Related Families: WhiteSnake, Meduza
Verticals Targeted: Finance, Business Administration
BabbleLoader
Nov 29, 2024 12:54:44 PM / by The Hivemind posted in Threat Bulletin, Loader, BabbleLoader, Meduza, WhiteSnake, Donut Loader
HellDown Ransomware Linux Variant
Nov 25, 2024 1:39:46 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, Emerging Threat, ESXi, HellDown
PXA Stealer
Nov 22, 2024 1:54:18 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, PXA Stealer, Vietnam
Verticals Targeted: Government, Education
Executive Summary
PXA Stealer was used in an information-stealing campaign targeting entities in the government and education sectors, located in Europe and Asia.
Ymir Ransomware
Nov 18, 2024 2:19:58 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Extortion, RustyStealer, Ymir
Related Families: RustyStealer
Executive Summary
Ymir is a new ransomware family that was recently observed encrypting systems previously compromised by RustyStealer. PolySwarm analysts consider Ymir to be an emerging threat.
HellCat Ransomware Targets Energy Giant Schneider Electric
Nov 15, 2024 12:52:13 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Ransomware, Energy, Emerging Threat, Evolving Threat
Related Families: HellDown
Verticals Targeted: Energy
Executive Summary
HellCat ransomware recently targeted French energy giant Schneider Electric. PolySwarm analysts consider HellCat to be an emerging threat.
ToxicPanda Android Banking Trojan
Nov 12, 2024 12:41:07 PM / by The Hivemind posted in Threat Bulletin, Android, Mobile, Banker, Banking Trojan, ToxicPanda, TgToxic
Related Families: TgToxic
Verticals Targeted: Financial
Executive Summary
ToxicPanda is an Android banking trojan that was first seen in the wild in October 2024. It allows threat actors to steal a victim’s money via account takeover (ATO) using On-Device Fraud (ODF).
NotLockBit Ransomware Targets MacOS
Nov 8, 2024 1:45:18 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Windows, LockBit, MacOS, NotLockBit
Executive Summary
NotLockBit is a ransomware family that mimics LockBit. NotLockBit is unique in that it is one of the first fully functional ransomware families to target MacOS systems.
FASTCash Linux Variant
Nov 4, 2024 1:04:08 PM / by The Hivemind posted in Threat Bulletin, Linux, FastCash, Payment Switch
Verticals Targeted: Financial