Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-28BitSightAndré Tavares
@online{tavares:20230328:tofsee:60925da, author = {André Tavares}, title = {{Tofsee Botnet: Proxying and Mining}}, date = {2023-03-28}, organization = {BitSight}, url = {https://www.bitsight.com/blog/tofsee-botnet-proxying-and-mining}, language = {English}, urldate = {2023-03-29} } Tofsee Botnet: Proxying and Mining
Tofsee
2023-02-13BitSightStanislas Arnoud
@online{arnoud:20230213:mylobot:c81a83d, author = {Stanislas Arnoud}, title = {{Mylobot: Investigating a proxy botnet}}, date = {2023-02-13}, organization = {BitSight}, url = {https://www.bitsight.com/blog/mylobot-investigating-proxy-botnet}, language = {English}, urldate = {2023-02-14} } Mylobot: Investigating a proxy botnet
MyloBot
2022-12-06BitSightJoão Batista
@online{batista:20221206:cova:a19beea, author = {João Batista}, title = {{Cova and Nosu: a new loader spreads a new stealer}}, date = {2022-12-06}, organization = {BitSight}, url = {https://www.bitsight.com/blog/cova-and-nosu-new-loader-spreads-new-stealer}, language = {English}, urldate = {2022-12-07} } Cova and Nosu: a new loader spreads a new stealer
Cova Nosu
2022-11-30BitSightAndré Tavares
@online{tavares:20221130:unpacking:a15d3e0, author = {André Tavares}, title = {{Unpacking Colibri Loader: A Russian APT linked Campaign}}, date = {2022-11-30}, organization = {BitSight}, url = {https://www.bitsight.com/blog/unpacking-colibri-loader-russian-apt-linked-campaign}, language = {English}, urldate = {2022-12-02} } Unpacking Colibri Loader: A Russian APT linked Campaign
Colibri Loader PrivateLoader
2022-10-05BitSightStanislas Arnoud, João Godinho
@online{arnoud:20221005:sinkholing:8a928c6, author = {Stanislas Arnoud and João Godinho}, title = {{Sinkholing PseudoManuscrypt: From Zero To 50k Infections - Part 1}}, date = {2022-10-05}, organization = {BitSight}, url = {https://www.bitsight.com/blog/zero-50k-infections-pseudomanuscrypt-sinkholing-part-1}, language = {English}, urldate = {2022-10-07} } Sinkholing PseudoManuscrypt: From Zero To 50k Infections - Part 1
PrivateLoader PseudoManuscrypt
2022-09-21BitSightJoão Batista
@online{batista:20220921:systembc:4aca73f, author = {João Batista}, title = {{SystemBC: The Multipurpose Proxy Bot Still Breathes}}, date = {2022-09-21}, organization = {BitSight}, url = {https://www.bitsight.com/blog/systembc-multipurpose-proxy-bot-still-breathes}, language = {English}, urldate = {2022-09-22} } SystemBC: The Multipurpose Proxy Bot Still Breathes
SystemBC
2022-08-31BitSightAndré Tavares
@online{tavares:20220831:tracking:5b4130e, author = {André Tavares}, title = {{Tracking PrivateLoader: Malware Distribution Service}}, date = {2022-08-31}, organization = {BitSight}, url = {https://www.bitsight.com/blog/tracking-privateloader-malware-distribution-service}, language = {English}, urldate = {2022-08-31} } Tracking PrivateLoader: Malware Distribution Service
PrivateLoader RedLine Stealer SmokeLoader
2022-08-10BitSightJoão Batista
@online{batista:20220810:emotet:2248a42, author = {João Batista}, title = {{Emotet SMB Spreader is Back}}, date = {2022-08-10}, organization = {BitSight}, url = {https://www.bitsight.com/blog/emotet-smb-spreader-back}, language = {English}, urldate = {2022-08-11} } Emotet SMB Spreader is Back
Emotet
2022-05-24BitSightJoão Batista, Pedro Umbelino, BitSight
@online{batista:20220524:emotet:cae57f1, author = {João Batista and Pedro Umbelino and BitSight}, title = {{Emotet Botnet Rises Again}}, date = {2022-05-24}, organization = {BitSight}, url = {https://www.bitsight.com/blog/emotet-botnet-rises-again}, language = {English}, urldate = {2022-05-25} } Emotet Botnet Rises Again
Cobalt Strike Emotet QakBot SystemBC
2022-02-04BitSightAndré Tavares
@online{tavares:20220204:flubot:532b2fc, author = {André Tavares}, title = {{FluBot Malware Persists: Most Prevalent In Germany and Spain}}, date = {2022-02-04}, organization = {BitSight}, url = {https://www.bitsight.com/blog/flubot-malware-persists-most-prevalent-germany-and-spain}, language = {English}, urldate = {2022-02-09} } FluBot Malware Persists: Most Prevalent In Germany and Spain
FluBot
2018-02-02BitSightTiago Pereira
@online{pereira:20180202:break:b0556dc, author = {Tiago Pereira}, title = {{Break Out Of The Tinynuke Malware}}, date = {2018-02-02}, organization = {BitSight}, url = {https://www.bitsighttech.com/blog/break-out-of-the-tinynuke-botnet}, language = {English}, urldate = {2020-01-06} } Break Out Of The Tinynuke Malware
TinyNuke
2017-02-24BitSightSofia Luis
@online{luis:20170224:necurs:629636f, author = {Sofia Luis}, title = {{Necurs Proxy Module With DDOS Features}}, date = {2017-02-24}, organization = {BitSight}, url = {https://www.bitsighttech.com/blog/necurs-proxy-module-with-ddos-features}, language = {English}, urldate = {2019-12-06} } Necurs Proxy Module With DDOS Features
Necurs
2015-10-15BitSightAnubisLabs
@techreport{anubislabs:20151015:dridex:4dafca8, author = {AnubisLabs}, title = {{Dridex: Chasing a botnet from the inside}}, date = {2015-10-15}, institution = {BitSight}, url = {https://cdn2.hubspot.net/hubfs/507516/ANB_MIR_Dridex_PRv7_final.pdf}, language = {English}, urldate = {2020-08-06} } Dridex: Chasing a botnet from the inside
Dridex