WOKMALWARE Backdoor
HOME Android App Apple APT Backdoor Banking Bootkit Bot CoinMiner Crypto Cryptomining CyberSpy Downloader Dropper ELF FUD Engine GO base InfoStealer iOS Java JavaScript Keylogger Loader macOS Macro OSX PyPI Python RAT Rootkit Spy Spyware Stealer Tool Trojan VBA VBS Wipper Worm
|
DATE |
NAME |
CATEGORY |
SUBCATE |
INFO |
|
20.7.24 |
BUGSLEEP | MALWARE | Backdoor | BugSleep is a backdoor designed to execute the threat actors’ commands and transfer files between the compromised machine and the C&C server. |
|
3.7.24 | HappyDoor | MALWARE | Backdoor | Kimsuky Group's New Backdoor Appears (HappyDoor) |
|
3.7.24 | Xctdoor | MALWARE | Backdoor | Xctdoor Malware Used in Attacks Against Korean Companies (Andariel) |
| 17.6.24 | BadSpace | MALWARE | Backdoor | Backdoor BadSpace delivered by high-ranking infected websites |
| 13.6.24 | WARMCOOKIE | MALWARE | Backdoor | Dipping into Danger: The WARMCOOKIE backdoor |
| 11.6.24 | More_eggs | MALWARE | Backdoor | More_eggs Activity Persists Via Fake Job Applicant Lures |
|
18.5.24 |
Springtail | Malware | Backdoor | More than one legitimate software package was modified to deliver malware in North Korean group’s recent campaign against South Korean organizations. |
|
3.5.24 |
Backdoor |
Playing Possum: What's the Wpeeper Backdoor Up To? |
||
| 19.4.24 | CR4T | Malware | Backdoor | CR4t Malware: A Shape-Shifting Threat — Threat Intelligence Report |
| 18.4.24 | MadMxShell | Malware | Backdoor | Malvertising campaign targeting IT teams with MadMxShell |
| 18.4.24 | Kapeka | Malware | Backdoor | Kapeka: A novel backdoor spotted in Eastern Europe |
| 10.4.24 | Smoke | Malware | Backdoor | Smoke and (screen) mirrors: A strange signed backdoor |
| 2.4.24 | XZ Backdoor | Malware | Backdoor | Everything I Know About the XZ Backdoor |
| 2.4.24 | UNAPIMON | Malware | Backdoor | Earth Freybug Uses UNAPIMON for Unhooking Critical APIs |
|
18.3.24 |
Backdoor |
X-Force’s analysis revealed that OCEANMAP has a strong overlap in both technique and .NET implementation. Several of the functions used in OCEANMAP were repurposed from the original CREDOMAP stealer and used as a base to build the new persistent backdoor. |
||
| 11.3.24 | BianDoor | Malware | Backdoor | |
|
2.3.24 |
Backdoor |
GTPDOOR - A novel backdoor tailored for covert access over the roaming exchange |
||
|
1.3.24 |
Backdoor |
A custom backdoor written in C++ capable of file exfiltration and upload, command execution, and more. Communicates using Azure cloud infrastructure. |
||
|
1.3.24 |
Backdoor |
A custom backdoor that provides a more flexible code-execution interface and enhanced reconnaissance features compared to MINIBIKE |
||
|
1.3.24 |
Backdoor |
A tunneler, likely based on an open-source Socks4a proxy, that communicates using Azure cloud infrastructure |
||
|
21.2.24 |
Backdoor |
Sysjoker is a backdoor malware that was first discovered in December 2021 by Intezer. |
||
|
19.2.24 |
Backdoor |
Through its managed security services offerings, Volexity routinely identifies spear-phishing campaigns targeting its customers. |
||
|
17.2.24 |
Backdoor |
According to CERT-UA, this malware makes use of XSLT (Extensible Stylesheet Language Transformations) and COM-hijacking. |
||
|
17.2.24 |
Backdoor |
TinyTurla Next Generation - Turla APT spies on Polish NGOs |
||
|
17.2.24 |
Backdoor |
Ivanti Connect Secure: Journey to the core of the DSLog backdoor |
||
|
10.2.24 |
Backdoor |
New MacOS Backdoor Written in Rust Shows Possible Link with Windows Ransomware Group |
||
|
9.2.24 |
Backdoor |
New Zardoor backdoor used in long-term cyber espionage operation targeting an Islamic organization |
||
|
7.2.24 |
Backdoor |
According to Mandiant, this malware family is attributed to potential chinese background and its Linux variant is related to exploitation of Fortinet's SSL-VPN (CVE-2022-42475). |
||
|
3.2.24 |
Backdoor |
ITG05 operations leverage Israel-Hamas conflict lures to deliver Headlace malware |
||
|
3.2.24 |
Backdoor |
Securonix Threat Research Security Advisory: Analysis and Detection of STEADY#URSA Attack Campaign Targeting Ukraine Military Dropping New Covert SUBTLE-PAWS PowerShell Backdoor |
||
|
2.2.24 |
Backdoor |
HeadCrab 2.0: Evolving Threat in Redis Malware Landscape |
||
|
1.2.24 |
Backdoor |
Mandiant has observed UNC4990 leverage EMPTYSPACE (also known as VETTA Loader and BrokerLoader), a downloader that can execute any payload served by the command and control (C2) server, and QUIETBOARD, which is a backdoor that was delivered using EMPTYSPACE. |
||
|
29.1.24 |
Backdoor |
LODEINFO is a fileless malware that has been observed in campaigns that start with spear-phishing emails since December 2019. |
||