Date Author Title
2025-06-02Xavier MertensSimple SSH Backdoor
2024-11-17Johannes UllrichAncient TP-Link Backdoor Discovered by Attackers
2024-04-01Bojan ZdrnjaThe amazingly scary xz sshd backdoor
2023-09-30Xavier MertensSimple Netcat Backdoor in Python Script
2023-06-09Xavier MertensUndetected PowerShell Backdoor Disguised as a Profile File
2023-03-18Xavier MertensOld Backdoor, New Obfuscation
2023-02-09Xavier MertensA Backdoor with Smart Screenshot Capability
2022-10-07Xavier MertensPowershell Backdoor with DGA Capability
2022-05-09Xavier MertensOctopus Backdoor is Back with a New Embedded Obfuscated Bat File
2022-03-18Johannes UllrichScans for Movable Type Vulnerability (CVE-2021-20837)
2021-12-15Xavier MertensSimple but Undetected PowerShell Backdoor
2021-11-21Didier StevensBackdooring PAM
2021-11-08Xavier Mertens(Ab)Using Security Tools & Controls for the Bad
2021-07-02Xavier Mertens"inception.py"... Multiple Base64 Encodings
2021-05-28Xavier MertensMalicious PowerShell Hosted on script.google.com
2020-12-24Xavier MertensMalicious Word Document Delivering an Octopus Backdoor
2020-12-10Xavier MertensPython Backdoor Talking to a C2 Through Ngrok
2020-11-25Xavier MertensLive Patching Windows API Calls Using PowerShell
2020-07-11Guy BruneauScanning Home Internet Facing Devices to Exploit
2018-12-16Guy BruneauRandom Port Scan for Open RDP Backdoor
2018-06-13Xavier MertensA Bunch of Compromized Wordpress Sites
2018-03-05Xavier MertensMalicious Bash Script with Multiple Features
2017-09-18Xavier MertensCCleaner 5.33 compromised - http://www.piriform.com/news/release-announcements/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users
2017-09-14Xavier MertensAnother webshell, another backdoor!
2017-05-12Xavier MertensWhen Bad Guys are Pwning Bad Guys...
2017-02-28Xavier MertensAnalysis of a Simple PHP Backdoor
2016-01-21Jim ClausingScanning for Fortinet ssh backdoor
2015-06-26Daniel WesemannCisco default credentials - again!
2014-07-08Johannes UllrichHardcoded Netgear Prosafe Switch Password
2014-07-02Johannes UllrichCisco Unified Communications Domain Manager Update
2014-01-10Basil Alawi S.TaherCisco Small Business Devices backdoor fix
2014-01-02Johannes UllrichScans Increase for New Linksys Backdoor (32764/TCP)
2013-12-24Daniel WesemannUnfriendly crontab additions
2013-12-16Tom WebbThe case of Minerd
2013-11-05Daniel WesemannIs your vacuum cleaner sending spam?
2012-05-18Johannes UllrichZTE Score M Android Phone backdoor
2011-07-04Deborah HaleVSFTP Backdoor in Source Code
2010-12-15Johannes UllrichOpenBSD IPSec "Backdoor"
2010-12-02Kevin JohnsonProFTPD distribution servers compromised
2010-08-30Adrien de BeaupreApple QuickTime potential vulnerability/backdoor
2009-10-05Adrien de BeaupreCyber Security Awareness Month - Day 5 port 31337