Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-04-27BitdefenderMihai Neagu
@techreport{neagu:20220427:redline:98fb07b, author = {Mihai Neagu}, title = {{RedLine Stealer Resurfaces in Fresh RIG Exploit Kit Campaign}}, date = {2022-04-27}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/415/Bitdefender-PR-Whitepaper-RedLine-creat6109-en-EN.pdf}, language = {English}, urldate = {2022-06-02} } RedLine Stealer Resurfaces in Fresh RIG Exploit Kit Campaign
RedLine Stealer
2022-04-18BitdefenderMihai Neagu
@techreport{neagu:20220418:redline:9eb0a9a, author = {Mihai Neagu}, title = {{RedLine Stealer Analysis}}, date = {2022-04-18}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/415/Bitdefender-PR-Whitepaper-RedLine-creat6109-en-EN.pdf}, language = {English}, urldate = {2022-04-29} } RedLine Stealer Analysis
RedLine Stealer
2022-03-22BitdefenderVlad Constantinescu
@online{constantinescu:20220322:bitrat:03c1c4c, author = {Vlad Constantinescu}, title = {{BitRAT Malware Seen Spreading Through Unofficial Microsoft Windows Activators}}, date = {2022-03-22}, organization = {Bitdefender}, url = {https://www.bitdefender.com/blog/hotforsecurity/bitrat-malware-seen-spreading-through-unofficial-microsoft-windows-activators/}, language = {English}, urldate = {2022-06-09} } BitRAT Malware Seen Spreading Through Unofficial Microsoft Windows Activators
BitRAT
2022-03-11BitdefenderRadu Crahmaliuc
@online{crahmaliuc:20220311:five:9ba5aa0, author = {Radu Crahmaliuc}, title = {{Five Things You Need to Know About the Cyberwar in Ukraine}}, date = {2022-03-11}, organization = {Bitdefender}, url = {https://www.bitdefender.com/blog/hotforsecurity/five-things-you-need-to-know-about-the-cyberwar-in-ukraine/}, language = {English}, urldate = {2022-03-31} } Five Things You Need to Know About the Cyberwar in Ukraine
HermeticWiper WhisperGate
2022-03-04BitdefenderAlina Bizga
@online{bizga:20220304:bitdefender:44d1f32, author = {Alina Bizga}, title = {{Bitdefender Labs Sees Increased Malicious and Scam Activity Exploiting the War in Ukraine}}, date = {2022-03-04}, organization = {Bitdefender}, url = {https://www.bitdefender.com/blog/hotforsecurity/bitdefender-labs-sees-increased-malicious-and-scam-activity-exploiting-the-war-in-ukraine}, language = {English}, urldate = {2022-03-04} } Bitdefender Labs Sees Increased Malicious and Scam Activity Exploiting the War in Ukraine
Agent Tesla Remcos
2022-01-26BitdefenderBitdefender
@online{bitdefender:20220126:new:587f615, author = {Bitdefender}, title = {{New FluBot and TeaBot Global Malware Campaigns Discovered}}, date = {2022-01-26}, organization = {Bitdefender}, url = {https://www.bitdefender.com/blog/labs/new-flubot-and-teabot-global-malware-campaigns-discovered}, language = {English}, urldate = {2022-02-01} } New FluBot and TeaBot Global Malware Campaigns Discovered
Anatsa FluBot
2022-01-18BitdefenderJanos Gergo Szeles
@techreport{szeles:20220118:poking:a2bd8a5, author = {Janos Gergo Szeles}, title = {{Poking Holes in Crypto-Wallets: a Short Analysis of BHUNT Stealer}}, date = {2022-01-18}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/411/Bitdefender-PR-Whitepaper-CyberWallet-creat5874-en-EN.pdf}, language = {English}, urldate = {2022-02-26} } Poking Holes in Crypto-Wallets: a Short Analysis of BHUNT Stealer
BHunt
2021-11-08BitdefenderSilviu Stahie
@online{stahie:20211108:popular:8222961, author = {Silviu Stahie}, title = {{Popular NPM Repositories Compromised in Man-in-the-Middle Attack}}, date = {2021-11-08}, organization = {Bitdefender}, url = {https://www.bitdefender.com/blog/hotforsecurity/popular-npm-repositories-compromised-in-man-in-the-middle-attack/}, language = {English}, urldate = {2021-11-09} } Popular NPM Repositories Compromised in Man-in-the-Middle Attack
DanaBot
2021-10-21BitdefenderBitdefender
@techreport{bitdefender:20211021:digitallysigned:248a238, author = {Bitdefender}, title = {{Digitally-Signed Rootkits are Back – A Look at FiveSys and Companions}}, date = {2021-10-21}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/405/Bitdefender-DT-Whitepaper-Fivesys-creat5699-en-EN.pdf}, language = {English}, urldate = {2021-11-03} } Digitally-Signed Rootkits are Back – A Look at FiveSys and Companions
NetfilterRootkit
2021-08-25BitdefenderBogdan Botezatu, Victor Vrabie, Cristina Vatamanu, Eduard Budaca
@techreport{botezatu:20210825:fin8:44ba5b3, author = {Bogdan Botezatu and Victor Vrabie and Cristina Vatamanu and Eduard Budaca}, title = {{FIN8 Threat Actor Goes Agile with New Sardonic Backdoor}}, date = {2021-08-25}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/401/Bitdefender-PR-Whitepaper-FIN8-creat5619-en-EN.pdf}, language = {English}, urldate = {2021-09-02} } FIN8 Threat Actor Goes Agile with New Sardonic Backdoor
2021-07-27BitdefenderMartin Zugec
