Malpedia Library

Click here to download all references as Bib-File.•

2025-06-16 ⋅ Trend Micro ⋅ Aira Marcelo, Gabriel Nicoleta, Jovit Samaniego, Mohamed Fahmy
Clone, Compile, Compromise: Water Curse’s Open-Source Malware Trap on GitHub

2025-06-12 ⋅ CitizenLab ⋅ Bill Marczak, John Scott-Railton
Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted

2025-05-02 ⋅ Kroll ⋅ Dave Truman, George Glass, Marc Messer
Prelude: Crypto Heist Causes HAVOC
Havoc

2025-04-22 ⋅ AhnLab ⋅ ASEC
Distribution of PebbleDash Malware in March 2025
AsyncRAT PEBBLEDASH

2025-03-01 ⋅ ⋅ LeMagIT ⋅ Valéry Rieß-Marchive
Ransomware : de REvil à Black Basta, que sait-on de Tramp ?
Black Basta Black Basta

2024-12-12 ⋅ Kaspersky ⋅ Georgy Kucherin & Marc Rivero López
The Mask Has Been Unmasked Again
Careto

2024-09-24 ⋅ Virus Bulletin ⋅ Georgy Kucherin, Marc Rivero López
The Mask Has Been Unmasked Again
Careto

2024-08-20 ⋅ Kroll ⋅ Dan Cox, Marc Messer, Sarah Becker
FOG Ransomware Targets Higher Education
Fog

2024-05-14 ⋅ ESET Research ⋅ Marc-Etienne M.Léveillé
Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain
Ebury

2024-05-13 ⋅ ESET Research ⋅ Marc-Etienne M.Léveillé
Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain
Ebury

2024-03-21 ⋅ Mandiant ⋅ Adam Aprahamian, Austin Larsen, Dan Kelly, Marcin Siedlarz, Mathew Potaczek, Michael Raggi
Bringing Access Back — Initial Access Brokers Exploit F5 BIG-IP (CVE-2023-46747) and ScreenConnect
GOREVERSE SNOWLIGHT

2024-03-13 ⋅ Kroll ⋅ Marc Messer
LESLIELOADER – Undocumented Loader Observed
Leslieloader

2023-11-21 ⋅ Checkpoint ⋅ Marc Salinas Fernandez
The Platform Matters: A Comparative Study on Linux and Windows Ransomware Attacks
Gwisin

2023-08-10 ⋅ CrowdStrike ⋅ Counter Adversary Operations, Ken Balint, Marco Ortisi, Nicolas Zilio
Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete: The Case of CVE-2023-36874

2023-07-21 ⋅ Secureworks ⋅ SecureWorks
Learning from Incident Response: January - March 2023
GOLD REBELLION

2023-05-24 ⋅ Check Point Research ⋅ Jiri Vinopal, Marc Salinas Fernandez
Agrius Deploys MoneyBird in Targeted Attacks against Israeli Organizations
Pink Sandstorm

2023-04-20 ⋅ ESET Research ⋅ Marc-Etienne M.Léveillé, Peter Kálnai
Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack
BADCALL SimpleTea POOLRAT 3CX Backdoor BADCALL IconicStealer

2023-04-19 ⋅ Bleeping Computer ⋅ Bill Toulas
March 2023 broke ransomware attack records with 459 incidents
Clop WhiteRabbit BianLian Black Basta BlackCat LockBit MedusaLocker PLAY Royal Ransom

2023-04-18 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Ron Deibert
Triple Threat: NSO Group’s Pegasus Spyware Returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click Exploit Chains

2023-04-13 ⋅ Google ⋅ Google Threat Analysis Group, Mike Trinh, Pierre-Marc Bureau
Continuing our work to hold cybercriminal ecosystems accountable
CryptBot