Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-28FlashpointFlashpoint
@online{flashpoint:20210928:revils:ffcbfac, author = {Flashpoint}, title = {{REvil’s “Cryptobackdoor” Con: Ransomware Group’s Tactics Roil Affiliates, Sparking a Fallout}}, date = {2021-09-28}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/revils-cryptobackdoor-con-ransomware-groups-tactics-roil-affiliates-sparking-a-fallout/}, language = {English}, urldate = {2021-10-13} } REvil’s “Cryptobackdoor” Con: Ransomware Group’s Tactics Roil Affiliates, Sparking a Fallout
REvil
2021-08-10FlashpointFlashpoint
@online{flashpoint:20210810:revil:8be7760, author = {Flashpoint}, title = {{REvil Master Key for Kaseya Attack Posted to XSS}}, date = {2021-08-10}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/possible-universal-revil-master-key-posted-to-xss/}, language = {English}, urldate = {2021-08-11} } REvil Master Key for Kaseya Attack Posted to XSS
REvil
2021-07-27FlashpointFlashpoint
@online{flashpoint:20210727:chatter:08a4080, author = {Flashpoint}, title = {{Chatter Indicates BlackMatter as REvil Successor}}, date = {2021-07-27}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/chatter-indicates-blackmatter-as-revil-successor/}, language = {English}, urldate = {2021-08-02} } Chatter Indicates BlackMatter as REvil Successor
REvil
2021-05-25Flashpoint, Chainalysis
@techreport{flashpoint:20210525:hydra:2088738, author = {Flashpoint and Chainalysis}, title = {{Hydra: Where The Crypto Money Laundering Trail Goes Dark}}, date = {2021-05-25}, institution = {}, url = {https://storage.pardot.com/272312/1621903351Nn9y2MzH/Flashpoint_Chainalysis_Hydra_Crypto_Cybercrime_Research.pdf}, language = {English}, urldate = {2021-05-26} } Hydra: Where The Crypto Money Laundering Trail Goes Dark
2021-05-11FlashpointFlashpoint
@online{flashpoint:20210511:darkside:32c4e89, author = {Flashpoint}, title = {{DarkSide Ransomware Links to REvil Group Difficult to Dismiss}}, date = {2021-05-11}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/darkside-ransomware-links-to-revil-difficult-to-dismiss/}, language = {English}, urldate = {2021-05-13} } DarkSide Ransomware Links to REvil Group Difficult to Dismiss
DarkSide REvil
2021-04-30FlashpointFlashpoint
@online{flashpoint:20210430:second:53c20b4, author = {Flashpoint}, title = {{A Second Iranian State-Sponsored Ransomware Operation “Project Signal” Emerges}}, date = {2021-04-30}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/second-iranian-ransomware-operation-project-signal-emerges/}, language = {English}, urldate = {2021-05-03} } A Second Iranian State-Sponsored Ransomware Operation “Project Signal” Emerges
2021-03-11FlashpointFlashpoint
@online{flashpoint:20210311:cl0p:666bd6f, author = {Flashpoint}, title = {{CL0P and REvil Escalate Their Ransomware Tactics}}, date = {2021-03-11}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/cl0p-and-revil-escalate-their-ransomware-tactics/}, language = {English}, urldate = {2021-03-12} } CL0P and REvil Escalate Their Ransomware Tactics
Clop REvil
2021-03-04FlashpointFlashpoint
@online{flashpoint:20210304:breaking:f6dfffc, author = {Flashpoint}, title = {{Breaking: Elite Cybercrime Forum “Maza” Breached by Unknown Attacker}}, date = {2021-03-04}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/breelite-cybercrime-forum-maza-breached-by-unknown-attacker/}, language = {English}, urldate = {2021-03-04} } Breaking: Elite Cybercrime Forum “Maza” Breached by Unknown Attacker
2021-02-23FlashpointFlashpoint
@online{flashpoint:20210223:new:4f8b993, author = {Flashpoint}, title = {{New Mysterious Operators Usurp Elite Russian Hacker Forum “Verified”}}, date = {2021-02-23}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/new-mysterious-operators-usurp-elite-russian-hacker-forum-verified/}, language = {English}, urldate = {2021-02-25} } New Mysterious Operators Usurp Elite Russian Hacker Forum “Verified”
2020-07FlashpointFlashpoint
@techreport{flashpoint:202007:zeppelin:8c54ff6, author = {Flashpoint}, title = {{Zeppelin Ransomware Analysis}}, date = {2020-07}, institution = {Flashpoint}, url = {https://storage.pardot.com/272312/124918/Flashpoint_Hunt_Team___Zeppelin_Ransomware_Analysis.pdf}, language = {English}, urldate = {2020-08-14} } Zeppelin Ransomware Analysis
