Malpedia Library

Click here to download all references as Bib-File.•

2025-05-28 ⋅ Darktrace ⋅ Tara Gould
PumaBot: Novel Botnet Targeting IoT Surveillance Devices
PumaBot

2024-07-26 ⋅ Darktrace ⋅ DarkTrace
Disarming the WarmCookie Backdoor: Darktrace’s Oven-Ready Solution
WarmCookie

2024-04-02 ⋅ Darktrace ⋅ Alexandra Sentenac, Trent Kessler, Victoria Baldie
The Early Bird Catches the Worm: Darktrace’s Hunt for Raspberry Robin
Raspberry Robin

2023-09-06 ⋅ Darktrace ⋅ DarkTrace
The Rise of the Lumma Info-Stealer
Lumma Stealer

2023-01-31 ⋅ Darktrace ⋅ Roberto Martinez
Vidar Info-Stealer Malware Distributed via Malvertising on Google
Vidar

2022-11-07 ⋅ Darktrace ⋅ Dillon Ashmore, Taisiia Garkava
Inside the Yanluowang Leak: Organization, Members, and Tactics
Yanluowang

2022-08-25 ⋅ Darktrace ⋅ Emma Foulger, Max Heinemeyer
Detecting the Unknown: Revealing Uncategorized Ransomware Using Darktrace
BlackByte

2022-08-23 ⋅ Darktrace ⋅ Eugene Chua, Hanah Darley, Paul Jennings
Emotet Resurgence: Cross-Industry Campaign Analysis
Emotet

2022-07-27 ⋅ Darktrace ⋅ Sam Lister, Shuh Chin Goh
PrivateLoader: Network-Based Indicators of Compromise
PrivateLoader SmokeLoader

2022-05-26 ⋅ Darktrace ⋅ DarkTrace
Worm-like propagation of Sysrv-hello crypto-jacking botnet: Network traffic analysis and latest TTPs
Sysrv-hello Sysrv-hello

2022-02-14 ⋅ Darktrace ⋅ Oakley Cox
Staying ahead of REvil’s Ransomware-as-a-Service business model
REvil REvil

2021-12-08 ⋅ Darktrace ⋅ Justin Fier
The double extortion business: Conti Ransomware Gang finds new avenues of negotiation
Conti

2021-07-20 ⋅ Darktrace ⋅ Max Heinemeyer
Data exfiltration in Latin America

2021-06-22 ⋅ Darktrace ⋅ Oakley Cox
Crypto-mining on a DNS server

2021-05-10 ⋅ DarkTracer ⋅ DarkTracer
Intelligence Report on Ransomware Gangs on the DarkWeb: List of victim organizations attacked by ransomware gangs released on the DarkWeb
RansomEXX Avaddon Babuk Clop Conti Cuba DarkSide DoppelPaymer Egregor Hades LockBit Mailto Maze MedusaLocker Mespinoza Mount Locker Nefilim Nemty Pay2Key PwndLocker RagnarLocker Ragnarok RansomEXX REvil Sekhmet SunCrypt ThunderX

2021-04-23 ⋅ Darktrace ⋅ Max Heinemeyer
APT35 ‘Charming Kitten' discovered in a pre-infected environment

2020-07-23 ⋅ Darktrace ⋅ Max Heinemeyer
The resurgence of the Ursnif banking trojan
ISFB Snifula

2020-04-02 ⋅ Darktrace ⋅ Max Heinemeyer
Catching APT41 exploiting a zero-day vulnerability
Cobalt Strike