Click here to download all references as Bib-File.•
| 2025-02-14
⋅
Twitter (@DTCERT)
⋅
Twitter Thread on a password-protected loader observed in a vishing campaign Unidentified 120 |
| 2023-08-25
⋅
Telekom
⋅
Shining some light on the DarkGate loader DarkGate |
| 2023-08-25
⋅
Github (telekom-security)
⋅
DarkGate configuration extractor DarkGate |
| 2023-03-31
⋅
Telekom
⋅
Moqhao masters new tricks MoqHao |
| 2021-09-14
⋅
Telekom
⋅
Flubot’s Smishing Campaigns under the Microscope Anatsa FluBot |
| 2021-07-14
⋅
Telekom
⋅
LOCKDATA Auction – Another leak marketplace showing the recent shift of ransomware operators Cryakl |
| 2021-05-17
⋅
Github (telekom-security)
⋅
icedid_analysis IcedID |
| 2021-05-17
⋅
Telekom
⋅
Let’s set ice on fire: Hunting and detecting IcedID infections IcedID |
| 2020-12-17
⋅
Telekom
⋅
Smokeloader is still alive and kickin’ – A new way to encrypt CC server URLs SmokeLoader |
| 2020-10-06
⋅
Telekom
⋅
Eager Beaver: A Short Overview of the Restless Threat Actor TA505 Clop Get2 SDBbot TA505 |
| 2020-06-16
⋅
Telekom
⋅
TA505 returns with a new bag of tricks Clop Get2 SDBbot TA505 |
| 2020-06-08
⋅
Christian Haschek's Blog
⋅
The A1 Telekom Austria Hack |
| 2020-05-14
⋅
Telekom
⋅
LOLSnif – Tracking Another Ursnif-Based Targeted Campaign LOLSnif |
| 2020-03-26
⋅
Telekom
⋅
TA505's Box of Chocolate - On Hidden Gems packed with the TA505 Packer Amadey Azorult Clop FlawedGrace Get2 SDBbot Silence TinyMet TA505 |
| 2020-03-06
⋅
Telekom
⋅
Dissecting Emotet - Part 2 Emotet |
| 2020-02-03
⋅
Telekom
⋅
Dissecting Emotet – Part 1 Emotet |
| 2020-01-14
⋅
Telekom
⋅
Inside of CL0P’s ransomware operation Clop Get2 SDBbot |