Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-02-09Trend MicroAliakbar Zahravi, Peter Girnus
@online{zahravi:20230209:enigma:71c3a6f, author = {Aliakbar Zahravi and Peter Girnus}, title = {{Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs}}, date = {2023-02-09}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/b/enigma-stealer-targets-cryptocurrency-industry-with-fake-jobs.html}, language = {English}, urldate = {2023-02-13} } Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs
Enigma Loader
2023-01-17Trend MicroPeter Girnus, Aliakbar Zahravi
@online{girnus:20230117:earth:f1cba60, author = {Peter Girnus and Aliakbar Zahravi}, title = {{Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures}}, date = {2023-01-17}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/a/earth-bogle-campaigns-target-middle-east-with-geopolitical-lures.html}, language = {English}, urldate = {2023-01-19} } Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures
NjRAT
2022-05-05Trend MicroAliakbar Zahravi, Leandro Froes, Trend Micro Research
@online{zahravi:20220505:netdooka:93197bf, author = {Aliakbar Zahravi and Leandro Froes and Trend Micro Research}, title = {{NetDooka Framework Distributed via PrivateLoader Malware as Part of Pay-Per-Install Service}}, date = {2022-05-05}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/e/netdooka-framework-distributed-via-privateloader-ppi.html}, language = {English}, urldate = {2022-05-05} } NetDooka Framework Distributed via PrivateLoader Malware as Part of Pay-Per-Install Service
NetDooka PrivateLoader
2021-09-29Trend MicroAliakbar Zahravi, William Gamazo Sanchez, Kamlapati Choubey, Peter Girnus
@online{zahravi:20210929:formbook:54b9f08, author = {Aliakbar Zahravi and William Gamazo Sanchez and Kamlapati Choubey and Peter Girnus}, title = {{FormBook Adds Latest Office 365 0-Day Vulnerability (CVE-2021-40444) to Its Arsenal}}, date = {2021-09-29}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/i/formbook-adds-latest-office-365-0-day-vulnerability-cve-2021-404.html}, language = {English}, urldate = {2021-10-05} } FormBook Adds Latest Office 365 0-Day Vulnerability (CVE-2021-40444) to Its Arsenal
Formbook
2021-09-20Trend MicroAliakbar Zahravi, William Gamazo Sanchez
@online{zahravi:20210920:water:63df486, author = {Aliakbar Zahravi and William Gamazo Sanchez}, title = {{Water Basilisk Uses New HCrypt Variant to Flood Victims with RAT Payloads}}, date = {2021-09-20}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/i/Water-Basilisk-Uses-New-HCrypt-Variant-to-Flood-Victims-with-RAT-Payloads.html}, language = {English}, urldate = {2021-09-22} } Water Basilisk Uses New HCrypt Variant to Flood Victims with RAT Payloads
Ave Maria BitRAT LimeRAT Nanocore RAT NjRAT Quasar RAT
2021-06-17Trend MicroAliakbar Zahravi
@online{zahravi:20210617:bash:de8ec4a, author = {Aliakbar Zahravi}, title = {{Bash Ransomware DarkRadiation Targets Red Hat- and Debian-based Linux Distributions}}, date = {2021-06-17}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/f/bash-ransomware-darkradiation-targets-red-hat--and-debian-based-linux-distributions.html}, language = {English}, urldate = {2021-06-21} } Bash Ransomware DarkRadiation Targets Red Hat- and Debian-based Linux Distributions
2020-12-17Trend MicroWilliam Gamazo Sanchez, Aliakbar Zahravi
@online{sanchez:20201217:credential:8d0de6b, author = {William Gamazo Sanchez and Aliakbar Zahravi}, title = {{Credential Stealer Targets US, Canadian Bank Customers}}, date = {2020-12-17}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/l/stealth-credential-stealer-targets-us-canadian-bank-customers.html}, language = {English}, urldate = {2020-12-18} } Credential Stealer Targets US, Canadian Bank Customers
2020-10-28Trend MicroWilliam Gamazo Sanchez, Aliakbar Zahravi, Elliot Cao, Cedric Pernet, Daniel Lunghi, Jaromír Hořejší, Joseph C Chen, John Zhang
@online{sanchez:20201028:operation:7f4b906, author = {William Gamazo Sanchez and Aliakbar Zahravi and Elliot Cao and Cedric Pernet and Daniel Lunghi and Jaromír Hořejší and Joseph C Chen and John Zhang}, title = {{Operation Earth Kitsune: A Dance of Two New Backdoors}}, date = {2020-10-28}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/j/operation-earth-kitsune-a-dance-of-two-new-backdoors.html}, language = {English}, urldate = {2020-10-29} } Operation Earth Kitsune: A Dance of Two New Backdoors
AgfSpy DneSpy SLUB
2020-10-19Trend MicroNelson William Gamazo Sanchez, Aliakbar Zahravi, John Zhang, Eliot Cao, Cedric Pernet, Daniel Lunghi, Jaromír Hořejší, Joseph C. Chen
@techreport{sanchez:20201019:operation:e613dd2, author = {Nelson William Gamazo Sanchez and Aliakbar Zahravi and John Zhang and Eliot Cao and Cedric Pernet and Daniel Lunghi and Jaromír Hořejší and Joseph C. Chen}, title = {{Operation Earth Kitsune: Tracking SLUB’s Current Operations}}, date = {2020-10-19}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/white_papers/wp-operation-earth-kitsune.pdf}, language = {English}, urldate = {2020-10-21} } Operation Earth Kitsune: Tracking SLUB’s Current Operations
SLUB
2020-07-27Trend MicroAliakbar Zahravi
@online{zahravi:20200727:ensiko:fe08ad9, author = {Aliakbar Zahravi}, title = {{Ensiko: A Webshell With Ransomware Capabilities}}, date = {2020-07-27}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/ensiko-a-webshell-with-ransomware-capabilities/}, language = {English}, urldate = {2020-07-30} } Ensiko: A Webshell With Ransomware Capabilities
Ensikology
2019-12-16Trend MicroAliakbar Zahravi
@online{zahravi:20191216:momentum:891738b, author = {Aliakbar Zahravi}, title = {{Momentum Botnet's Newest DDoS Attacks and IoT Exploits}}, date = {2019-12-16}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/19/l/ddos-attacks-and-iot-exploits-new-activity-from-momentum-botnet.html}, language = {English}, urldate = {2021-06-29} } Momentum Botnet's Newest DDoS Attacks and IoT Exploits
Momentum
2019-08-15Trend MicroAliakbar Zahravi
@online{zahravi:20190815:analysis:fadf6bc, author = {Aliakbar Zahravi}, title = {{Analysis: New Remcos RAT Arrives Via Phishing Email}}, date = {2019-08-15}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_ca/research/19/h/analysis-new-remcos-rat-arrives-via-phishing-email.html}, language = {English}, urldate = {2021-08-25} } Analysis: New Remcos RAT Arrives Via Phishing Email
Remcos
2018-12-14Trend MicroAliakbar Zahravi
@online{zahravi:20181214:cybercriminals:b4a512b, author = {Aliakbar Zahravi}, title = {{Cybercriminals Use Malicious Memes that Communicate with Malware}}, date = {2018-12-14}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/cybercriminals-use-malicious-memes-that-communicate-with-malware/}, language = {English}, urldate = {2020-01-06} } Cybercriminals Use Malicious Memes that Communicate with Malware
Berbomthum