Malpedia Library

Click here to download all references as Bib-File.•

2024-05-14 ⋅ ESET Research ⋅ Marc-Etienne M.Léveillé
Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain
Ebury

2024-05-13 ⋅ ESET Research ⋅ Marc-Etienne M.Léveillé
Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain
Ebury

2023-11-21 ⋅ Checkpoint ⋅ Marc Salinas Fernandez
The Platform Matters: A Comparative Study on Linux and Windows Ransomware Attacks
Gwisin

2023-08-10 ⋅ CrowdStrike ⋅ Counter Adversary Operations, Ken Balint, Marco Ortisi, Nicolas Zilio
Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete: The Case of CVE-2023-36874

2023-05-24 ⋅ Check Point Research ⋅ Jiri Vinopal, Marc Salinas Fernandez
Agrius Deploys MoneyBird in Targeted Attacks against Israeli Organizations
Pink Sandstorm

2023-04-20 ⋅ ESET Research ⋅ Marc-Etienne M.Léveillé, Peter Kálnai
Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack
BADCALL SimpleTea POOLRAT 3CX Backdoor BADCALL IconicStealer

2023-04-19 ⋅ Bleeping Computer ⋅ Bill Toulas
March 2023 broke ransomware attack records with 459 incidents
Clop WhiteRabbit BianLian Black Basta BlackCat LockBit MedusaLocker PLAY Royal Ransom

2023-04-18 ⋅ CitizenLab ⋅ Bahr Abdul Razzak, Bill Marczak, John Scott-Railton, Ron Deibert
Triple Threat: NSO Group’s Pegasus Spyware Returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click Exploit Chains

2023-04-13 ⋅ Google ⋅ Google Threat Analysis Group, Mike Trinh, Pierre-Marc Bureau
Continuing our work to hold cybercriminal ecosystems accountable
CryptBot

2023-04-11 ⋅ CitizenLab ⋅ Astrid Perry, Bahr Abdul Razzak, Bill Marczak, Emma Lyon, John Scott-Railton, Noura Al-Jizawi, Ron Deibert, Siena Anstis, Zoe Panday
Sweet QuaDreams: A First Look at Spyware Vendor QuaDream’s Exploits, Victims, and Customers
Carmine Tsunami

2023-04-10 ⋅ Check Point ⋅ Check Point
March 2023’s Most Wanted Malware: New Emotet Campaign Bypasses Microsoft Blocks to Distribute Malicious OneNote Files
Agent Tesla CloudEyE Emotet Formbook Nanocore RAT NjRAT QakBot Remcos Tofsee

2023-03-08 ⋅ Malwarebytes ⋅ Malwarebytes Threat Intelligence Team
Ransomware review: March 2023
Vendetta

2023-01-05 ⋅ Check Point Research ⋅ Marc Salinas Fernandez
Blindeagle Targeting Ecuador with Sharpened Tools
APT-C-36

2022-11-21 ⋅ Marco Ramilli's Blog ⋅ Marco Ramilli
Is Hagga Threat Actor Abusing FSociety Framework ?

2022-10-03 ⋅ Check Point ⋅ Marc Salinas Fernandez
Bumblebee: increasing its capacity and evolving its TTPs
BumbleBee Cobalt Strike Meterpreter Sliver Vidar

2022-09-07 ⋅ Google ⋅ Google Threat Analysis Group, Pierre-Marc Bureau
Initial access broker repurposing techniques in targeted attacks against Ukraine
AnchorMail Cobalt Strike IcedID

2022-07-20 ⋅ Kaspersky ⋅ Dmitry Galov, Jornt van der Wiel, Marc Rivero López, Sergey Lozhkin
Luna and Black Basta — new ransomware for Windows, Linux and ESXi
Black Basta Conti

2022-07-19 ⋅ ESET Research ⋅ Marc-Etienne M.Léveillé
I see what you did there: A look at the CloudMensis macOS spyware
CloudMensis

2022-05-10 ⋅ Marco Ramilli's Blog ⋅ Marco Ramilli
A Malware Analysis in RU-AU conflict
Cobalt Strike

2022-05-06 ⋅ ⋅ LeMagIT ⋅ Valéry Rieß-Marchive
Ransomware: LockBit 3.0 Starts Using in Cyberattacks
LockBit