Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-01Group-IBNikita Rostovcev, Alexander Badaev
@online{rostovcev:20220601:sidewinderantibotscript:62cb932, author = {Nikita Rostovcev and Alexander Badaev}, title = {{SideWinder.AntiBot.Script Analysis of SideWinder's new infrastructure and tool that narrows their reach to Pakistan}}, date = {2022-06-01}, organization = {Group-IB}, url = {https://blog.group-ib.com/sidewinder-antibot}, language = {English}, urldate = {2022-06-02} } SideWinder.AntiBot.Script Analysis of SideWinder's new infrastructure and tool that narrows their reach to Pakistan
2022-04-14Group-IBIvan Pisarev
@online{pisarev:20220414:old:8265433, author = {Ivan Pisarev}, title = {{Old Gremlins, new methods}}, date = {2022-04-14}, organization = {Group-IB}, url = {https://blog.group-ib.com/oldgremlin_comeback}, language = {English}, urldate = {2022-04-15} } Old Gremlins, new methods
2022-04-08Group-IBYaroslav Kargalev, Daniil Glukhov
@online{kargalev:20220408:scammers:3db4e65, author = {Yaroslav Kargalev and Daniil Glukhov}, title = {{Scammers make off with $1.6 million in crypto Fake giveaways hit bitcoiners again. Now on YouTube}}, date = {2022-04-08}, organization = {Group-IB}, url = {https://blog.group-ib.com/fake-crypto-giveaway}, language = {English}, urldate = {2022-05-05} } Scammers make off with $1.6 million in crypto Fake giveaways hit bitcoiners again. Now on YouTube
2022-03-28Group-IBIlia Rozhnov
@online{rozhnov:20220328:groupib:53f3790, author = {Ilia Rozhnov}, title = {{Group-IB unveils three groups of fraudsters behind delivery scams in Singapore}}, date = {2022-03-28}, organization = {Group-IB}, url = {https://blog.group-ib.com/fake-delivery-scams-singapore}, language = {English}, urldate = {2022-05-05} } Group-IB unveils three groups of fraudsters behind delivery scams in Singapore
2022-02-02lodestoneJason Daza, Manoj Khatiwada, Paul Brunney, Michael Wirtz, Group-IB
@online{daza:20220202:white:5b71f59, author = {Jason Daza and Manoj Khatiwada and Paul Brunney and Michael Wirtz and Group-IB}, title = {{White Rabbit Continued: Sardonic and F5}}, date = {2022-02-02}, organization = {lodestone}, url = {https://lodestone.com/insight/white-rabbit-continued-sardonic-and-f5/}, language = {English}, urldate = {2022-02-04} } White Rabbit Continued: Sardonic and F5
2022-01-28Group-IBVesta Matveeva, Iaroslav Polianskii
@online{matveeva:20220128:shedding:7c736f5, author = {Vesta Matveeva and Iaroslav Polianskii}, title = {{Shedding light on the dark web}}, date = {2022-01-28}, organization = {Group-IB}, url = {https://blog.group-ib.com/ml-in-investigations}, language = {English}, urldate = {2022-02-04} } Shedding light on the dark web
2021-12-21Group-IBYakov Kravtsov, Yvgeny Egorov
@online{kravtsov:20211221:readymade:14395a0, author = {Yakov Kravtsov and Yvgeny Egorov}, title = {{Ready-made fraud Behind the scenes of targeted scams}}, date = {2021-12-21}, organization = {Group-IB}, url = {https://blog.group-ib.com/target}, language = {English}, urldate = {2022-01-24} } Ready-made fraud Behind the scenes of targeted scams
2021-12-09Group-IBDmitry Shestakov, Andrey Zhdanov
@online{shestakov:20211209:inside:2dc8bd6, author = {Dmitry Shestakov and Andrey Zhdanov}, title = {{Inside the Hive: Deep dive into Hive RaaS, analysis of latest samples}}, date = {2021-12-09}, organization = {Group-IB}, url = {https://blog.group-ib.com/hive}, language = {English}, urldate = {2022-01-24} } Inside the Hive: Deep dive into Hive RaaS, analysis of latest samples
Hive Hive
2021-11-18Group-IBIvan Pisarev
@online{pisarev:20211118:awakening:5bb7c5e, author = {Ivan Pisarev}, title = {{The awakening: Group-IB uncovers new corporate espionage attacks by RedCurl}}, date = {2021-11-18}, organization = {Group-IB}, url = {https://www.group-ib.com/media/red-curl-threat-report/}, language = {English}, urldate = {2021-11-19} } The awakening: Group-IB uncovers new corporate espionage attacks by RedCurl
2021-11-17Group-IBGroup-IB
@online{groupib:20211117:redcurl:eee79f0, author = {Group-IB}, title = {{RedCurl: The awakening}}, date = {2021-11-17}, organization = {Group-IB}, url = {https://explore.group-ib.com/redcurl-english-reports/report-redcurl2-eng}, language = {English}, urldate = {2021-11-19} } RedCurl: The awakening
