Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-06-16IntezerAviygayil Mechtinger
@online{mechtinger:20200616:elf:7057d58, author = {Aviygayil Mechtinger}, title = {{ELF Malware Analysis 101: Linux Threats No Longer an Afterthought}}, date = {2020-06-16}, organization = {Intezer}, url = {https://intezer.com/blog/linux/elf-malware-analysis-101-linux-threats-no-longer-an-afterthought}, language = {English}, urldate = {2020-06-16} } ELF Malware Analysis 101: Linux Threats No Longer an Afterthought
Cloud Snooper Dacls EvilGnome HiddenWasp MESSAGETAP NOTROBIN QNAPCrypt Winnti
2020-05-21IntezerPaul Litvak
@online{litvak:20200521:evolution:a14bf60, author = {Paul Litvak}, title = {{The Evolution of APT15’s Codebase 2020}}, date = {2020-05-21}, organization = {Intezer}, url = {https://www.intezer.com/blog/research/the-evolution-of-apt15s-codebase-2020/}, language = {English}, urldate = {2020-05-23} } The Evolution of APT15’s Codebase 2020
Ketrican Okrum
2020-05-11IntezerTwitter (IntezerLabs)
@online{intezerlabs:20200511:ldpreload:b3e622b, author = {Twitter (IntezerLabs)}, title = {{Tweet on LD-PRELOAD userland rootkit}}, date = {2020-05-11}, organization = {Intezer}, url = {https://twitter.com/IntezerLabs/status/1259818964848386048}, language = {English}, urldate = {2020-05-18} } Tweet on LD-PRELOAD userland rootkit
Kinsing
2020-05-04IntezerPaul Litvak
@online{litvak:20200504:kaiji:6b90937, author = {Paul Litvak}, title = {{Kaiji: New Chinese Linux malware turning to Golang}}, date = {2020-05-04}, organization = {Intezer}, url = {https://intezer.com/blog/research/kaiji-new-chinese-linux-malware-turning-to-golang/}, language = {English}, urldate = {2020-05-06} } Kaiji: New Chinese Linux malware turning to Golang
Kaiji
2020-03-30IntezerMichael Kajiloti
@online{kajiloti:20200330:fantastic:c01db60, author = {Michael Kajiloti}, title = {{Fantastic payloads and where we find them}}, date = {2020-03-30}, organization = {Intezer}, url = {https://intezer.com/blog/intezer-analyze/fantastic-payloads-and-where-we-find-them}, language = {English}, urldate = {2020-04-07} } Fantastic payloads and where we find them
Dridex Emotet ISFB TrickBot
2020-01-30IntezerPaul Litvak, Michael Kajiloti
@online{litvak:20200130:new:e013fd0, author = {Paul Litvak and Michael Kajiloti}, title = {{New Iranian Campaign Tailored to US Companies Utilizes an Updated Toolset}}, date = {2020-01-30}, organization = {Intezer}, url = {https://intezer.com/blog-new-iranian-campaign-tailored-to-us-companies-uses-updated-toolset/}, language = {English}, urldate = {2020-02-03} } New Iranian Campaign Tailored to US Companies Utilizes an Updated Toolset
TONEDEAF VALUEVAULT
2020-01-20IntezerIgnacio Sanmillan
@online{sanmillan:20200120:linux:2b0cfbb, author = {Ignacio Sanmillan}, title = {{Linux Rekoobe Operating with New, Undetected Malware Samples}}, date = {2020-01-20}, organization = {Intezer}, url = {https://intezer.com/blog-linux-rekoobe-operating-with-new-undetected-malware-samples/}, language = {English}, urldate = {2020-01-22} } Linux Rekoobe Operating with New, Undetected Malware Samples
Rekoobe
2019-11-12IntezerMichael Kajiloti
@online{kajiloti:20191112:purelocker:9d8244d, author = {Michael Kajiloti}, title = {{PureLocker: New Ransomware-as-a-Service Being Used in Targeted Attacks Against Servers}}, date = {2019-11-12}, organization = {Intezer}, url = {https://www.intezer.com/blog-purelocker-ransomware-being-used-in-targeted-attacks-against-servers/}, language = {English}, urldate = {2020-01-13} } PureLocker: New Ransomware-as-a-Service Being Used in Targeted Attacks Against Servers
PureLocker
2019-09-20IntezerIntezer
@online{intezer:20190920:russian:27d9f67, author = {Intezer}, title = {{Russian Cybercrime Group FullofDeep Behind QNAPCrypt Ransomware Campaigns}}, date = {2019-09-20}, organization = {Intezer}, url = {https://www.intezer.com/blog-russian-cybercrime-group-fullofdeep-behind-qnapcrypt-ransomware-campaigns/}, language = {English}, urldate = {2020-01-08} } Russian Cybercrime Group FullofDeep Behind QNAPCrypt Ransomware Campaigns
QNAPCrypt
2019-07-24IntezerPaul Litvak, Ignacio Sanmillan
@online{litvak:20190724:watching:abc3541, author = {Paul Litvak and Ignacio Sanmillan}, title = {{Watching the WatchBog: New BlueKeep Scanner and Linux Exploits}}, date = {2019-07-24}, organization = {Intezer}, url = {https://intezer.com/blog/linux/watching-the-watchbog-new-bluekeep-scanner-and-linux-exploits/}, language = {English}, urldate = {2020-05-18} } Watching the WatchBog: New BlueKeep Scanner and Linux Exploits
