The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

2022 Recap - Mobile Malware Threat Landscape

Dec 8, 2022 1:23:16 PM / by PolySwarm Tech Team posted in Threat Bulletin, Android, Malware, 2022 Recap, ios, Mobile

0 Comments

Verticals Targeted: Financial, Government, Journalism, Various

Executive Summary

This report is part of PolySwarm’s 2022 Recap series. This edition provides an overview of the 2022 mobile malware threat landscape.

Key Takeaways

  • The 2022 mobile malware threat landscape saw a 500% increase in malware distribution in early 2022, and mobile malware continued to be rampant throughout the year.
  • Some of the attack vectors used by threat actors to distribute mobile malware in 2022 include apps injected with malicious code, zero-click attacks, TOAD, and smashing.
  • Types of mobile malware that were prolific in 2022 include banking trojans, dropper apps, spyware, mobile ransomware, and subscriber trojans.
Read More

W4SP Infostealer

Dec 5, 2022 2:09:46 PM / by PolySwarm Tech Team posted in Threat Bulletin, Infostealer, Discord, W4SP

0 Comments



Executive Summary

Checkmarx recently reported on W4SP, an infostealer malware hidden in tainted PyPi packages.

Key Takeaways

Read More

Royal Ransomware

Dec 1, 2022 1:22:05 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Royal, DEV-0569

0 Comments



Executive Summary

Microsoft recently reported on Royal ransomware, a ransomware family used by the threat actor DEV-0569

Read More

Malware Leverages CAPTCHA to Bypass Browser Warning

Nov 23, 2022 1:00:33 PM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, CAPTCHA, TTPs, Gozi, Ursnif

0 Comments

Related Families: Gozi (Ursnif)
Verticals Targeted: Financial

Executive Summary

Bleeping Computer recently reported on a malware campaign that uses CAPTCHA to bypass browser warnings and deliver Gozi. This technique appears to be a novel TTP for threat actors.

Read More

Phishing and Android Malware Campaign Targets Indian Banks

Nov 21, 2022 1:12:25 PM / by PolySwarm Tech Team posted in Threat Bulletin, Financial, India, Android, Phishing, Elibomi, FakeReward, AxBanker, IcRA, IcSpy

0 Comments

Related Families: Elibomi, FakeReward, AxBanker, IcRAT, IcSpy
Verticals Targeted: Financial

Executive Summary

Trend Micro recently reported on a phishing and Android malware campaign targeting clients of multiple banks in India. The campaign leverages multiple malware families, including Elibomi, FakeReward, AxBanker, IcRAT, and IcSpy.

Read More

Azov Ransomware Built to Wipe Data

Nov 17, 2022 1:36:37 PM / by PolySwarm Tech Team posted in Ukraine, Threat Bulletin, Ransomware, Azov

0 Comments



Executive Summary

Azov ransomware is a recently discovered malware family being distributed through pirated software, keygens, and adware bundles. It acts as a wiper and is capable of backdooring 64-bit executables. It also uses a unique pattern for overwriting files.

Read More

Recent Threats to the Healthcare Vertical

Nov 14, 2022 12:49:52 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Healthcare, Data Theft, Extortion, Data Leak

0 Comments

Verticals Targeted: Healthcare

Executive Summary

Multiple incidents in the last few months highlight the ongoing threats to the Healthcare vertical. These incidents have included data leaks, data theft and extortion, ransomware, and other cyber attacks.

Read More

Android Droppers on Google Play Store Distribute Banking Trojans

Nov 10, 2022 1:42:53 PM / by PolySwarm Tech Team posted in Threat Bulletin, Banking, Financial, Android, Trojan, Sharkbot, Brunhilda, Vultur

0 Comments

Verticals Targeted: Financial

Executive Summary

ThreatFabric recently reported on multiple Android droppers found on the Google Play Store distributing banking trojans.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts