Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-11-03Group-IBGroup-IB
@online{groupib:20221103:opera1er:19d5499, author = {Group-IB}, title = {{OPERA1ER: Playing god without permission}}, date = {2022-11-03}, organization = {Group-IB}, url = {https://explore.group-ib.com/opera1er-eng/report-opera1er-eng}, language = {English}, urldate = {2022-11-06} } OPERA1ER: Playing god without permission
2022-09-16Group-IBTwitter (@GroupIB_GIB)
@online{groupibgib:20220916:uber:255f13d, author = {Twitter (@GroupIB_GIB)}, title = {{Tweet on Uber Employees potentially infected with Raccoon and Vidar stealer}}, date = {2022-09-16}, organization = {Group-IB}, url = {https://twitter.com/GroupIB_GIB/status/1570821174736850945}, language = {English}, urldate = {2022-09-19} } Tweet on Uber Employees potentially infected with Raccoon and Vidar stealer
Raccoon Vidar
2022-08-25Group-IBRoberto Martinez, Rustam Mirkasymov
@online{martinez:20220825:roasting:adb6ea2, author = {Roberto Martinez and Rustam Mirkasymov}, title = {{Roasting 0ktapus: The phishing campaign going after Okta identity credentials}}, date = {2022-08-25}, organization = {Group-IB}, url = {https://blog.group-ib.com/0ktapus}, language = {English}, urldate = {2022-08-30} } Roasting 0ktapus: The phishing campaign going after Okta identity credentials
2022-08-18Group-IBNikita Rostovtsev
@online{rostovtsev:20220818:apt41:57ffddb, author = {Nikita Rostovtsev}, title = {{APT41 World Tour 2021 on a tight schedule}}, date = {2022-08-18}, organization = {Group-IB}, url = {https://blog.group-ib.com/apt41-world-tour-2021}, language = {English}, urldate = {2022-08-18} } APT41 World Tour 2021 on a tight schedule
Cobalt Strike
2022-08-17Group-IBVictor Okorokov
@online{okorokov:20220817:switching:1ffd85f, author = {Victor Okorokov}, title = {{Switching side jobs Links between ATMZOW JS-sniffer and Hancitor}}, date = {2022-08-17}, organization = {Group-IB}, url = {https://blog.group-ib.com/switching-side-jobs}, language = {English}, urldate = {2022-08-22} } Switching side jobs Links between ATMZOW JS-sniffer and Hancitor
Hancitor
2022-08-11Group-IBGroup-IB
@online{groupib:20220811:challenge:114c383, author = {Group-IB}, title = {{Challenge accepted Detecting MaliBot, a fresh Android banking trojan, with a Fraud Protection solution}}, date = {2022-08-11}, organization = {Group-IB}, url = {https://blog.group-ib.com/malibot}, language = {English}, urldate = {2022-08-17} } Challenge accepted Detecting MaliBot, a fresh Android banking trojan, with a Fraud Protection solution
2022-07-29Group-IBReza Rafati, Yaroslav Kargalev
@online{rafati:20220729:fake:c31ccc4, author = {Reza Rafati and Yaroslav Kargalev}, title = {{Fake investment scams in Europe How we almost got rich}}, date = {2022-07-29}, organization = {Group-IB}, url = {https://blog.group-ib.com/investment-scams-europe}, language = {English}, urldate = {2022-08-17} } Fake investment scams in Europe How we almost got rich
2022-06-29Group-IBAndrey Zhdanov, Oleg Skulkin
@online{zhdanov:20220629:fat:7056ba6, author = {Andrey Zhdanov and Oleg Skulkin}, title = {{Fat Cats - An analysis of the BlackCat ransomware affiliate program}}, date = {2022-06-29}, organization = {Group-IB}, url = {https://blog.group-ib.com/blackcat}, language = {English}, urldate = {2022-08-17} } Fat Cats - An analysis of the BlackCat ransomware affiliate program
BlackCat BlackCat
2022-06-24Group-IBAlbert Priego
@online{priego:20220624:we:0ed77e2, author = {Albert Priego}, title = {{We see you, Gozi Hunting the latest TTPs used for delivering the Trojan}}, date = {2022-06-24}, organization = {Group-IB}, url = {https://blog.group-ib.com/gozi-latest-ttps}, language = {English}, urldate = {2022-08-17} } We see you, Gozi Hunting the latest TTPs used for delivering the Trojan
ISFB
2022-06-16Group-IBAnastasia Tikhonova
@online{tikhonova:20220616:thousands:16405e0, author = {Anastasia Tikhonova}, title = {{Thousands of IDs exposed in yet another data breach in Brazil}}, date = {2022-06-16}, organization = {Group-IB}, url = {https://blog.group-ib.com/brazil-exposed-db}, language = {English}, urldate = {2022-08-17} } Thousands of IDs exposed in yet another data breach in Brazil
2022-06-09Group-IBYaroslav Kargalev, Ivan Lebedev
