Click here to download all references as Bib-File.
2021-02-16 ⋅ Twitter (@craiu) ⋅ Twitter thread on Exaramel Linux backdoor used by Russian Group Sandworm Exaramel |
2021-01-11 ⋅ Kaspersky Labs ⋅ Sunburst backdoor – code overlaps with Kazuar Kazuar SUNBURST |
2020-12-18 ⋅ Kaspersky Labs ⋅ Sunburst: connecting the dots in the DNS requests SUNBURST |
2020-12-18 ⋅ Tweet from Costin Raiu about confirmed TEARDROP sample TEARDROP |
2020-10-02 ⋅ Twitter (@craiu) ⋅ Tweet about IAmTheKing / PowerPool actor naming PowerPool |
2020-06-09 ⋅ Kaspersky Labs ⋅ Looking at Big Threats Using Code Similarity. Part 1 Penquin Turla CCleaner Backdoor EternalPetya Regin WannaCryptor XTunnel |
2019-05-20 ⋅ Youtube (Kaspersky) ⋅ Operation ShadowHammer: Costin Raiu and Vitaly Kamlyuk at #TheSAS2019 DragonOK Poseidon Group Scarlet Mimic |
2019-05-20 ⋅ YouTube ⋅ Video: Operation ShadowHammer: Costin Raiu and Vitaly Kamlyuk at #TheSAS2019 shadowhammer |
2018-06-15 ⋅ Youtube (defconswitzerland) ⋅ Area41 Keynote Lambert Regin |
2018-03 ⋅ Kaspersky Labs ⋅ Penquin's Moonlit Maze Penquin Turla |
2017-09-19 ⋅ Twitter (@craiu) ⋅ Tweet on Shared Code between CCleaner and APT17 Missl backdoor CCleaner Backdoor |
2017-04-03 ⋅ Kaspersky Labs ⋅ Moonlight Maze Technical Report (Appendix B) Penquin Turla |
2016-06-17 ⋅ Kaspersky Labs ⋅ Operation Daybreak StarCruft APT37 |
2016-06-14 ⋅ Kaspersky Labs ⋅ CVE-2016-4171 – Adobe Flash Zero-day used in targeted attacks APT37 |
2015-04-15 ⋅ Kaspersky Labs ⋅ The Chronicles of the Hellsing APT: the Empire Strikes Back Hellsing |
2015-04-15 ⋅ Kaspersky Labs ⋅ The Chronicles of the Hellsing APT: the Empire Strikes Back GRILLMARK Naikon |
2015-03-31 ⋅ Kaspersky Labs ⋅ Sinkholing Volatile Cedar DGA Infrastructure Volatile Cedar |
2014-12-08 ⋅ Kaspersky Labs ⋅ The ‘Penquin’ Turla Turla Group |
2014-08-29 ⋅ Kaspersky Labs ⋅ Sinkholing the Backoff POS Trojan Backoff POS |
2014-01-14 ⋅ Kaspersky Labs ⋅ The Icefog APT Hits US Targets With Java Backdoor Ice Fog |