Malpedia Library

Click here to download all references as Bib-File.•

2025-03-24 ⋅ SYGNIA ⋅ Sygnia Team
Weaver Ant, the Web Shell Whisperer: Tracking a Live China-nexus Operation
CHINACHOPPER reGeorg

2025-03-16 ⋅ SYGNIA ⋅ Sygnia Team
Bybit – What We Know So Far

2025-03-13 ⋅ Linkedin (ThreatMon) ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Chrome DLL Manipulation Attack Exposed

2025-03-11 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
New Ermac Variant - Android Banking Trojan & Botnet
ERMAC

2025-03-07 ⋅ Proofpoint ⋅ Ole Villadsen, Proofpoint Threat Research Team, Selena Larson
Remote Monitoring and Management (RMM) Tooling Increasingly an Attacker’s First Choice

2025-02-26 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
FOG Ransomware Attacks the Energy Sector in Turkey
STOP

2025-02-24 ⋅ SecurityScorecard ⋅ SecurityScorecard STRIKE Team
Massive Botnet Targets M365 with Stealthy Password Spraying Attacks

2025-02-20 ⋅ Infrawatch ⋅ Infrawatch Research Team
GhostSocks - Lumma's Partner In Proxy
GhostSocks Lumma Stealer

2025-02-19 ⋅ Natto Thoughts ⋅ Eugenio Benincasa
The Pangu Team—iOS Jailbreak and Vulnerability Research Giant: A Member of i-SOON’s Exploit-Sharing Network

2025-02-18 ⋅ Proofpoint ⋅ Proofpoint Threat Research Team
An Update on Fake Updates: Two New Actors, and New Mac Malware
Marcher FAKEUPDATES FrigidStealer Lumma Stealer

2025-02-13 ⋅ Symantec ⋅ Threat Hunter Team
China-linked Espionage Tools Used in Ransomware Attacks
PlugX

2025-02-11 ⋅ Github (SecurityBlueTeam) ⋅ Security Blue Team
Smartloader Wireshark plugin
SmartLoader

2025-02-02 ⋅ Team82 ⋅ Team82
Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? The Reality is More Complicated…
CMS8000 Backdoor

2025-01-31 ⋅ ConnectWise ⋅ Blake Eakin
Attackers Leveraging Microsoft Teams Defaults and Quick Assist for Social Engineering Attacks
Black Basta Black Basta ReedBed

2025-01-29 ⋅ SecurityScorecard ⋅ SecurityScorecard STRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign
BeaverTail InvisibleFerret

2025-01-27 ⋅ SecurityScorecard ⋅ STRIKE Team
Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign

2025-01-25 ⋅ Sophos ⋅ Anthony Bradshaw, Colin Cowie, Daniel Souter, Hunter Neal, Mark Parsons, Sean Baird, Sean Gallagher
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”
ReedBed STAC5143 UNC4393

2025-01-23 ⋅ ThreatMon ⋅ Aziz Kaplan, ThreatMon, ThreatMon Malware Research Team
Helldown Ransomware Malware Analysis Report
HellDown

2025-01-21 ⋅ Knownsec ⋅ Knownsec 404 Team
Love and hate under war: The GamaCopy organization, which imitates the Russian Gamaredon, uses military — related bait to launch attacks on Russia
GamaCopy

2025-01-17 ⋅ Twitter (@Unit42_Intel) ⋅ Unit 42
Tweet about affiliates of DarkScorpius using Social Engineering via MS Teams
UNC4393