Malpedia Library

Click here to download all references as Bib-File.•

2025-07-02 ⋅ CrowdStrike ⋅ Counter Adversary Operations
CrowdStrike Services Observes SCATTERED SPIDER Escalate Attacks Across Industries

2025-06-29 ⋅ Medium Sapir Twig ⋅ Sapir Twig
Inside DarkGate: In-Depth Technical Analysis of the Malware-as-a-Service Threat
DarkGate

2025-06-05 ⋅ FBI ⋅ FBI
Alert Number: I-060525-PSA - Home Internet Connected Devices Facilitate Criminal Activity
BADBOX

2025-05-28 ⋅ Darktrace ⋅ Tara Gould
PumaBot: Novel Botnet Targeting IoT Surveillance Devices
PumaBot

2025-05-22 ⋅ Sekoia ⋅ Félix Aime, Jeremy Scion
ViciousTrap – Infiltrate, Control, Lure: Turning edge devices into honeypots en masse.

2025-05-07 ⋅ FBI ⋅ FBI
Cyber Criminal Services Target End-of-Life Routers to Launch Attacks and Hide Their Activities
TheMoon

2025-05-07 ⋅ FBI ⋅ FBI
Alert Number: I-050725-PSA Cyber Criminal Proxy Services Exploiting End of Life Routers
TheMoon

2025-05-06 ⋅ Akamai ⋅ Kyle Lefton
Here Comes Mirai: IoT Devices RSVP to Active Exploitation
LZRD

2025-04-29 ⋅ ⋅ France Diplomatie ⋅ France Diplomatie
Russia – Assignment of cyber attacks against France to the Russian military intelligence service (APT28) (29 April 2025)

2025-04-25 ⋅ Censys ⋅ Censys
The Persistent Threat of Salt Typhoon: Tracking Exposures of Potentially Targeted Devices
MASOL

2025-04-17 ⋅ FORTRA ⋅ Max Ickert
Threat Actor Profile: SheByte Phishing-as-a-Service

2025-04-16 ⋅ Intel 471 ⋅ Intel 471
LabHost: A defunct but potent phishing service

2025-04-06 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Target espionage activity UAC-0226 in relation to the centers of innovation, state and law enforcement services using the GIFTEDCROOK (CERT-UA#14303)
GIFTEDCROOK UAC-0226

2025-04-01 ⋅ Hunt.io ⋅ Hunt.io
Same Russian-Speaking Threat Actor, New Tactics: Abuse of Cloudflare Services for Phishing and Telegram to Filter Victim IPs
Pyramid

2025-03-28 ⋅ ThreatFabric ⋅ ThreatFabric
Exposing Crocodilus: New Device Takeover Malware Targeting Android Devices
Crocodilus

2025-03-13 ⋅ EclecticIQ ⋅ Arda Büyükkaya
Inside BRUTED: Black Basta (RaaS) Members Used Automated Brute Forcing Framework to Target Edge Network Devices
Black Basta

2025-03-05 ⋅ HUMAN ⋅ Adam Sell, Aviad Kaiserman, Gabi Cirlig, Inna Vasilyeva, Joao Marques, João Santos, Lindsay Kaye, Louisa Abel, Maor Elizen, Mikhail Venkov, Nico Agnese, Vikas Parthasarathy, Will Herbig
Satori Threat Intelligence Disruption: BADBOX 2.0 Targets Consumer Devices with Multiple Fraud Schemes
BADBOX

2025-02-28 ⋅ Greynoise ⋅ Noah Stone
New DDoS Botnet Discovered: Over 30,000 Hacked Devices, Majority of Observed Activity Traced to Iran
Mirai

2025-02-13 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Storm-2372 conducts device code phishing campaign
Storm-2372

2025-02-13 ⋅ Volexity ⋅ Charlie Gardner, Steven Adair, Tom Lancaster
Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication