Malware traffic analysis 2024(23) 2023(100) 2022(90) 2021(87) 2020(148) 2019(148) 2018(277)
2024-06-25 -- 2024-06-25 - Latrodectus infection with BackConnect and Keyhole VNC
2024-06-24 -- 2024-06-24 - ClickFix popup leads to Lumma Stealer
2024-06-17 -- 2024-06-17 - Google ad --> fake unclaimed funds site --> Matanbuchus with Danabot
2024-06-12 -- 2024-06-11 - KoiLoader/KoiStealer infection
2024-06-11 -- 2024-06-11 - Traffic example of a CVE-2024-4577 probe
2024-06-10 -- 2024-06-10 - Malspam pushing OriginLogger (AgentTesla)
2024-06-08 -- 2024-06-08 - Three days of server scans and probes
2024-05-14 -- 2024-05-14 - DarkGate activity
2024-05-09 -- 2024-05-09 - GootLoader activity
2024-04-18 -- 2024-04-18 - Word macro --> SSLoad --> Cobalt Strike
2024-04-17 -- 2024-04-17 - TA578 pushes SSLoad malware
2024-04-15 -- 2024-04-15 - Contact Forms campaign pushing SSLoad malware
2024-04-09 -- 2024-04-09 - Data dump from Latrodectus infection
2024-04-05 -- 2024-04-05 - Data dump from Astaroth (Guildma) malware infection
2024-04-04 -- 2024-04-04 - Koi Loader/Stealer activity
2024-03-26 -- 2024-03-26 - Google ad leads to Matanbuchus infection with Danabot
2024-03-19 -- 2024-03-19 - DarkGate infection
2024-03-14 -- 2024-03-14 - AsyncRAT and XWorm infection
2024-03-13 -- 2024-03-13 - GootLoader activity
2024-03-07 -- 2024-03-07 - Latrodectus infection leads to Lumma Stealer
2024-03-06 -- 2024-03-06 - Pikabot infection leads to Meduza Stealer
2024-02-23 -- 2024-02-09, 02-22 and 02-23 - Data dump: Latrodectus from Contact Forms campaign
2024-02-21 -- 2024-02-21 - Parrot TDS --> SocGholish --> Async RAT
2024-02-14 -- 2024-02-14 - Danabot infection from Italian malspam
2024-02-08 -- 2024-02-08 - Pikabot infection
2024-01-30 -- 2024-01-30 - DarkGate activity
2024-01-25 -- 2024-01-25 - DarkGate activity
2024-01-23 -- 2024-01-23 - UltraVNC infection
2024-01-19 -- 2024-01-19 - GootLoader infection
2024-01-17 -- 2024-01-17 - Malspam pushes WikiLoader
2024-01-12 -- 2024-01-12 - Malspam distributing StealC malware