2021-11-03Group-IBAndrey Zhdanov
@online{zhdanov:20211103:darker:fb1a211, author = {Andrey Zhdanov}, title = {{The Darker Things BlackMatter and their victims}}, date = {2021-11-03}, organization = {Group-IB}, url = {https://blog.group-ib.com/blackmatter2}, language = {English}, urldate = {2022-01-25} } The Darker Things BlackMatter and their victims
BlackMatter DarkSide BlackMatter DarkSide
2021-10-28Group-IBRuslan Chebesov, Sergey Kokurin
@online{chebesov:20211028:cannibal:883dcbe, author = {Ruslan Chebesov and Sergey Kokurin}, title = {{Cannibal Carders}}, date = {2021-10-28}, organization = {Group-IB}, url = {https://blog.group-ib.com/cannibal-carders}, language = {English}, urldate = {2021-11-03} } Cannibal Carders
2021-09-17Group-IBYakov Kravtsov, Evgeny Egorov
@online{kravtsov:20210917:scamdemic:c4c950c, author = {Yakov Kravtsov and Evgeny Egorov}, title = {{Scamdemic outbreak Scammers attack users in Middle Eastern countries}}, date = {2021-09-17}, organization = {Group-IB}, url = {https://blog.group-ib.com/middle-east-scam}, language = {English}, urldate = {2021-11-02} } Scamdemic outbreak Scammers attack users in Middle Eastern countries
2021-09-16Group-IBReza Rafati, Ivan Lebedev
@online{rafati:20210916:runlir:c2e4204, author = {Reza Rafati and Ivan Lebedev}, title = {{RUNLIR - phishing campaign targeting Netherlands}}, date = {2021-09-16}, organization = {Group-IB}, url = {https://blog.group-ib.com/runlir}, language = {English}, urldate = {2021-11-02} } RUNLIR - phishing campaign targeting Netherlands
2021-08-06Group-IBAndrey Zhdanov
@online{zhdanov:20210806:its:e5b4483, author = {Andrey Zhdanov}, title = {{It's alive! The story behind the BlackMatter ransomware strain}}, date = {2021-08-06}, organization = {Group-IB}, url = {https://blog.group-ib.com/blackmatter#}, language = {English}, urldate = {2021-08-09} } It's alive! The story behind the BlackMatter ransomware strain
BlackMatter DarkSide BlackMatter DarkSide
2021-08-06Group-IBSergey Kokurin
@online{kokurin:20210806:bold:ef8beba, author = {Sergey Kokurin}, title = {{Bold ad campaign}}, date = {2021-08-06}, organization = {Group-IB}, url = {https://blog.group-ib.com/awc}, language = {English}, urldate = {2021-11-02} } Bold ad campaign
2021-08-05Group-IBViktor Okorokov, Nikita Rostovcev
@online{okorokov:20210805:prometheus:38ab6a6, author = {Viktor Okorokov and Nikita Rostovcev}, title = {{Prometheus TDS The key to success for Campo Loader, Hancitor, IcedID, and QBot}}, date = {2021-08-05}, organization = {Group-IB}, url = {https://blog.group-ib.com/prometheus-tds}, language = {English}, urldate = {2021-08-06} } Prometheus TDS The key to success for Campo Loader, Hancitor, IcedID, and QBot
Prometheus Backdoor Buer campoloader Hancitor IcedID QakBot
2021-08-03Group-IBAnastasia Tikhonova, Dmitry Kupin
@online{tikhonova:20210803:art:d715071, author = {Anastasia Tikhonova and Dmitry Kupin}, title = {{The Art of Cyberwarfare Chinese APTs attack Russia}}, date = {2021-08-03}, organization = {Group-IB}, url = {https://blog.group-ib.com/task}, language = {English}, urldate = {2021-08-06} } The Art of Cyberwarfare Chinese APTs attack Russia
Albaniiutas Mail-O SManager
2021-07-22Group-IBRoberto Martinez, Anton Ushakov
@online{martinez:20210722:fraud:9f095b0, author = {Roberto Martinez and Anton Ushakov}, title = {{The Fraud Family Fraud-as-a-Service operation targeting Dutch residents}}, date = {2021-07-22}, organization = {Group-IB}, url = {https://blog.group-ib.com/fraud_family_nl/}, language = {English}, urldate = {2021-07-22} } The Fraud Family Fraud-as-a-Service operation targeting Dutch residents
2021-07-06Group-IBStephen Kavanagh, Dmitry Volkov
@online{kavanagh:20210706:operation:315c918, author = {Stephen Kavanagh and Dmitry Volkov}, title = {{Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide}}, date = {2021-07-06}, organization = {Group-IB}, url = {https://www.group-ib.com/media/gib-interpol-lyrebird/}, language = {English}, urldate = {2021-07-11} } Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide