The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

YoroTrooper Targeting Energy & Government Entities

Cyberstance promoted to Arbiter in the PolySwarm Marketplace

Exfiltrator-22 Framework

IceFire Ransomware Linux Variant

SysUpdate Linux Variant

BlackLotus UEFI Bootkit

Parallax RAT Targeting Crypto

Royal Ransomware Linux Variant

Cl0p Linux Variant

MortalKombat Ransomware Used in Recent Campaign

ESXiArgs Ransomware

Pro-Palestine Group Targets Israeli Chemical Sector

Emotet’s New TTPs

Mimic Ransomware

Roaming Mantis Wroba.o Android Malware

Hook Android Banking Trojan

Malicious Lolip0p PyPI Packages Drop Wacatac

Fake Cracked Software Sites Delivering Stealers

Recent Turla Activity Targeting Ukraine

Consulate Health Ransomware attack

2023 Malware to Watch

PolySwarm's 2023 Analyst Predictions

Godfather Android Banking Trojan

PolySwarm 2022 Recap - Threat Actor Activity Highlights: Russia

PolySwarm 2022 Recap - Threat Actor Activity Highlights: China

PolySwarm 2022 Recap - Threat Actor Activity Highlights: North Korea

PolySwarm 2022 Recap - Threat Actor Activity Highlights: Iran

PolySwarm 2022 Recap - War of the Wipers

PolySwarm 2022 Recap - Threats to the Gaming Industry

2022 Recap - Mobile Malware Threat Landscape

W4SP Infostealer

Royal Ransomware

Malware Leverages CAPTCHA to Bypass Browser Warning

Phishing and Android Malware Campaign Targets Indian Banks

Azov Ransomware Built to Wipe Data

Recent Threats to the Healthcare Vertical

Android Droppers on Google Play Store Distribute Banking Trojans

Winnti Targets Hong Kong With Spyder Loader

Prestige Ransomware

SideWinder WarHawk Backdoor

Cyber Threats to Aviation and Aerospace

Earth Aughisky's Malware Arsenal

Emotet Observed Using New TTPs

RatMilad Android Spyware

Harly Android Trojan Subscriber

North Korean Threat Actors Living Off the Land

NullMixer Drops Multiple Malware Families

SideWalk Linux Variant

Deadbolt Ransomware

BianLian Ransomware

New Armageddon Activity Targets Ukraine

Kimsuky GoldDragon C2 Cluster

Shikitega Linux Malware

DarkAngels Linux Ransomware

Charming Kitten Hyperscrape Tool

Agenda Ransomware

Lightning Framework


Bumblebee Loader

RapperBot Targets IoT

Mars Stealer Malware Targeting Crypto

Woody RAT Targets Russia

Manjusaka Framework

Luca Stealer

Lilith Ransomware

Raspberry Robin

PennyWise Infostealer Targets Crypto and Browsers

APT 29 Using Brute Ratel

Recent Ransomware Threats to Healthcare

HavanaCrypt Distributed Via Fake Google Software Update

Lockbit 3.0

New Hive Ransomware Rust Variant

SessionManager Targets Governments and NGOs

Black Basta Ransomware

Cerber2021 Targets Windows and Linux

PingPull Targets Telecom, Government, and Financial Verticals

Lyceum .NET DNS Backdoor “DnsSystem”

Symbiote Linux Malware

Pymafka Targets macOS, Windows, Linux

Enemybot IoT Malware

Follina MSDT Vulnerability (CVE-2022-30190)

