Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-06-04ThreatrayAbdallah Elshinbary, Jonas Wagner, Konstantin Klinger, Nick Attfield
The Bitter End: Unraveling Eight Years of Espionage Antics – Part Two
AlmondRAT AlmondRAT Artra Downloader BDarkRAT Havoc KiwiStealer KugelBlitz MiyaRAT ORPCBackdoor WmRAT ZxxZ
2025-06-04ProofpointAbdallah Elshinbary, Jonas Wagner, Konstantin Klinger, Nick Attfield
The Bitter End: Unraveling Eight Years of Espionage Antics—Part One
Artra Downloader Havoc
2025-05-09US Department of JusticeU.S. Attorney's Office, Northern District of Oklahoma
Botnet Dismantled in International Operation, Russian and Kazakhstani Administrators Indicted
TheMoon
2025-05-07US Department of JusticeU.S. Attorney's Officea Northern District of Oklahoma
Case 4:25-cr-00160-JDR: Indictment of Alexey Viktorovich Chertkov, Kirill Vladimirovich Morozov, Aleksandr Aleksandrovich Shishkin and Dmitriy Rubtsov
TheMoon
2025-03-31ZscalerMuhammed Irfan V A
Analyzing New HijackLoader Evasion Tactics
HijackLoader
2024-12-17ProofpointDavid Galazin, Konstantin Klinger, Nick Attfield, Pim Trouerbach
Hidden in Plain Sight: TA397’s New Attack Chain Delivers Espionage RATs
MiyaRAT WmRAT HAZY TIGER
2024-11-18KrollDave Truman, George Glass
CARBANAK (aka ANUNAK) Distributed via IDATLOADER (aka HIJACKLOADER)
Carbanak HijackLoader
2024-11-13BitdefenderMartin Zugec
ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again
ShrinkLocker
2024-10-11HarfangLabAlice Climent-Pommeret
HijackLoader evolution: abusing genuine signing certificates
HijackLoader
2024-09-26Palo Alto Networks Unit 42Daniel Frank, Lior Rochberger
Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy
FPSpy KLogEXE Kimsuky
2024-09-10StacklokStacklok
Dependency hijacking: Dissecting North Korea’s new wave of DeFi-themed open source attacks targeting developers
BeaverTail InvisibleFerret
2024-08-30TRUESECMattias Wåhlén, Nicklas Keijser
Dissecting the Cicada
Cicada3301
2024-08-22MandiantAaron Lee, Praveeth DSouza
PEAKLIGHT: Decoding the Stealthy Memory-Only Malware
CryptBot Emmenhtal HijackLoader Lumma Stealer
2024-07-10AkamaiAllen West, Kyle Lefton, Sam Tinklenberg
CVE-2024-4577 Exploits in the Wild One Day After Disclosure
Tsunami Ghost RAT xmrig
2024-06-19FortinetPei Han Liao
Fickle Stealer Distributed via Multiple Attack Chain
Fickle Stealer
2024-05-30Cisco TalosAsheer Malhotra
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader
purpleink LilacSquid
2024-05-06ZscalerMuhammed Irfan V A
HijackLoader Updates
HijackLoader
2024-02-07MalwarebytesMark Stockley
How to tell if your toothbrush is being used in a DDoS attack
2024-02-07CrowdStrikeDonato Onofri, Emanuele Calvelli
HijackLoader Expands Techniques to Improve Defense Evasion
HijackLoader
2023-10-23SarlackLabJohn Faria
Advice For Catching a RedLine Stealer
RedLine Stealer