Click here to download all references as Bib-File.•
| 2025-01-23
⋅
Lumen
⋅
The J-Magic Show: Magic Packets and Where to find them J-Magic SEASPY |
| 2024-12-04
⋅
Lumen
⋅
Snowblind: The Invisible Hand of Secret Blizzard Crimson RAT TwoDash |
| 2024-11-19
⋅
Lumen
⋅
One Sock Fits All: The Use And Abuse Of The NSOCKS Botnet Ngioweb Ngioweb |
| 2024-09-18
⋅
Lumen
⋅
Derailing the Raptor Train Nosedive |
| 2024-09-18
⋅
Lumen
⋅
Derailing The Raptor Train Nosedive |
| 2024-08-27
⋅
Lumen
⋅
Taking the Crossroads: The Versa Director Zero-Day Exploitation VersaMem |
| 2024-05-30
⋅
Lumen
⋅
The Pumpkin Eclipse Chalubo |
| 2024-05-30
⋅
Centurylink
⋅
The Pumpkin Eclipse Chalubo |
| 2024-02-07
⋅
Lumen
⋅
KV-Botnet: Don’t call it a Comeback KV |
| 2023-12-13
⋅
Lumen
⋅
Routers Roasting on an Open Firewall: the KV-botnet Investigation KV |
| 2023-11-14
⋅
Lumen
⋅
Taking The Elevator Down To Ring 0 Elevator |
| 2023-08-17
⋅
Lumen
⋅
No Rest For The Wicked: HiatusRAT Takes Little Time Off In A Return To Action HiatusRAT |
| 2023-07-27
⋅
X (@BlackLotusLabs)
⋅
Tweet on update on AVrecon bot's migration to new infrastructure AVrecon |
| 2023-07-12
⋅
Lumen
⋅
Routers From The Underground: Exposing AVrecon AVrecon |
| 2023-06-01
⋅
Lumen
⋅
Qakbot: Retool, Reinfect, Recycle QakBot |
| 2023-03-06
⋅
Lumen
⋅
New HiatusRAT Router Malware Covertly Spies On Victims HiatusRAT |
| 2022-09-28
⋅
Lumen
⋅
Chaos Is A Go-Based Swiss Army Knife Of Malware Chaos Kaiji |
| 2022-09-27
⋅
Github (blacklotuslabs)
⋅
Chaos Is A Go-Based Swiss Army Knife Of Malware (IOCs) |
| 2022-06-28
⋅
Lumen
⋅
ZuoRAT Hijacks SOHO Routers To Silently Stalk Networks ZuoRAT Cobalt Strike |
| 2022-03-08
⋅
Lumen
⋅
What Global Network Visibility Reveals about the Resurgence of One of the World’s Most Notorious Botnets Emotet |
| 2021-09-16
⋅
Lumen
⋅
No Longer Just Theory: Black Lotus Labs Uncovers Linux Executables Deployed as Stealth Windows Loaders PrivetSanya Meterpreter |
| 2021-08-11
⋅
Lumen
⋅
ReverseRat Reemerges With A (Night)Fury New Campaign And New Developments, Same Familiar Side-Actor ReverseRAT |
| 2021-06-22
⋅
Lumen
⋅
Suspected Pakistani Actor Compromises Indian Power Company with New ReverseRat ReverseRAT |
| 2020-11-20
⋅
DomainTools
⋅
Current Events to Widespread Campaigns: Pivoting from Samples to Identify Activity |
| 2020-10-12
⋅
Lumen
⋅
A Look Inside The TrickBot Botnet TrickBot |
| 2020-07-01
⋅
Centurylink
⋅
Alina Point of Sale Malware Still Lurking in DNS Alina POS |
| 2020-04-13
⋅
Centurylink
⋅
New Mozi Malware Family Quietly Amasses IoT Bots Mozi |
| 2019-01-31
⋅
Lumen
⋅
A New Phase Of TheMoon TheMoon |
| 2018-11-15
⋅
Centurylink
⋅
Mylobot Continues Global Infections MyloBot |