Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-01-11Group-IBGroup-IB
@online{groupib:20230111:dark:70a89b8, author = {Group-IB}, title = {{Dark Pink: New APT group targets governmental, military organizations in APAC, Europe}}, date = {2023-01-11}, organization = {Group-IB}, url = {https://www.group-ib.com/media-center/press-releases/dark-pink-apt/}, language = {English}, urldate = {2023-03-24} } Dark Pink: New APT group targets governmental, military organizations in APAC, Europe
DarkPink
2023-01-11Group-IBAndrey Polovinkin
@online{polovinkin:20230111:dark:abb723d, author = {Andrey Polovinkin}, title = {{Dark Pink - New APT hitting Asia-Pacific, Europe that goes deeper and darker}}, date = {2023-01-11}, organization = {Group-IB}, url = {https://blog.group-ib.com/dark-pink-apt}, language = {English}, urldate = {2023-01-12} } Dark Pink - New APT hitting Asia-Pacific, Europe that goes deeper and darker
2022-12-21Group-IBArtem Grischenko
@online{grischenko:20221221:godfather:fbc2595, author = {Artem Grischenko}, title = {{Godfather: A banking Trojan that is impossible to refuse}}, date = {2022-12-21}, organization = {Group-IB}, url = {https://blog.group-ib.com/godfather-trojan}, language = {English}, urldate = {2022-12-24} } Godfather: A banking Trojan that is impossible to refuse
Godfather
2022-11-03Group-IBGroup-IB
@online{groupib:20221103:opera1er:19d5499, author = {Group-IB}, title = {{OPERA1ER: Playing god without permission}}, date = {2022-11-03}, organization = {Group-IB}, url = {https://explore.group-ib.com/opera1er-eng/report-opera1er-eng}, language = {English}, urldate = {2022-11-06} } OPERA1ER: Playing god without permission
2022-11-03Group-IBRustam Mirkasymov
@online{mirkasymov:20221103:financially:cd6ff5b, author = {Rustam Mirkasymov}, title = {{Financially motivated, dangerously activated: OPERA1ER APT in Africa}}, date = {2022-11-03}, organization = {Group-IB}, url = {https://blog.group-ib.com/opera1er-apt}, language = {English}, urldate = {2023-01-19} } Financially motivated, dangerously activated: OPERA1ER APT in Africa
Cobalt Strike Common Raven
2022-09-16Group-IBTwitter (@GroupIB_GIB)
@online{groupibgib:20220916:uber:255f13d, author = {Twitter (@GroupIB_GIB)}, title = {{Tweet on Uber Employees potentially infected with Raccoon and Vidar stealer}}, date = {2022-09-16}, organization = {Group-IB}, url = {https://twitter.com/GroupIB_GIB/status/1570821174736850945}, language = {English}, urldate = {2022-09-19} } Tweet on Uber Employees potentially infected with Raccoon and Vidar stealer
Raccoon Vidar
2022-08-25Group-IBRoberto Martinez, Rustam Mirkasymov
@online{martinez:20220825:roasting:adb6ea2, author = {Roberto Martinez and Rustam Mirkasymov}, title = {{Roasting 0ktapus: The phishing campaign going after Okta identity credentials}}, date = {2022-08-25}, organization = {Group-IB}, url = {https://blog.group-ib.com/0ktapus}, language = {English}, urldate = {2022-08-30} } Roasting 0ktapus: The phishing campaign going after Okta identity credentials
2022-08-18Group-IBNikita Rostovtsev
@online{rostovtsev:20220818:apt41:57ffddb, author = {Nikita Rostovtsev}, title = {{APT41 World Tour 2021 on a tight schedule}}, date = {2022-08-18}, organization = {Group-IB}, url = {https://blog.group-ib.com/apt41-world-tour-2021}, language = {English}, urldate = {2022-08-18} } APT41 World Tour 2021 on a tight schedule
Cobalt Strike
2022-08-17Group-IBVictor Okorokov
@online{okorokov:20220817:switching:1ffd85f, author = {Victor Okorokov}, title = {{Switching side jobs Links between ATMZOW JS-sniffer and Hancitor}}, date = {2022-08-17}, organization = {Group-IB}, url = {https://blog.group-ib.com/switching-side-jobs}, language = {English}, urldate = {2022-08-22} } Switching side jobs Links between ATMZOW JS-sniffer and Hancitor
Hancitor
2022-08-11Group-IBGroup-IB
@online{groupib:20220811:challenge:114c383, author = {Group-IB}, title = {{Challenge accepted Detecting MaliBot, a fresh Android banking trojan, with a Fraud Protection solution}}, date = {2022-08-11}, organization = {Group-IB}, url = {https://blog.group-ib.com/malibot}, language = {English}, urldate = {2022-08-17} } Challenge accepted Detecting MaliBot, a fresh Android banking trojan, with a Fraud Protection solution
2022-07-29Group-IBReza Rafati, Yaroslav Kargalev
@online{rafati:20220729:fake:c31ccc4, author = {Reza Rafati and Yaroslav Kargalev}, title = {{Fake investment scams in Europe How we almost got rich}}, date = {2022-07-29}, organization = {Group-IB}, url = {https://blog.group-ib.com/investment-scams-europe}, language = {English}, urldate = {2022-08-17} } Fake investment scams in Europe How we almost got rich
2022-06-29Group-IBAndrey Zhdanov, Oleg Skulkin
@online{zhdanov:20220629:fat:7056ba6, author = {Andrey Zhdanov and Oleg Skulkin}, title = {{Fat Cats - An analysis of the BlackCat ransomware affiliate program}}, date = {2022-06-29}, organization = {Group-IB}, url = {https://blog.group-ib.com/blackcat}, language = {English}, urldate = {2022-08-17} } Fat Cats - An analysis of the BlackCat ransomware affiliate program
BlackCat BlackCat
2022-06-24Group-IBAlbert Priego
@online{priego:20220624:we:0ed77e2, author = {Albert Priego}, title = {{We see you, Gozi Hunting the latest TTPs used for delivering the Trojan}}, date = {2022-06-24}, organization = {Group-IB}, url = {https://blog.group-ib.com/gozi-latest-ttps}, language = {English}, urldate = {2022-08-17} } We see you, Gozi Hunting the latest TTPs used for delivering the Trojan
ISFB
2022-06-16Group-IBAnastasia Tikhonova
@online{tikhonova:20220616:thousands:16405e0, author = {Anastasia Tikhonova}, title = {{Thousands of IDs exposed in yet another data breach in Brazil}}, date = {2022-06-16}, organization = {Group-IB}, url = {https://blog.group-ib.com/brazil-exposed-db}, language = {English}, urldate = {2022-08-17} } Thousands of IDs exposed in yet another data breach in Brazil
2022-06-09Group-IBYaroslav Kargalev, Ivan Lebedev
@online{kargalev:20220609:swiss:1382ebc, author = {Yaroslav Kargalev and Ivan Lebedev}, title = {{Swiss Army Knife Phishing Group-IB identifies massive campaign capable of targeting clients of major Vietnamese banks}}, date = {2022-06-09}, organization = {Group-IB}, url = {https://blog.group-ib.com/phishing-vietnam-banks}, language = {English}, urldate = {2022-08-17} } Swiss Army Knife Phishing Group-IB identifies massive campaign capable of targeting clients of major Vietnamese banks
2022-06-01Group-IBNikita Rostovcev, Alexander Badaev
@online{rostovcev:20220601:sidewinderantibotscript:62cb932, author = {Nikita Rostovcev and Alexander Badaev}, title = {{SideWinder.AntiBot.Script Analysis of SideWinder's new infrastructure and tool that narrows their reach to Pakistan}}, date = {2022-06-01}, organization = {Group-IB}, url = {https://blog.group-ib.com/sidewinder-antibot}, language = {English}, urldate = {2022-06-02} } SideWinder.AntiBot.Script Analysis of SideWinder's new infrastructure and tool that narrows their reach to Pakistan
2022-04-14Group-IBIvan Pisarev
@online{pisarev:20220414:old:8265433, author = {Ivan Pisarev}, title = {{Old Gremlins, new methods}}, date = {2022-04-14}, organization = {Group-IB}, url = {https://blog.group-ib.com/oldgremlin_comeback}, language = {English}, urldate = {2022-04-15} } Old Gremlins, new methods
2022-04-08Group-IBYaroslav Kargalev, Daniil Glukhov
@online{kargalev:20220408:scammers:3db4e65, author = {Yaroslav Kargalev and Daniil Glukhov}, title = {{Scammers make off with $1.6 million in crypto Fake giveaways hit bitcoiners again. Now on YouTube}}, date = {2022-04-08}, organization = {Group-IB}, url = {https://blog.group-ib.com/fake-crypto-giveaway}, language = {English}, urldate = {2022-05-05} } Scammers make off with $1.6 million in crypto Fake giveaways hit bitcoiners again. Now on YouTube
2022-03-28Group-IBIlia Rozhnov
@online{rozhnov:20220328:groupib:53f3790, author = {Ilia Rozhnov}, title = {{Group-IB unveils three groups of fraudsters behind delivery scams in Singapore}}, date = {2022-03-28}, organization = {Group-IB}, url = {https://blog.group-ib.com/fake-delivery-scams-singapore}, language = {English}, urldate = {2022-05-05} } Group-IB unveils three groups of fraudsters behind delivery scams in Singapore
2022-02-02lodestoneJason Daza, Manoj Khatiwada, Paul Brunney, Michael Wirtz, Group-IB
@online{daza:20220202:white:5b71f59, author = {Jason Daza and Manoj Khatiwada and Paul Brunney and Michael Wirtz and Group-IB}, title = {{White Rabbit Continued: Sardonic and F5}}, date = {2022-02-02}, organization = {lodestone}, url = {https://lodestone.com/insight/white-rabbit-continued-sardonic-and-f5/}, language = {English}, urldate = {2022-02-04} } White Rabbit Continued: Sardonic and F5