Malpedia Library

Click here to download all references as Bib-File.•

2025-03-11 ⋅ Hunt.io ⋅ Hunt.io
JSPSpy and ‘filebroser’: A Custom File Management Tool in Webshell Infrastructure

2025-03-11 ⋅ Trend Micro ⋅ Cj Arsley Mateo, Darrel Tristan Virtusio, Jacob Santos, Junestherry Dela Cruz, Paul John Bardon
AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution
Lumma Stealer SmartLoader

2025-03-06 ⋅ Medium SarvivaMalwareAnalyst ⋅ sarviya
XWorm Attack Chain: Leveraging Steganography from Phishing Email to Keylogging via C2 Communication
XWorm

2025-02-02 ⋅ Team82 ⋅ Team82
Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? The Reality is More Complicated…
CMS8000 Backdoor

2025-01-13 ⋅ ⋅ Cert-AgID ⋅ Cert-AgID
Analisi di una campagna Lumma Stealer con falso CAPTCHA condotta attraverso domino italiano compromesso
Lumma Stealer

2025-01-07 ⋅ SOCRadar ⋅ Ameer Onwa
Turla Cyber Campaign Targeting Pakistan’s Critical Infrastructure

2025-01-07 ⋅ Hunt.io ⋅ Hunt.io
Golang Beacons and VS Code Tunnels: Tracking a Cobalt Strike Server Leveraging Trusted Infrastructure
Cobalt Strike

2024-12-29 ⋅ cocomelonc ⋅ cocomelonc
Malware and cryptography 38 - Encrypt/decrypt payload via Camellia cipher. S-box analyses examples. Simple C example.

2024-11-19 ⋅ Palo Alto Networks Unit 42 ⋅ Asher Davila, Chris Navarrete
FrostyGoop’s Zoom-In: A Closer Look into the Malware Artifacts, Behaviors and Network Communications
FrostyGoop

2024-11-19 ⋅ CrowdStrike ⋅ Counter Adversary Operations
Unveiling LIMINAL PANDA: A Closer Look at China's Cyber Threats to the Telecom Sector
LIMINAL PANDA

2024-11-06 ⋅ Sophos ⋅ Asha Castle, Hikaru Koike, Sean Gallagher, Trang Tang
Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign
GootLoader

2024-10-31 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network
Storm-0940

2024-10-18 ⋅ SpyCloud ⋅ Kyla Cardona
A Deep Dive Into the Intricate Chinese Cybercrime Ecosystem

2024-10-08 ⋅ Hunt.io ⋅ Hunt.io
Inside a Cybercriminal’s Server: DDoS Tools, Spyware APKs, and Phishing Pages
SpyNote

2024-09-30 ⋅ X (@GenThreatLabs) ⋅ Gen Threat Labs
Tweet on FAKEUPDATES pushing WARMCOOKIE backdoor via compromised websites targeting France
FAKEUPDATES WarmCookie

2024-09-25 ⋅ The Register ⋅ Laura Dobberstein
China claims Taiwan, not civilians, behind web vandalism
Anonymous64

2024-09-20 ⋅ McAfee ⋅ Aayush Tyagi, Yashvi Shah
Behind the CAPTCHA: A Clever Gateway of Malware
Emmenhtal Lumma Stealer

2024-09-10 ⋅ Talos Intelligence ⋅ Joey Chen
DragonRank, a Chinese-speaking SEO manipulator service provider
IISpy PlugX DragonRank

2024-08-21 ⋅ OODA Loop ⋅ OODA Loop
Toyota Customer, Employee Data Leaked in Confirmed Data Breach
ZeroSevenGroup

2024-08-08 ⋅ NSFOCUS ⋅ NSFOCUS
New APT Group Actor240524: A Closer Look at Its Cyber Tactics Against Azerbaijan and Israel
ABCsync Actor240524