[2013] - [2014] - [2015] - [2016] - [2017] - [2018] - [2019] - [2020] - [2021] - [2022] - [2023] - [2024]
- 2024-12-18 -- 2024-12-18: One week of server scans and probes and web traffic
- 2024-12-17 -- 2024-12-17: SmartApeSG injected script leads to NetSupport RAT
- 2024-12-04 -- 2024-12-04: AgentTesla variant using FTP
- 2024-11-24 -- 2024-11-24: "Redtail" bash script for Linux malware
- 2024-11-14 -- 2024-11-14: Raspberry Robin infection using WebDAV server
- 2024-10-23 -- 2024-10-23: Redline Stealer infection
- 2024-10-17 -- 2024-10-17: Two days of server scans and probes and web traffic
- 2024-10-07 -- 2024-10-07: Data Dump (Formbook, possible Astaroth/Guildma, Redline Stealer, unidentified malware)
- 2024-10-03 -- 2024-10-03 - SmartLoader to Lumma Stealer
- 2024-10-01 -- 2024-10-01 - Ukrainian language malspam pushes RMS-based malware
- 2024-09-19 -- 2024-09-19 - File downloader to Lumma Stealer
- 2024-09-17 -- 2024-09-17 - Snake KeyLogger (VIP Recovery), FTP exfil
- 2024-09-16 -- 2024-09-16 - Snake KeyLogger (VIP Recovery), SMTP exfil
- 2024-09-12 -- 2024-09-12 - Approximately 11 days of server scans and probes
- 2024-09-11 -- 2024-09-11 - Data Dump: Remcos RAT and XLoader (Formbook)
- 2024-08-30 -- 2024-08-30 - Approximately 11 days of server scans and probes
- 2024-08-29 -- 2024-08-29 - Phishing email and traffic to fake webmail login page
- 2024-08-26 -- 2024-08-26 - GuLoader for Remcos RAT
- 2024-08-12 -- 2024-08-12 - XLoader/Formbook infection
- 2024-08-08 -- 2024-08-08 - Sixteen days of server scans and probes
- 2024-06-25 -- 2024-06-25 - Latrodectus infection with BackConnect and Keyhole VNC
- 2024-06-24 -- 2024-06-24 - ClickFix popup leads to Lumma Stealer
- 2024-06-17 -- 2024-06-17 - Google ad --> fake unclaimed funds site --> Matanbuchus with Danabot
- 2024-06-12 -- 2024-06-11 - KoiLoader/KoiStealer infection
- 2024-06-11 -- 2024-06-11 - Traffic example of a CVE-2024-4577 probe
- 2024-06-10 -- 2024-06-10 - Malspam pushing OriginLogger (AgentTesla)
- 2024-06-08 -- 2024-06-08 - Three days of server scans and probes
- 2024-04-18 -- 2024-04-18 - Word macro --> SSLoad --> Cobalt Strike
- 2024-04-17 -- 2024-04-17 - TA578 pushes SSLoad malware
- 2024-04-15 -- 2024-04-15 - Contact Forms campaign pushes SSLoad malware as early as 2024-04-11
- 2024-04-09 -- 2024-04-09 - Data dump from Latrodectus infection
- 2024-04-05 -- 2024-04-05 - Data dump from Astaroth (Guildma) malware infection
- 2024-04-04 -- 2024-04-04 - Koi Loader/Stealer activity
- 2024-03-26 -- 2024-03-26 - Google ad leads to Matanbuchus infection with Danabot
- 2024-03-19 -- 2024-03-19 - DarkGate infection
- 2024-03-14 -- 2024-03-14 - AsyncRAT and XWorm infection
- 2024-03-13 -- 2024-03-13 - GootLoader activity
- 2024-03-07 -- 2024-03-07 - Latrodectus infection leads to Lumma Stealer
- 2024-03-06 -- 2024-03-06 - Pikabot infection leads to Meduza Stealer
- 2024-02-23 -- 2024-02-09, 02-22 & 02-23 - Data Dump: Latrodectus from Contact Forms campaign
- 2024-02-21 -- 2024-02-21 - Parrot TDS --> SocGholish --> Async RAT
- 2024-02-14 -- 2024-02-14 - Danabot infection from Italian malspam
- 2024-02-08 -- 2024-02-08 - Pikabot infection
- 2024-01-30 -- 2024-01-30 - DarkGate activity
- 2024-01-25 -- 2024-01-25 - DarkGate activity
- 2024-01-23 -- 2024-01-23 - UltraVNC infection
- 2024-01-19 -- 2024-01-19 - GootLoader infection
- 2024-01-17 -- 2024-01-17 - Malspam pushes WikiLoader
- 2024-01-12 -- 2024-01-12 - Malspam distributing StealC malware
- 2024-01-09 -- 2024-01-09 - Async RAT infection
- 2024-01-08 -- 2024-01-08 - GootLoader infection
Click here to return to the main page.