Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-06-16BitdefenderAndrei Lapusneanu, Bogdan Botezatu
@online{lapusneanu:20230616:fragments:68dc640, author = {Andrei Lapusneanu and Bogdan Botezatu}, title = {{Fragments of Cross-Platform Backdoor Hint at Larger Mac OS Attack}}, date = {2023-06-16}, organization = {Bitdefender}, url = {https://www.bitdefender.com/blog/labs/fragments-of-cross-platform-backdoor-hint-at-larger-mac-os-attack/}, language = {English}, urldate = {2023-06-27} } Fragments of Cross-Platform Backdoor Hint at Larger Mac OS Attack
2021-08-25BitdefenderBogdan Botezatu, Victor Vrabie, Cristina Vatamanu, Eduard Budaca
@techreport{botezatu:20210825:fin8:44ba5b3, author = {Bogdan Botezatu and Victor Vrabie and Cristina Vatamanu and Eduard Budaca}, title = {{FIN8 Threat Actor Goes Agile with New Sardonic Backdoor}}, date = {2021-08-25}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/401/Bitdefender-PR-Whitepaper-FIN8-creat5619-en-EN.pdf}, language = {English}, urldate = {2021-09-02} } FIN8 Threat Actor Goes Agile with New Sardonic Backdoor
2021-07-21BitdefenderBogdan Botezatu, Victor Vrabie
@online{botezatu:20210721:luminousmoth:7ed907d, author = {Bogdan Botezatu and Victor Vrabie}, title = {{LuminousMoth – PlugX, File Exfiltration and Persistence Revisited}}, date = {2021-07-21}, organization = {Bitdefender}, url = {https://www.bitdefender.com/blog/labs/luminousmoth-plugx-file-exfiltration-and-persistence-revisited}, language = {English}, urldate = {2021-07-26} } LuminousMoth – PlugX, File Exfiltration and Persistence Revisited
PlugX
2021-07-12BitdefenderRadu Tudorica, Bogdan Botezatu
@techreport{tudorica:20210712:fresh:d1d9d75, author = {Radu Tudorica and Bogdan Botezatu}, title = {{A Fresh Look at Trickbot’s Ever-Improving VNC Module}}, date = {2021-07-12}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/399/Bitdefender-PR-Whitepaper-Trickbot-creat5515-en-EN.pdf}, language = {English}, urldate = {2021-07-19} } A Fresh Look at Trickbot’s Ever-Improving VNC Module
TrickBot
2021-05-18BitdefenderMihai Neagu, Bogdan Botezatu, George Mihali, Aron Radu, Ștefan Trifescu
@techreport{neagu:20210518:new:52eb07f, author = {Mihai Neagu and Bogdan Botezatu and George Mihali and Aron Radu and Ștefan Trifescu}, title = {{New WastedLoader Campaign Delivered Through RIG Exploit Kit}}, date = {2021-05-18}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/397/Bitdefender-PR-Whitepaper-RIG-creat5362-en-EN.pdf}, language = {English}, urldate = {2021-05-19} } New WastedLoader Campaign Delivered Through RIG Exploit Kit
WastedLoader WastedLocker
2021-04-28BitdefenderVictor Vrabie, Bogdan Botezatu
@techreport{vrabie:20210428:new:5e28909, author = {Victor Vrabie and Bogdan Botezatu}, title = {{New Nebulae Backdoor Linked with the NAIKON Group}}, date = {2021-04-28}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/396/Bitdefender-PR-Whitepaper-NAIKON-creat5397-en-EN.pdf}, language = {English}, urldate = {2021-05-04} } New Nebulae Backdoor Linked with the NAIKON Group
Nebulae
2021-04-13BitdefenderEduard Budaca, Bogdan Botezatu
@online{budaca:20210413:from:5df70c8, author = {Eduard Budaca and Bogdan Botezatu}, title = {{From Cracks to Empty Wallets – How Popular Cracks Lead to Digital Currency and Data Theft}}, date = {2021-04-13}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2021/04/from-cracks-to-empty-wallets-how-popular-cracks-lead-to-digital-currency-and-data-theft/}, language = {English}, urldate = {2021-05-04} } From Cracks to Empty Wallets – How Popular Cracks Lead to Digital Currency and Data Theft
2021-03-10BitdefenderVictor Vrabie, Bogdan Botezatu
@techreport{vrabie:20210310:fin8:5da0a40, author = {Victor Vrabie and Bogdan Botezatu}, title = {{FIN8 Returns with Improved BADHATCH Toolkit}}, date = {2021-03-10}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/394/Bitdefender-PR-Whitepaper-BADHATCH-creat5237-en-EN.pdf}, language = {English}, urldate = {2021-03-11} } FIN8 Returns with Improved BADHATCH Toolkit
BADHATCH
2021-02-04BitdefenderBogdan Botezatu
@online{botezatu:20210204:fonix:9d53bd8, author = {Bogdan Botezatu}, title = {{Fonix Ransomware Decryptor}}, date = {2021-02-04}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2021/02/fonix-ransomware-decryptor/}, language = {English}, urldate = {2021-05-04} } Fonix Ransomware Decryptor
FONIX
2020-10-08BitdefenderJanos Gergo Szeles, Bogdan Botezatu
@techreport{szeles:20201008:dissecting:baf1b65, author = {Janos Gergo Szeles and Bogdan Botezatu}, title = {{Dissecting LemonDuck Crypto-Miner, a KingMiner Successor}}, date = {2020-10-08}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/373/Bitdefender-PR-Whitepaper-LemonDuck-creat4826-en-EN-GenericUse.pdf}, language = {English}, urldate = {2022-02-16} } Dissecting LemonDuck Crypto-Miner, a KingMiner Successor
Lemon Duck