2019-03-20FlashpointJoshua Platt, Jason Reaves
@online{platt:20190320:fin7:a7fe335, author = {Joshua Platt and Jason Reaves}, title = {{FIN7 Revisited: Inside Astra Panel and SQLRat Malware}}, date = {2019-03-20}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/fin7-revisited-inside-astra-panel-and-sqlrat-malware/}, language = {English}, urldate = {2020-01-10} } FIN7 Revisited: Inside Astra Panel and SQLRat Malware
SQLRat FIN7
2019-03-20FlashpointJoshua Platt, Jason Reaves
@online{platt:20190320:fin7:bac265f, author = {Joshua Platt and Jason Reaves}, title = {{FIN7 Revisited: Inside Astra Panel and SQLRat Malware}}, date = {2019-03-20}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/fin7-revisited:-inside-astra-panel-and-sqlrat-malware/}, language = {English}, urldate = {2019-12-18} } FIN7 Revisited: Inside Astra Panel and SQLRat Malware
DNSRat TinyMet
2019-03-13FlashpointJason Reaves, Joshua Platt
@online{reaves:20190313:dmsniff:47a2734, author = {Jason Reaves and Joshua Platt}, title = {{‘DMSniff’ POS Malware Actively Leveraged to Target Small-, Medium-Sized Businesses}}, date = {2019-03-13}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/dmsniff-pos-malware-actively-leveraged-target-medium-sized-businesses/}, language = {English}, urldate = {2019-12-18} } ‘DMSniff’ POS Malware Actively Leveraged to Target Small-, Medium-Sized Businesses
DMSniff
2019-01-15FlashpointVitali Kremez
@online{kremez:20190115:disclosure:0e74c4e, author = {Vitali Kremez}, title = {{Disclosure of Chilean Redbanc Intrusion Leads to Lazarus Ties}}, date = {2019-01-15}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/disclosure-chilean-redbanc-intrusion-lazarus-ties/}, language = {English}, urldate = {2019-08-08} } Disclosure of Chilean Redbanc Intrusion Leads to Lazarus Ties
PowerRatankba
2018-09-12FlashpointPaul Burbage, Mike Mimoso
@online{burbage:20180912:malware:5b7d58a, author = {Paul Burbage and Mike Mimoso}, title = {{Malware Campaign Targeting Jaxx Cryptocurrency Wallet Users Shut Down}}, date = {2018-09-12}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/malware-campaign-targets-jaxx-cryptocurrency-wallet-users/}, language = {English}, urldate = {2020-01-08} } Malware Campaign Targeting Jaxx Cryptocurrency Wallet Users Shut Down
KPOT Stealer
2018-05-10FlashpointFlashpoint
@online{flashpoint:20180510:treasurehunter:d6e33c1, author = {Flashpoint}, title = {{TreasureHunter Point-of-Sale Malware and Builder Source Code Leaked}}, date = {2018-05-10}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/treasurehunter-source-code-leaked/}, language = {English}, urldate = {2020-01-08} } TreasureHunter Point-of-Sale Malware and Builder Source Code Leaked
TreasureHunter
2018-04-16FlashpointPaul Burbage, Mike Mimoso
@online{burbage:20180416:rat:3c30776, author = {Paul Burbage and Mike Mimoso}, title = {{RAT Gone Rogue: Meet ARS VBS Loader}}, date = {2018-04-16}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/meet-ars-vbs-loader/}, language = {English}, urldate = {2019-12-17} } RAT Gone Rogue: Meet ARS VBS Loader
ARS VBS Loader
2017-11-22FlashpointVitali Kremez
@online{kremez:20171122:trickbot:faea11e, author = {Vitali Kremez}, title = {{Trickbot Gang Evolves, Incorporates Account Checking Into Hybrid Attack Model}}, date = {2017-11-22}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/trickbot-account-checking-hybrid-attack-model/}, language = {English}, urldate = {2019-12-10} } Trickbot Gang Evolves, Incorporates Account Checking Into Hybrid Attack Model
TrickBot
2017-08-25FlashpointFlashpoint
@online{flashpoint:20170825:wirex:2f29c36, author = {Flashpoint}, title = {{The WireX Botnet: How Industry Collaboration Disrupted a DDoS Attack}}, date = {2017-08-25}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/wirex-botnet-industry-collaboration/}, language = {English}, urldate = {2020-01-08} } The WireX Botnet: How Industry Collaboration Disrupted a DDoS Attack
WireX
2017-07-27FlashpointFlashpoint
@online{flashpoint:20170727:new:bb5c883, author = {Flashpoint}, title = {{New Version of “Trickbot” Adds Worm Propagation Module}}, date = {2017-07-27}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/new-version-trickbot-adds-worm-propagation-module/}, language = {English}, urldate = {2020-01-13} } New Version of “Trickbot” Adds Worm Propagation Module
TrickBot