Malpedia Library

2023-09-29 ⋅ ESET Research ⋅ Peter Kálnai
Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company
CLOUDBURST LightlessCan miniBlindingCan sRDI

2023-04-20 ⋅ ESET Research ⋅ Marc-Etienne M.Léveillé, Peter Kálnai
Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack
BADCALL SimpleTea POOLRAT 3CX Backdoor BADCALL IconicStealer

2022-09-30 ⋅ ESET Research ⋅ Peter Kálnai
Amazon‑themed campaigns of Lazarus in the Netherlands and Belgium
BLINDINGCAN FudModule HTTP(S) uploader LambLoad TOUCHMOVE

2022-09-30 ⋅ Virus Bulletin ⋅ Matěj Havránek, Peter Kálnai
Lazarus & BYOVD: evil to the Windows core
FudModule

2022-08-16 ⋅ Twitter (@ESETresearch) ⋅ Dominik Breitenbacher, Peter Kálnai
Twitter thread about Operation In(ter)ception for macOS
Interception

2020-11-16 ⋅ ESET Research ⋅ Anton Cherepanov, Peter Kálnai
Lazarus supply‑chain attack in South Korea
BookCodes RAT Lazarus Group

2020-05-14 ⋅ ESET Research ⋅ Peter Kálnai
Mikroceen: Spying backdoor leveraged in high‑profile networks in Central Asia
Microcin Vicious Panda

2020-05-14 ⋅ ESET Research ⋅ Peter Kálnai
Mikroceen: Spying backdoor leveraged in high‑profile networks in Central Asia
BYEBY Microcin

2020-01-31 ⋅ Virus Bulletin ⋅ Michal Poslušný, Peter Kálnai
Rich Headers: leveraging this mysterious artifact of the PE format
Dridex Exaramel Industroyer Neutrino RCS Sathurbot

2018-12-10 ⋅ Botconf ⋅ Jakub Souček, Jakub Tomanek, Peter Kálnai
Collecting Malicious Particles from Neutrino Botnets
Neutrino

2018-04-03 ⋅ ESET Research ⋅ Anton Cherepanov, Peter Kálnai
Lazarus KillDisks Central American casino
KillDisk (Lazarus) Lazarus Group

2017-09-28 ⋅ ESET Research ⋅ Michal Poslušný, Peter Kálnai
Money‑making machine: Monero‑mining malware
Monero Miner

2017-02-16 ⋅ ESET Research ⋅ Peter Kálnai
Demystifying targeted malware used against Polish banks
BanPolMex RAT HOTWAX NACHOCHEESE

2017-01-05 ⋅ ESET Research ⋅ Peter Kálnai, Robert Lipovsky
KillDisk now targeting Linux: Demands $250K ransom, but can’t decrypt
KillDisk Sandworm

2017-01-05 ⋅ ESET Research ⋅ Peter Kálnai, Robert Lipovsky
KillDisk now targeting Linux: Demands $250K ransom, but can’t decrypt

2016-12-20 ⋅ ESET Research ⋅ Michal Malík, Peter Kálnai
New Linux/Rakos threat: devices and servers under SSH scan (again)
Rakos

2016-12-20 ⋅ ESET Research ⋅ Michal Malík, Peter Kálnai
New Linux/Rakos threat: devices and servers under SSH scan (again)

2016-01-01 ⋅ Virus Bulletin ⋅ Jaromír Hořejší, Peter Kálnai
Notes on click fraud: American story
Alureon ZeroAccess

2015-09-01 ⋅ Virus Bulletin ⋅ Jaromír Hořejší, Peter Kálnai
DDOS TROJAN: A MALICIOUS CONCEPT THAT CONQUERED THE ELF FORMAT
Bashlite MrBlack XOR DDoS BillGates

2015-01-06 ⋅ Avast ⋅ Peter Kálnai
Linux DDoS Trojan hiding itself with an embedded rootkit
XOR DDoS

2013-10-29 ⋅ RSA Conference ⋅ Jaromír Hořejší, Peter Kálnai
Dissecting Banking Trojan Carberp
Carberp

2013-09-25 ⋅ Avast ⋅ Peter Kálnai
Win32/64:Napolar: New Trojan shines on the cyber crime-scene
Solarbot

2013-08-27 ⋅ Avast ⋅ Peter Kálnai
Linux Trojan “Hand of Thief” ungloved
Hand of Thief

2013-07-22 ⋅ Avast ⋅ Peter Kálnai
Multisystem Trojan Janicab attacks Windows and MacOSX via scripts
Janicab

2013-04-08 ⋅ Avast ⋅ Peter Kálnai
Banking Trojan Carberp: An Epitaph?
Carberp