@online{zugec:20210727:deep:862489c, author = {Martin Zugec}, title = {{Deep dive into a FIN8 attack – A forensic investigation}}, date = {2021-07-27}, organization = {Bitdefender}, url = {https://businessinsights.bitdefender.com/deep-dive-into-a-fin8-attack-a-forensic-investigation}, language = {English}, urldate = {2021-08-02} } Deep dive into a FIN8 attack – A forensic investigation
2021-07-21BitdefenderBogdan Botezatu, Victor Vrabie
@online{botezatu:20210721:luminousmoth:7ed907d, author = {Bogdan Botezatu and Victor Vrabie}, title = {{LuminousMoth – PlugX, File Exfiltration and Persistence Revisited}}, date = {2021-07-21}, organization = {Bitdefender}, url = {https://www.bitdefender.com/blog/labs/luminousmoth-plugx-file-exfiltration-and-persistence-revisited}, language = {English}, urldate = {2021-07-26} } LuminousMoth – PlugX, File Exfiltration and Persistence Revisited
PlugX
2021-07-19BitdefenderBitdefender
@techreport{bitdefender:20210719:debugging:48353a0, author = {Bitdefender}, title = {{Debugging MosaicLoader, One Step at a Time}}, date = {2021-07-19}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/400/Bitdefender-PR-Whitepaper-MosaicLoader-creat5540-en-EN.pdf}, language = {English}, urldate = {2021-07-20} } Debugging MosaicLoader, One Step at a Time
AsyncRAT Glupteba
2021-07-14BitdefenderBitdefender
@online{bitdefender:20210714:how:3e51ccd, author = {Bitdefender}, title = {{How We Tracked a Threat Group Running an Active Cryptojacking Campaign}}, date = {2021-07-14}, organization = {Bitdefender}, url = {https://www.bitdefender.com/blog/labs/how-we-tracked-a-threat-group-running-an-active-cryptojacking-campaign}, language = {English}, urldate = {2021-07-20} } How We Tracked a Threat Group Running an Active Cryptojacking Campaign
2021-07-12BitdefenderRadu Tudorica, Bogdan Botezatu
@techreport{tudorica:20210712:fresh:d1d9d75, author = {Radu Tudorica and Bogdan Botezatu}, title = {{A Fresh Look at Trickbot’s Ever-Improving VNC Module}}, date = {2021-07-12}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/399/Bitdefender-PR-Whitepaper-Trickbot-creat5515-en-EN.pdf}, language = {English}, urldate = {2021-07-19} } A Fresh Look at Trickbot’s Ever-Improving VNC Module
TrickBot
2021-06-01BitdefenderAlin Mihai Barbatei, Oana Asoltanei, Silviu Stahie
@online{barbatei:20210601:threat:83b0dfc, author = {Alin Mihai Barbatei and Oana Asoltanei and Silviu Stahie}, title = {{Threat Actors Use Mockups of Popular Apps to Spread Teabot and Flubot Malware on Android}}, date = {2021-06-01}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2021/06/threat-actors-use-mockups-of-popular-apps-to-spread-teabot-and-flubot-malware-on-android/}, language = {English}, urldate = {2021-06-09} } Threat Actors Use Mockups of Popular Apps to Spread Teabot and Flubot Malware on Android
Anatsa FluBot
2021-05-18BitdefenderMihai Neagu, Bogdan Botezatu, George Mihali, Aron Radu, Ștefan Trifescu
@techreport{neagu:20210518:new:52eb07f, author = {Mihai Neagu and Bogdan Botezatu and George Mihali and Aron Radu and Ștefan Trifescu}, title = {{New WastedLoader Campaign Delivered Through RIG Exploit Kit}}, date = {2021-05-18}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/397/Bitdefender-PR-Whitepaper-RIG-creat5362-en-EN.pdf}, language = {English}, urldate = {2021-05-19} } New WastedLoader Campaign Delivered Through RIG Exploit Kit
WastedLoader WastedLocker
2021-04-28BitdefenderVictor Vrabie, Bogdan Botezatu
@techreport{vrabie:20210428:new:5e28909, author = {Victor Vrabie and Bogdan Botezatu}, title = {{New Nebulae Backdoor Linked with the NAIKON Group}}, date = {2021-04-28}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/396/Bitdefender-PR-Whitepaper-NAIKON-creat5397-en-EN.pdf}, language = {English}, urldate = {2021-05-04} } New Nebulae Backdoor Linked with the NAIKON Group
Nebulae
2021-04-13BitdefenderEduard Budaca, Bogdan Botezatu
@online{budaca:20210413:from:5df70c8, author = {Eduard Budaca and Bogdan Botezatu}, title = {{From Cracks to Empty Wallets – How Popular Cracks Lead to Digital Currency and Data Theft}}, date = {2021-04-13}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2021/04/from-cracks-to-empty-wallets-how-popular-cracks-lead-to-digital-currency-and-data-theft/}, language = {English}, urldate = {2021-05-04} } From Cracks to Empty Wallets – How Popular Cracks Lead to Digital Currency and Data Theft
2021-03-24BitdefenderSilvia Pripoae, Silviu Stahie
@online{pripoae:20210324:golang:3b5156a, author = {Silvia Pripoae and Silviu Stahie}, title = {{Golang Bot Starts Targeting WordPress Websites}}, date = {2021-03-24}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2021/03/golang-bot-starts-targeting-wordpress-websites/}, language = {English}, urldate = {2021-03-25} } Golang Bot Starts Targeting WordPress Websites