Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-06-18Cisco TalosVanja Svajcer
Famous Chollima deploying Python version of GolangGhost RAT
GolangGhost PylangGhost GolangGhost
2024-10-17Cisco TalosAsheer Malhotra, Dmytro Korzhevin, Vanja Svajcer, Vitor Ventura
UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants
MeltingClaw ROMCOM RAT ShadyHammock RomCom
2023-03-09Talos IntelligenceAndrew Windsor, Vanja Svajcer
Prometei botnet improves modules and exhibits new capabilities in recent updates
Prometei
2022-08-30CiscoVanja Svajcer
ModernLoader delivers multiple stealers, cryptominers and RATs
Coinminer DCRat ModernLoader RedLine Stealer SapphireMiner SystemBC
2022-04-14Cisco TalosEdmund Brumaghin, Vanja Svajcer
"Haskers Gang" Introduces New ZingoStealer
Ginzo Stealer ZingoStealer
2022-04-14Cisco TalosEdmund Brumaghin, Michael Chen, Vanja Svajcer
Threat Spotlight: "Haskers Gang" Introduces New ZingoStealer
RedLine Stealer
2022-02-09CiscoVanja Svajcer, Vitor Ventura
What’s with the shared VBA code between Transparent Tribe and other threat actors?
2022-01-12CiscoChetan Raghuprasad, Vanja Svajcer
Nanocore, Netwire and AsyncRAT spreading campaign uses public cloud infrastructure
AsyncRAT Nanocore RAT NetWire RC
2021-11-16CiscoAsheer Malhotra, Chetan Raghuprasad, Vanja Svajcer
Attackers use domain fronting technique to target Myanmar with Cobalt Strike
Cobalt Strike
2021-11-03Cisco TalosCaitlin Huey, Chetan Raghuprasad, Vanja Svajcer
Microsoft Exchange vulnerabilities exploited once again for ransomware, this time with Babuk
Babuk CHINACHOPPER
2021-09-23TalosAsheer Malhotra, Justin Thattil, Vanja Svajcer
Operation “Armor Piercer:” Targeted attacks in the Indian subcontinent using commercial RATs
Ave Maria NetWire RC
2021-08-19TalosAsheer Malhotra, Vanja Svajcer, Vitor Ventura
Malicious Campaign Targets Latin America: The seller, The operator and a curious link
AsyncRAT NjRAT
2021-08-12Cisco TalosVanja Svajcer
Signed MSI files, Raccoon and Amadey are used for installing ServHelper RAT
Amadey Raccoon ServHelper
2021-06-03TalosCaitlin Huey, Kendall McKay, Vanja Svajcer
Necro Python bot adds new exploits and Tezos mining to its bag of tricks
N3Cr0m0rPh
2021-04-21TalosVanja Svajcer
A year of Fajan evolution and Bloomberg themed campaigns
MASS Logger Nanocore RAT NetWire RC Revenge RAT XpertRAT
2021-02-17Cisco TalosVanja Svajcer
Masslogger campaigns exfiltrates user credentials
MASS Logger
2020-12-01TalosAdam Pridgen, Vanja Svajcer
Xanthe - Docker aware miner
Xanthe
2020-07-22Talos IntelligenceVanja Svajcer
Prometei botnet and its quest for Monero
Prometei
2020-04-02Cisco TalosVanja Svajcer
AZORult brings friends to the party
Azorult Remcos
2020-02-18Cisco TalosVanja Svajcer
Building a bypass with MSBuild
Cobalt Strike GRUNT MimiKatz
2019-08-27Cisco TalosPaul Rascagnères, Vanja Svajcer
China Chopper still active 9 years later
CHINACHOPPER
2019-05-30Talos IntelligenceVanja Svajcer
10 years of virtual dynamite: A high-level retrospective of ATM malware
FastCash Project Alice Cutlet Ploutus ATM Skimer Tyupkin
2018-07-31Cisco TalosVanja Svajcer
Multiple Cobalt Personality Disorder
More_eggs
2017-06-19Cisco TalosEmmanuel Tacheau, Martin Lee, Paul Rascagnères, Vanja Svajcer, Warren Mercer
Delphi Used To Score Against Palestine
The Big Bang
2017-06-19Cisco TalosEmmanuel Tacheau, Martin Lee, Paul Rascagnères, Vanja Svajcer, Warren Mercer
Delphi Used To Score Against Palestine
Micropsia AridViper
2017-05-23CiscoVanja Svajcer
Modified Zyklon and plugins from India
Zyklon
2016-03-02RSA ConferenceVanja Svajcer
Dissecting Derusbi
Derusbi