@online{kargalev:20220609:swiss:1382ebc, author = {Yaroslav Kargalev and Ivan Lebedev}, title = {{Swiss Army Knife Phishing Group-IB identifies massive campaign capable of targeting clients of major Vietnamese banks}}, date = {2022-06-09}, organization = {Group-IB}, url = {https://blog.group-ib.com/phishing-vietnam-banks}, language = {English}, urldate = {2022-08-17} } Swiss Army Knife Phishing Group-IB identifies massive campaign capable of targeting clients of major Vietnamese banks
2022-06-01Group-IBNikita Rostovcev, Alexander Badaev
@online{rostovcev:20220601:sidewinderantibotscript:62cb932, author = {Nikita Rostovcev and Alexander Badaev}, title = {{SideWinder.AntiBot.Script Analysis of SideWinder's new infrastructure and tool that narrows their reach to Pakistan}}, date = {2022-06-01}, organization = {Group-IB}, url = {https://blog.group-ib.com/sidewinder-antibot}, language = {English}, urldate = {2022-06-02} } SideWinder.AntiBot.Script Analysis of SideWinder's new infrastructure and tool that narrows their reach to Pakistan
2022-04-14Group-IBIvan Pisarev
@online{pisarev:20220414:old:8265433, author = {Ivan Pisarev}, title = {{Old Gremlins, new methods}}, date = {2022-04-14}, organization = {Group-IB}, url = {https://blog.group-ib.com/oldgremlin_comeback}, language = {English}, urldate = {2022-04-15} } Old Gremlins, new methods
2022-04-08Group-IBYaroslav Kargalev, Daniil Glukhov
@online{kargalev:20220408:scammers:3db4e65, author = {Yaroslav Kargalev and Daniil Glukhov}, title = {{Scammers make off with $1.6 million in crypto Fake giveaways hit bitcoiners again. Now on YouTube}}, date = {2022-04-08}, organization = {Group-IB}, url = {https://blog.group-ib.com/fake-crypto-giveaway}, language = {English}, urldate = {2022-05-05} } Scammers make off with $1.6 million in crypto Fake giveaways hit bitcoiners again. Now on YouTube
2022-03-28Group-IBIlia Rozhnov
@online{rozhnov:20220328:groupib:53f3790, author = {Ilia Rozhnov}, title = {{Group-IB unveils three groups of fraudsters behind delivery scams in Singapore}}, date = {2022-03-28}, organization = {Group-IB}, url = {https://blog.group-ib.com/fake-delivery-scams-singapore}, language = {English}, urldate = {2022-05-05} } Group-IB unveils three groups of fraudsters behind delivery scams in Singapore
2022-02-02lodestoneJason Daza, Manoj Khatiwada, Paul Brunney, Michael Wirtz, Group-IB
@online{daza:20220202:white:5b71f59, author = {Jason Daza and Manoj Khatiwada and Paul Brunney and Michael Wirtz and Group-IB}, title = {{White Rabbit Continued: Sardonic and F5}}, date = {2022-02-02}, organization = {lodestone}, url = {https://lodestone.com/insight/white-rabbit-continued-sardonic-and-f5/}, language = {English}, urldate = {2022-02-04} } White Rabbit Continued: Sardonic and F5
2022-01-28Group-IBVesta Matveeva, Iaroslav Polianskii
@online{matveeva:20220128:shedding:7c736f5, author = {Vesta Matveeva and Iaroslav Polianskii}, title = {{Shedding light on the dark web}}, date = {2022-01-28}, organization = {Group-IB}, url = {https://blog.group-ib.com/ml-in-investigations}, language = {English}, urldate = {2022-02-04} } Shedding light on the dark web
2021-12-21Group-IBYakov Kravtsov, Yvgeny Egorov
@online{kravtsov:20211221:readymade:14395a0, author = {Yakov Kravtsov and Yvgeny Egorov}, title = {{Ready-made fraud Behind the scenes of targeted scams}}, date = {2021-12-21}, organization = {Group-IB}, url = {https://blog.group-ib.com/target}, language = {English}, urldate = {2022-01-24} } Ready-made fraud Behind the scenes of targeted scams
2021-12-09Group-IBDmitry Shestakov, Andrey Zhdanov
@online{shestakov:20211209:inside:2dc8bd6, author = {Dmitry Shestakov and Andrey Zhdanov}, title = {{Inside the Hive: Deep dive into Hive RaaS, analysis of latest samples}}, date = {2021-12-09}, organization = {Group-IB}, url = {https://blog.group-ib.com/hive}, language = {English}, urldate = {2022-01-24} } Inside the Hive: Deep dive into Hive RaaS, analysis of latest samples
Hive Hive
2021-11-18Group-IBIvan Pisarev
@online{pisarev:20211118:awakening:5bb7c5e, author = {Ivan Pisarev}, title = {{The awakening: Group-IB uncovers new corporate espionage attacks by RedCurl}}, date = {2021-11-18}, organization = {Group-IB}, url = {https://www.group-ib.com/media/red-curl-threat-report/}, language = {English}, urldate = {2021-11-19} } The awakening: Group-IB uncovers new corporate espionage attacks by RedCurl