Malware traffic analysis 2025(12) 2024(54) 2023(100) 2022(90) 2021(87) 2020(148) 2019(148) 2018(277)
2025-07-15 -- Lumma Stealer infection with SecTop RAT
2025-07-08 -- Koi Loader/Koi Stealer infection
2025-07-02 -- Lumma Stealer infection with follow-up Rsockstun malware
2025-06-26 -- Lumma Stealer infection with follow-up malware
2025-06-21 -- Koi Loader/Koi Stealer infection
2025-06-20 -- Malware disgused as cracked version of popular software
2025-06-18 -- SmartApeSG --> ClickFix lure --> NetSupport RAT --> StealC v2
2025-06-10 -- Ten days of scans and probes and web traffic hitting my web server
2025-05-31 -- Ten days of scans and probes and web traffic hitting my web server
2025-05-27 -- VIP Recovery infection from email attachment
2025-05-22 -- StealC v2 infection
2025-05-12 -- PureLogs infection from email attachment
2025-05-06 -- Raspberry Robin activity
2025-04-13 -- Twelve days of scans and probes and web traffic hitting my web server
2025-04-04 -- KongTuke activity
2025-03-26 -- SmartApeSG traffic for fake browser update leads to NetSupport RAT and StealC
2025-03-10 -- Remcos RAT infection
2025-03-03 -- Three days of scans and probes and web traffic hitting my web server
2025-02-18 -- SmartApeSG script for fake browser update leads to NetSupport RAT and StealC
2025-02-13 -- Quick post: ClickFix style infection for Lumma Stealer
2025-02-10 -- StrelaStealer infection
2025-02-07 -- Three days of scans and probes and web traffic hitting my web server
2025-01-31 -- Two pcaps of AgentTesla-style data exfil, one using FTP and one using SMTP
2025-01-30 -- XLoader infection
2025-01-28 -- Malware infection from web inject activity
2025-01-23 -- Fake installer leads to Koi Loader/Koi Stealer
2025-01-21 -- Quick post for Koi Loader/Koi Stealer activity
2025-01-13 -- KongTuke campaign leads to infection abusing BOINC platform
2025-01-09 -- CVE-2017-0199 XLS --> HTA --> VBS --> steganography --> DBatLoader/GuLoader style malware
2025-01-04 -- Four days of scans and probes and web traffic hitting my web server