The PolySwarm Blog

Executive Summary

Banshee is a stealer that targets MacOS systems. The latest variant of Banshee uses a string encryption algorithm that is the same as the one used in Apple’s Xprotect antivirus engine for MacOS systems.

Executive Summary

An infostealer, dubbed “FakePOC”, was recently observed masquerading as an LDAPNightmare proof of concept (PoC) exploit.

Executive Summary

FireScam is a sophisticated Android malware family that is disguised as a Telegram Premium app. It has both infostealer and spyware capabilities.

Executive Summary

In this report, PolySwarm analysts chose fifteen standout malware families for the 2024 Malware Hall of Fame. A small selection of IOCs of our most recent samples of each family are provided as well.

Executive Summary

This Threat Bulletin is part of PolySwarm’s 2024 Recap series. This report provides highlights of activity perpetrated by Russia-based threat actors in 2024.

Executive Summary

This Threat Bulletin is part of PolySwarm’s 2024 Recap series. This report provides highlights of activity perpetrated by Iran-based threat actors in 2024.

Executive Summary

This Threat Bulletin is part of PolySwarm’s 2024 Recap series. This report highlights the activity perpetrated by North Korea-based threat actors in 2024.

Verticals Targeted: Manufacturing, Finance, Transportation, Legal Services, Healthcare, Defense, Business Services

Executive Summary

Black Basta is a ransomware group that rose in the aftermath of the dissolution of Conti ransomware in 2022. In recent months, Black Basta has begun using tactics that are reminiscent of nation-state threat actor tactics and has shifted from opportunistic targeting to more refined, strategic targeting.