Malpedia Library

Click here to download all references as Bib-File.•

2024-08-02 ⋅ Volexity ⋅ Ankur Saini, Paul Rascagnères, Steven Adair, Thomas Lancaster
StormBamboo Compromises ISP to Abuse Insecure Software Update Mechanisms
CDDS DUSTPAN MgBot

2024-05-10 ⋅ Rapid7 Labs ⋅ Evan McCann, Thomas Elkins, Tyler McGraw
Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
Black Basta Black Basta Cobalt Strike NetSupportManager RAT

2024-03-31 ⋅ Twitter (@fr0gger) ⋅ Thomas Roccia
Tweet with visual summary of the execution flow
xzbot

2024-01-10 ⋅ Volexity ⋅ Matthew Meltzer, Robert Jan Mora, Sean Koessel, Steven Adair, Thomas Lancaster
Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN
UTA0178

2023-11-21 ⋅ Trellix ⋅ Ciana Driscoll, Ernesto Fernández Provecho, Pham Duy Phuc, Vinoo Thomas
The Continued Evolution of the DarkGate Malware-as-a-Service
DarkGate

2023-08-31 ⋅ Rapid7 Labs ⋅ Evan McCann, Natalie Zargarov, Thomas Elkins, Tyler McGraw
Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers
FAKEUPDATES Amadey HijackLoader Lumma Stealer SectopRAT

2023-08-30 ⋅ Forbes ⋅ Thomas Brewster
A Fake Signal App Was Planted On Google Play By China-Linked Hackers

2023-05-14 ⋅ unfinished.bike ⋅ Thomas Strömberg
Fun with the new bpfdoor (2023)
BPFDoor

2023-05-10 ⋅ Github (MythicAgents) ⋅ Cody Thomas
Github Repository for Nimplant
Nimplant

2023-05-10 ⋅ Github (MythicAgents) ⋅ Cody Thomas
Github Repository for Poseidon
Poseidon Poseidon

2023-03-30 ⋅ Volexity ⋅ Ankur Saini, Callum Roxan, Charlie Gardner, Paul Rascagnères, Steven Adair, Thomas Lancaster
3CX Supply Chain Compromise Leads to ICONIC Incident
3CX Backdoor IconicStealer

2022-12-05 ⋅ Accenture ⋅ Paul Mansfield, Thomas Willkan
Popularity spikes for information stealer malware on the dark web
MetaStealer Rhadamanthys

2022-11-21 ⋅ BSides Sydney ⋅ Thomas Roccia
X-Ray of Malware Evasion Techniques - Analysis, Dissection, Cure?
Emotet

2022-06-15 ⋅ Volexity ⋅ Steven Adair, Thomas Lancaster, Volexity Threat Research
DriftingCloud: Zero-Day Sophos Firewall Exploitation and an Insidious Breach
pupy Sliver DriftingCloud

2022-03-22 ⋅ Volexity ⋅ Damien Cash, Steven Adair, Thomas Lancaster
Storm Cloud on the Horizon: GIMMICK Malware Strikes at macOS
GIMMICK GIMMICK

2022-02-25 ⋅ CrowdStrike ⋅ Adrian Liviu Arsene, Farid Hendi, william thomas
CrowdStrike Falcon Protects from New Wiper Malware Used in Ukraine Cyberattacks
HermeticWiper

2022-02-25 ⋅ EnglertOne ⋅ Thomas Englert
Reverse Engineering | Hermetic Wiper
HermeticWiper

2022-02-25 ⋅ Twitter (@fr0gger) ⋅ Thomas Roccia
Tweets with an overview of HermeticWiper
HermeticWiper

2022-02-03 ⋅ Volexity ⋅ Steven Adair, Thomas Lancaster
Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra
TEMP_Heretic

2021-12-10 ⋅ Mississippi State University ⋅ DeMarcus M. Thomas Sr.
Detecting malware in memory with memory object relationships