Related Families: RustyStealer
Related Families: HellDown
Verticals Targeted: Energy
Executive Summary
HellCat ransomware recently targeted French energy giant Schneider Electric. PolySwarm analysts consider HellCat to be an emerging threat.
Related Families: TgToxic
Verticals Targeted: Financial
Executive Summary
ToxicPanda is an Android banking trojan that was first seen in the wild in October 2024. It allows threat actors to steal a victim’s money via account takeover (ATO) using On-Device Fraud (ODF).
Executive Summary
NotLockBit is a ransomware family that mimics LockBit. NotLockBit is unique in that it is one of the first fully functional ransomware families to target MacOS systems.
Verticals Targeted: Financial
Executive Summary
A Linux variant of FASTCash “payment switch” malware was recently discovered. This malware is typically used by North Korea nexus threat actor groups to make unauthorized cash withdrawals from ATMs.
Verticals Targeted: Aerospace, Manufacturing, Professional Services, Scientific and Technical Services, Retail, Construction, Insurance, Telecommunications, Hospitality, and Legal Services
Executive Summary
Akira ransomware is one of the most prolific ransomware families of 2024. Active in the wild since April 2023, Akira has continued to evolve, maintaining its relevance on the threat landscape.
PolySwarm launched in 2018 with the Nectar (NCT) token, an ERC-20 token empowering cybersecurity professionals and enterprises to actively contribute and participate in our threat detection marketplace. The distribution of NCT reflects PolySwarm’s commitment to building a decentralized, community-driven platform. This post describes PolySwarm’s token allocations at launch and the token’s role within the cybersecurity ecosystem.
Related Families: BazarLoader, BazaLoader