WatchBog
2019-07-17IntezerPaul Litvak
@online{litvak:20190717:evilgnome:0874eda, author = {Paul Litvak}, title = {{EvilGnome: Rare Malware Spying on Linux Desktop Users}}, date = {2019-07-17}, organization = {Intezer}, url = {https://www.intezer.com/blog-evilgnome-rare-malware-spying-on-linux-desktop-users/}, language = {English}, urldate = {2020-01-10} } EvilGnome: Rare Malware Spying on Linux Desktop Users
EvilGnome
2019-07-10IntezerIgnacio Sanmillan
@online{sanmillan:20190710:how:e52e04c, author = {Ignacio Sanmillan}, title = {{How We Seized 15 Active Ransomware Campaigns Targeting Linux File Storage Servers}}, date = {2019-07-10}, organization = {Intezer}, url = {https://www.intezer.com/blog-seizing-15-active-ransomware-campaigns-targeting-linux-file-storage-servers/}, language = {English}, urldate = {2020-01-13} } How We Seized 15 Active Ransomware Campaigns Targeting Linux File Storage Servers
QNAPCrypt
2019-05-29IntezerIgnacio Sanmillan
@online{sanmillan:20190529:hiddenwasp:6ebd455, author = {Ignacio Sanmillan}, title = {{HiddenWasp Malware Stings Targeted Linux Systems}}, date = {2019-05-29}, organization = {Intezer}, url = {https://www.intezer.com/blog-hiddenwasp-malware-targeting-linux-systems/}, language = {English}, urldate = {2019-11-22} } HiddenWasp Malware Stings Targeted Linux Systems
HiddenWasp
2019-05-09IntezerIgnacio Sanmillan
@online{sanmillan:20190509:technical:7bdfc33, author = {Ignacio Sanmillan}, title = {{Technical Analysis: Pacha Group Competing against Rocke Group for Cryptocurrency Mining Foothold on the Cloud}}, date = {2019-05-09}, organization = {Intezer}, url = {https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/}, language = {English}, urldate = {2020-01-13} } Technical Analysis: Pacha Group Competing against Rocke Group for Cryptocurrency Mining Foothold on the Cloud
GreedyAntd Pacha Group Rocke
2019-02-28IntezerIgnacio Sanmillan
@online{sanmillan:20190228:technical:ebec2b6, author = {Ignacio Sanmillan}, title = {{Technical Analysis: Pacha Group Deploying Undetected Cryptojacking Campaigns on Linux Servers}}, date = {2019-02-28}, organization = {Intezer}, url = {https://www.intezer.com/blog-technical-analysis-pacha-group/}, language = {English}, urldate = {2019-11-28} } Technical Analysis: Pacha Group Deploying Undetected Cryptojacking Campaigns on Linux Servers
Pacha Group
2019-01-07IntezerIgnacio Sanmillan
@online{sanmillan:20190107:chinaz:50bb5f4, author = {Ignacio Sanmillan}, title = {{ChinaZ Revelations: Revealing ChinaZ Relationships with other Chinese Threat Actor Groups}}, date = {2019-01-07}, organization = {Intezer}, url = {https://www.intezer.com/blog-chinaz-relations/}, language = {English}, urldate = {2019-11-27} } ChinaZ Revelations: Revealing ChinaZ Relationships with other Chinese Threat Actor Groups
Ghost RAT
2018-10-03IntezerJay Rosenberg
@online{rosenberg:20181003:apt37:93a9100, author = {Jay Rosenberg}, title = {{APT37: Final1stspy Reaping the FreeMilk}}, date = {2018-10-03}, organization = {Intezer}, url = {https://www.intezer.com/apt37-final1stspy-reaping-the-freemilk/}, language = {English}, urldate = {2020-01-09} } APT37: Final1stspy Reaping the FreeMilk
Final1stSpy RokRAT
2018-08-17IntezerJay Rosenberg
@online{rosenberg:20180817:prince:d4d3b9c, author = {Jay Rosenberg}, title = {{Prince of Persia: The Sands of Foudre}}, date = {2018-08-17}, organization = {Intezer}, url = {https://www.intezer.com/prince-of-persia-the-sands-of-foudre/}, language = {English}, urldate = {2020-01-13} } Prince of Persia: The Sands of Foudre
Infy
2018-07-26IntezerItai Tevet
@online{tevet:20180726:mitigating:30dc2fb, author = {Itai Tevet}, title = {{Mitigating Emotet, The Most Common Banking Trojan}}, date = {2018-07-26}, organization = {Intezer}, url = {https://www.intezer.com/mitigating-emotet-the-most-common-banking-trojan/}, language = {English}, urldate = {2019-12-31} } Mitigating Emotet, The Most Common Banking Trojan
Emotet
2018-05-29IntezerOmri Ben Bassat
@online{bassat:20180529:iron:5943a09, author = {Omri Ben Bassat}, title = {{Iron Cybercrime Group Under The Scope}}, date = {2018-05-29}, organization = {Intezer}, url = {https://www.intezer.com/iron-cybercrime-group-under-the-scope-2/}, language = {English}, urldate = {2019-12-05} } Iron Cybercrime Group Under The Scope
Maktub Iron Group