2020-09-24BitdefenderAlexandra Bocereg, Oana Asoltanei, Ioan-Septimiu Dinulica, Bogdan Botezatu
@online{bocereg:20200924:apps:88b3497, author = {Alexandra Bocereg and Oana Asoltanei and Ioan-Septimiu Dinulica and Bogdan Botezatu}, title = {{Apps on Google Play Tainted with Cerberus Banker Malware}}, date = {2020-09-24}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2020/09/apps-on-google-play-tainted-with-cerberus-banker-malware/}, language = {English}, urldate = {2020-10-13} } Apps on Google Play Tainted with Cerberus Banker Malware
Cerberus
2020-07-08BitdefenderJanos Gergo Szeles, Bogdan Botezatu
@techreport{szeles:20200708:kingminer:f864cae, author = {Janos Gergo Szeles and Bogdan Botezatu}, title = {{Kingminer –a Crypto-Jacking Botnet Under the Scope}}, date = {2020-07-08}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/354/Bitdefender-PR-Whitepaper-KingMiner-creat4610-en-EN-GenericUse.pdf}, language = {English}, urldate = {2022-02-16} } Kingminer –a Crypto-Jacking Botnet Under the Scope
Kingminer
2019-06-25BitdefenderBogdan Botezatu, Andrei Ardelean, Cristofor Ochinca, Cristian Alexandru, Istrate, Claudiu Stefan Coblis
@techreport{botezatu:20190625:scranos:13c5096, author = {Bogdan Botezatu and Andrei Ardelean and Cristofor Ochinca and Cristian Alexandru and Istrate and Claudiu Stefan Coblis}, title = {{Scranos Revisited – Rethinking persistence to keep established network alive}}, date = {2019-06-25}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/271/Bitdefender-Whitepaper-Scranos-2.pdf}, language = {English}, urldate = {2020-01-08} } Scranos Revisited – Rethinking persistence to keep established network alive
Scranos Yoddos
2019-06-17BitdefenderBogdan Botezatu
@online{botezatu:20190617:good:c24ed06, author = {Bogdan Botezatu}, title = {{Good riddance, GandCrab! We’re still fixing the mess you left behind}}, date = {2019-06-17}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2019/06/good-riddance-gandcrab-were-still-fixing-the-mess-you-left-behind}, language = {English}, urldate = {2020-01-10} } Good riddance, GandCrab! We’re still fixing the mess you left behind
Gandcrab
2019-04-16BitdefenderBogdan Botezatu, Cristofor Ochinca, Andrei Ardelean
@online{botezatu:20190416:inside:8302b5d, author = {Bogdan Botezatu and Cristofor Ochinca and Andrei Ardelean}, title = {{Inside Scranos – A Cross Platform, Rootkit-Enabled Spyware Operation}}, date = {2019-04-16}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2019/04/inside-scranos-a-cross-platform-rootkit-enabled-spyware-operation/}, language = {English}, urldate = {2019-12-18} } Inside Scranos – A Cross Platform, Rootkit-Enabled Spyware Operation
Scranos
2019-02-19BitdefenderBogdan Botezatu
@online{botezatu:20190219:new:21079a9, author = {Bogdan Botezatu}, title = {{New GandCrab v5.1 Decryptor Available Now}}, date = {2019-02-19}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2019/02/new-gandcrab-v5-1-decryptor-available-now/}, language = {English}, urldate = {2019-10-15} } New GandCrab v5.1 Decryptor Available Now
Gandcrab
2018-10-25BitdefenderBogdan Botezatu
@online{botezatu:20181025:gandcrab:4e85fe9, author = {Bogdan Botezatu}, title = {{GandCrab Ransomware decryption tool}}, date = {2018-10-25}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2018/02/gandcrab-ransomware-decryption-tool-available-for-free/}, language = {English}, urldate = {2020-01-10} } GandCrab Ransomware decryption tool
Gandcrab
2018-05-07BitdefenderBogdan Botezatu
@online{botezatu:20180507:hide:0fd8d9a, author = {Bogdan Botezatu}, title = {{Hide and Seek IoT Botnet resurfaces with new tricks, persistence}}, date = {2018-05-07}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2018/05/hide-and-seek-iot-botnet-resurfaces-with-new-tricks-persistence/}, language = {English}, urldate = {2020-01-06} } Hide and Seek IoT Botnet resurfaces with new tricks, persistence
Hide and Seek
2018-04-13BitdefenderBogdan Botezatu, Eduard Budaca
@online{botezatu:20180413:radrat:e2bc7ad, author = {Bogdan Botezatu and Eduard Budaca}, title = {{RadRAT: An all-in-one toolkit for complex espionage ops}}, date = {2018-04-13}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2018/04/radrat-an-all-in-one-toolkit-for-complex-espionage-ops/}, language = {English}, urldate = {2020-01-09} } RadRAT: An all-in-one toolkit for complex espionage ops
RadRAT
2018-02-01BitdefenderIvona Alexandra Chili, Bogdan Botezatu
@online{chili:20180201:operation:305d726, author = {Ivona Alexandra Chili and Bogdan Botezatu}, title = {{Operation PZChao: a possible return of the Iron Tiger APT}}, date = {2018-02-01}, organization = {Bitdefender}, url = {https://labs.bitdefender.com/2018/02/operation-pzchao-a-possible-return-of-the-iron-tiger-apt/}, language = {English}, urldate = {2020-01-05} } Operation PZChao: a possible return of the Iron Tiger APT
APT27