Malpedia Library

Click here to download all references as Bib-File.•

2022-02-23 ⋅ Sophos ⋅ Abhijit Gupta, Anand Ajjan, Andrew Brandt, Colin Cowie, Felix Weyne, Rahil Shah, Steven Lott, Syed Zaidi, Vikas Singh, Xiaochuan Zhang
Dridex bots deliver Entropy ransomware in recent attacks
Entropy

2021-12-22 ⋅ Sophos ⋅ Anand Ajjan, Andrew Brandt, Ferenc László Nagy, Fraser Howard, Peter Mackenzie, Sergio Bestulic, Timothy Easton
Avos Locker remotely accesses boxes, even running in Safe Mode
AvosLocker

2021-09-03 ⋅ Sophos ⋅ Anand Ajjan, Andrew Ludgate, Gabor Szappanos, Peter Mackenzie, Sean Gallagher, Sergio Bestulic, Syed Zaidi
Conti affiliates use ProxyShell Exchange exploit in ransomware attacks
Cobalt Strike Conti

2021-09-01 ⋅ Sophos ⋅ Anand Ajjan, Andrew Brandt, Sean Gallagher, Yusuf Polat
Fake pirated software sites serve up malware droppers as a service
Raccoon

2021-07-04 ⋅ Sophos ⋅ Anand Ajjan, Mark Loman, Sean Gallagher
Independence Day: REvil uses supply chain exploit to attack hundreds of businesses
REvil

2021-06-11 ⋅ SophosLabs Uncut ⋅ Anand Ajjan, Andrew Brandt, Hajnalka Kope, Mark Loman, Peter Mackenzie
Relentless REvil, revealed: RaaS as variable as the criminals who use it
REvil

2021-02-16 ⋅ SophosLabs Uncut ⋅ Anand Ajjan, Andrew Brandt
Conti ransomware: Evasive by nature
Conti

2020-10-28 ⋅ SophosLabs Uncut ⋅ Anand Ajjan, Bill Kearny, Brett Cove, Elida Leite, Gabor Szappanos, Peter Mackenzie, Sean Gallagher, Syed Shahram
Hacks for sale: inside the Buer Loader malware-as-a-service
Buer Ryuk Zloader

2020-08-04 ⋅ SophosLabs Uncut ⋅ Anand Ajjan, Mark Loman
WastedLocker’s techniques point to a familiar heritage
WastedLocker

2013-03-05 ⋅ Sophos Naked Security ⋅ Anand Ajjan
Russian ransomware takes advantage of Windows PowerShell
FTCODE