Malpedia Library

2024-06-24 ⋅ Malwarebytes Labs ⋅ Jérôme Segura
‘Poseidon’ Mac stealer distributed via Google ads
Poseidon Stealer

2024-06-21 ⋅ Malwarebytes Labs ⋅ Pieter Arntz
Was T-Mobile compromised by a zero-day in Jira?
IntelBroker

2023-12-15 ⋅ Malwarebytes Labs ⋅ Jérôme Segura
PikaBot distributed via malicious search ads
Pikabot

2022-07-13 ⋅ Malwarebytes Labs ⋅ Hossein Jazi, Roberto Santos
Cobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign
Cobalt Strike

2022-07-01 ⋅ Malwarebytes Labs ⋅ Christopher Boyd
AstraLocker 2.0 ransomware isn’t going to give you your files back
AstraLocker

2022-06-21 ⋅ Malwarebytes Labs ⋅ Threat Intelligence Team
Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine

2022-06-08 ⋅ Malwarebytes Labs ⋅ Threat Intelligence Team
MakeMoney malvertising campaign adds fake update template
FAKEUPDATES

2022-05-16 ⋅ Malwarebytes Labs ⋅ Threat Intelligence Team
Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis
Unidentified PS 003 (RAT)

2022-05-10 ⋅ Malwarebytes Labs ⋅ Threat Intelligence Team
APT34 targets Jordan Government using new Saitama backdoor
Saitama Backdoor

2022-05-05 ⋅ Malwarebytes Labs ⋅ Threat Intelligence Team
Nigerian Tesla: 419 scammer gone malware distributor unmasked
Agent Tesla

2022-04-05 ⋅ Malwarebytes Labs ⋅ Ankur Saini, Hossein Jazi, Jérôme Segura
Colibri Loader combines Task Scheduler and PowerShell in clever persistence technique
Colibri Loader Mars Stealer

2022-03-29 ⋅ Malwarebytes Labs ⋅ Hossein Jazi
New spear phishing campaign targets Russian dissidents
Unidentified PS 002 (RAT) Cobalt Strike

2022-01-27 ⋅ Malwarebytes Labs ⋅ Ankur Saini, Hossein Jazi
North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign

2021-07-16 ⋅ Malwarebytes Labs ⋅ Jérôme Segura
Vidar and GandCrab: stealer and ransomware combo observed in the wild
Gandcrab Vidar

2021-06-28 ⋅ Malwarebytes ⋅ Jérôme Segura
Lil' skimmer, the Magecart impersonator - Malwarebytes Labs
magecart

2021-03-25 ⋅ Malwarebytes ⋅ Malwarebytes Labs
Perkiler malware turns to SMB brute force to spread
PurpleFox

2020-10-12 ⋅ Malwarebytes Labs ⋅ Hossein Jazi, Jérôme Segura, Malwarebytes Threat Intelligence Team, Roberto Santos
Winnti APT group docks in Sri Lanka for new campaign
DBoxAgent SerialVlogger Winnti

2020-07-21 ⋅ Malwarebytes Labs ⋅ Hossein Jazi, Jérôme Segura
Chinese APT group targets India and Hong Kong using new variant of MgBot malware
MgBot BRONZE HIGHLAND

2020-05-21 ⋅ Malwarebytes ⋅ Malwarebytes Labs
Cybercrime tactics and techniques
Ave Maria Azorult DanaBot Loki Password Stealer (PWS) NetWire RC

2019-04-09 ⋅ Malwarebytes ⋅ Malwarebytes Labs
Say hello to Baldr, a new stealer on the market
Baldr