Malpedia Library

Click here to download all references as Bib-File.•

2026-02-19 ⋅ Elastic ⋅ Elastic Security Labs, Salim Bitam
MIMICRAT: ClickFix Campaign Delivers Custom RAT via Compromised Legitimate Websites
AstarionRAT

2026-01-02 ⋅ The Record ⋅ Jonathan Greig
Sedgwick confirms cyber incident affecting its major federal contractor subsidiary
TridentLocker

2025-11-17 ⋅ AhnLab ⋅ ASEC Analysis Team
NKNShell Malware Distributed via VPN Website
Larva-24010

2025-09-18 ⋅ Recorded Future ⋅ Insikt Group
CopyCop Deepens Its Playbook with New Websites and Targets
Storm-1516

2025-07-24 ⋅ The Washington Times ⋅ Bill Gertz
Hackers breach intelligence website used by CIA

2025-05-27 ⋅ Mandiant ⋅ Diana Ion, Rommel Joven, Yash Gupta
Text-to-Malware: How Cybercriminals Weaponize Fake AI-Themed Websites
UNC6032

2025-03-17 ⋅ GoDaddy ⋅ Denis Sinegubko
DollyWay World Domination: Eight Years of Evolving Website Malware Campaigns
DollyWay

2025-03-10 ⋅ Cybershafarat ⋅ Treadstone 71
DieNet and #Shiite_Harvest claimed responsibility for disabling ten significant Iraqi websites
DieNet

2025-03-04 ⋅ c/side ⋅ Himanshu Anand
Thousands of websites hit by four backdoors in 3rd party JavaScript attack

2025-01-30 ⋅ Department of Justice ⋅ U.S. Attorney's Office Southern District of Texas
Cybercrime websites selling hacking tools to transnational organized crime groups seized

2024-11-12 ⋅ Recorded Future ⋅ Insikt Group
China-Nexus TAG-112 Compromises Tibetan Websites to Distribute Cobalt Strike
Cobalt Strike TAG-112

2024-11-12 ⋅ Recorded Future ⋅ Insikt Group
China-Nexus TAG-112 Compromises Tibetan Websites to Distribute Cobalt Strike
Cobalt Strike

2024-09-30 ⋅ X (@GenThreatLabs) ⋅ Gen Threat Labs
Tweet on FAKEUPDATES pushing WARMCOOKIE backdoor via compromised websites targeting France
FAKEUPDATES WarmCookie

2024-07-31 ⋅ Broadcom ⋅ Broadcom
DeerStealer malware spread via fake Google Authenticator websites
DeerStealer

2024-06-12 ⋅ Gdata ⋅ Anna Lvova, Karsten Hahn
New backdoor BadSpace delivered by high-ranking infected websites
WarmCookie

2024-02-06 ⋅ Group-IB ⋅ Threat Intelligence
Dead-end job: ResumeLooters gang infects websites with XSS scripts and SQL injections to vacuum up job seekers' personal data and CVs
ResumeLooters

2024-01-12 ⋅ YouTube (BSides Cambridge UK) ⋅ Cian Heasley
Slipping The Net: Qakbot, Emotet And Defense Evasion
Emotet QakBot

2023-10-03 ⋅ The Record ⋅ Jonathan Greig
NATO 'actively addressing' alleged cyberattack affecting some websites
SiegedSec

2023-09-18 ⋅ KrebsOnSecurity ⋅ Brian Krebs
Who's Behind the 8Base Ransomware Website?
8Base

2023-09-04 ⋅ ⋅ Cert-UA ⋅ Cert-UA
APT28 cyberattack: msedge as a bootloader, TOR and mockbin.org/website.hook services as a control center (CERT-UA#7469)