANALYST1 ⋅ Jon DiMaggio
Ransomware Diaries: Volume 3 – LockBit’s Secrets
LockBit

2023-08-01 ⋅ Palo Alto Networks Unit 42 ⋅ Lior Rochberger
NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts
BitRAT NodeStealer XWorm

2023-08-01 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
BatLoader Continues Signed MSIX App Package Abuse
BATLOADER

2023-08-01 ⋅ LinkedIn (PRODAFT) ⋅ PRODAFT
An organic relationship between the #Rhysida and #ViceSociety ransomware teams
Rhysida

2023-08-01 ⋅ AhnLab ⋅ ASEC
Sliver C2 Being Distributed Through Korean Program Development Company
Sliver

2023-07-31 ⋅ Medium (csg-govtech) ⋅ Greg Jefferson
China-Backed Hackers Threaten Texas Military Sites, Utilities

2023-07-31 ⋅ Proofpoint ⋅ Kelsey Merriman, Pim Trouerbach
Out of the Sandbox: WikiLoader Digs Sophisticated Evasion
ISFB WikiLoader

2023-07-31 ⋅ d01a ⋅ Mohamed Adel
Pikabot deep analysis
Pikabot QakBot

2023-07-31 ⋅ Cleafy ⋅ Francesco Iubatti
SpyNote continues to attack financial institutions
SpyNote

2023-07-31 ⋅ OALabs ⋅ Sergei Frankoff
Bandit Stealer Garbled
Bandit Stealer

2023-07-29 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Joshua Platt
Unknown powershell backdoor with ties to new Zloader
Zloader