Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-03-07ProofpointOle Villadsen, Proofpoint Threat Research Team, Selena Larson
Remote Monitoring and Management (RMM) Tooling Increasingly an Attacker’s First Choice
2024-02-28Security IntelligenceGolo Mühr, Ole Villadsen
X-Force data reveals top spam trends, campaigns and senior superlatives in 2023
404 Keylogger Agent Tesla Black Basta DarkGate Formbook IcedID Loki Password Stealer (PWS) Pikabot QakBot Remcos
2023-11-21IBMCharlotte Hammond, Kat Metrick, Ole Villadsen
Stealthy WailingCrab Malware misuses MQTT Messaging Protocol
Gozi WikiLoader
2023-11-06Security IntelligenceGolo Mühr, Ole Villadsen
GootBot – Gootloader’s new approach to post-exploitation
GootLoader UNC2565
2023-09-12Security IntelligenceGolo Mühr, Kat Metrick, Ole Villadsen
Email campaigns leverage updated DBatLoader to deliver RATs, stealers
DBatLoader
2023-06-27SecurityIntelligenceCharlotte Hammond, Ole Villadsen
The Trickbot/Conti Crypters: Where Are They Now?
Black Basta Conti Mount Locker PhotoLoader Royal Ransom SystemBC TrickBot
2023-04-14IBMCharlotte Hammond, Ole Villadsen
Ex-Conti and FIN7 Actors Collaborate with New Domino Backdoor
Minodo Nemesis
2023-04-14Security IntelligenceCharlotte Hammond, Ole Villadsen
Ex-Conti and FIN7 Actors Collaborate with New Domino Backdoor
Minodo
2022-08-18IBMCharlotte Hammond, Ole Villadsen
From Ramnit To Bumblebee (via NeverQuest): Similarities and Code Overlap Shed Light On Relationships Between Malware Developers
BumbleBee Karius Ramnit TrickBot Vawtrak
2022-07-07IBMCharlotte Hammond, Kat Weinberger, Ole Villadsen
Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine
AnchorMail BumbleBee Cobalt Strike IcedID Meterpreter
2022-05-19IBMCharlotte Hammond, Golo Mühr, Ole Villadsen
ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups
IcedID ISFB Mount Locker WIZARD SPIDER
2022-02-25IBMCharlotte Hammond, Ole Villadsen
Trickbot Group’s AnchorDNS Backdoor Upgrades to AnchorMail
AnchorDNS AnchorMail
2021-10-13IBMCharlotte Hammond, Ole Villadsen
Trickbot Rising — Gang Doubles Down on Infection Efforts to Amass Network Footholds
BazarBackdoor TrickBot
2020-04-07SecurityIntelligenceOle Villadsen
ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework
More_eggs Anchor TrickBot
2019-08-29Security IntelligenceJoey Victorino, Kevin Henson, Melissa Frydrych, Ole Villadsen
More_eggs, Anyone? Threat Actor ITG08 Strikes Again
More_eggs FIN6