PolySwarms New Hunt Functionality

New ArguePatch Variant Spotted

Cryware Targets Crypto Wallets

Space Pirates Target Russian Aerospace

BPFDoor Targets Linux Systems

Armageddon Leverages New Pterodo Variants

Lazarus Group Targets Crypto With TraderTraitor

IcedID and Zimbra Exploits Target Ukrainian Government Entities

Denonia Cryptominer Targets AWS Lambda

Industroyer2 Targets Ukrainian Energy Company

Borat RAT - A Triple Threat

AcidRain Wiper

Serpent Backdoor

BlackCat Ransomware

Surtr Ransomware

Nokoyawa Ransomware


AvosLocker Ransomware

Muddy Water Uses SloughRAT in Recent Campaigns

RedLine Stealer Delivered Via Fake Windows 11 Update


Jester Stealer

HermeticWiper & IsaacWiper Target Ukraine

Daxin Backdoor

Sugar Ransomware Targets Individuals Instead of Enterprises

BlackByte Ransomware Targets Critical Infrastructure

Wicked Panda’s ShadowPad RAT

Russian Websites Down As Russia Fears Critical Infrastructure Attacks

DDoS Attacks and New Wiper Malware Target Ukraine

Mythic Leopard Uses CapraRAT to Target Indian Government Officials

PolySwarm Threat Bulletin: US and European Banks Fear Russian Cyber Attack

PolySwarm Threat Bulletin: Molerats NimbleMamba Espionage Campaign Targeting MENA Countries

PolySwarm Threat Bulletin: Lazarus APT’s LolZarus Campaign Targets Defense Contractor

PolySwarm Threat Bulletin: Armageddon Activity Targeting Ukraine

Russia-Ukraine Conflict and Cyberwar Implications

NectarNet - NCT Token Rewards for Cyber Security Data

SecondWrite joins the PolySwarm marketplace

Emotet Banking Trojan Back in Action

QiAnXin joins the PolySwarm marketplace

Why a New Engine Creation and Management Architecture?

Security Telemetry: New utility use for Nectar (NCT)

SentinelOne joins the PolySwarm marketplace

Kaspersky joins PolySwarm’s marketplace as an arbiter

Progress to date and key milestones ahead

How to buy PolySwarm Nectar using Uniswap

Notice of coming changes for Engine developers

Inlyse joins the PolySwarm threat intelligence marketplace

Cyberstanc joins the PolySwarm threat intelligence marketplace

Initial Technical Analysis of EventBot Versions -

Introducing PolyScore™, the most advanced threat scoring algorithm for malware

TeamT5's ThreatVision APT detection engine joins PolySwarm's marketplace

Join PolySwarm and Pacific Hackers Meetup for a digital event

PolySwarm now integrated with leading SOAR platform ThreatConnect

PolySwarm engine spotlight: researcher-driven engines detecting new and emergent malware

Telegram users can now use PolySwarm’s free, automated malware detection bot to guard against cyber threats

PolySwarm adds “Emerging Threats” feed, includes stream for COVID-19 malware samples

PolySwarm provides latest enhancement to Basis Technology's incident response solution, Cyber Triage™

PolySwarm Communities: Public vs Private

PolySwarm and Anomali integration: malware intelligence and enrichment APIs for ThreatStream

SecureBrain joins the PolySwarm threat intelligence marketplace

Connect with PolySwarm at RSA Conference 2020: visit the booth, schedule a meeting or let’s grab a drink!

Video: How to use PolySwarm's free command line interface to get intel on malware

A message from PolySwarm Founder / CEO Steve Bassi: a look back at 2019 and what's coming in 2020

Quttera joins the PolySwarm threat detection marketplace

Latest samples of ZeroCleare, Iranian state-sponsored malware, available on PolySwarm

Emotet's Christmas-themed phishing email ramps up - get hashes and file details in PolySwarm

Latest Emotet malware samples and IOCs

Ginp banking Trojan actively targeting banks: here's what you need to know, plus free malware samples

Cybersecurity leader joins PolySwarm's executive team as Chief Revenue Officer

PolySwarm now integrated with Demisto’s SOAR platform

PolySwarm now integrates with Splunk Phantom

Video: PolySwarm walkthrough - malware scanning and searching in PolySwarm UI

Free malware sample downloads, now available from PolySwarm

How to use PolySwarm to get threat intel on “Divergent” fileless malware

Dark Theme in PolySwarm UI has arrived

Max Secure Software joins the PolySwarm threat marketplace

Introducing Virusdie, a powerhouse URL scanner on PolySwarm

Get better threat intelligence with Metadata Searching in PolySwarm

Latest phishing scam uses sneaky Google Calendar invite to bait potential victims with promise of iPhone

URL Scanning now available in PolySwarm

Keynote from PolySwarm CTO at DEF CON: Blockchain-Security Symbiosis

Welcome to the PolySwarm Blog

"A legitimately fascinating concept": Risky Business podcast on the PolySwarm marketplace

Video: An interview with PolySwarm CEO on the PolySwarm marketplace

PolySwarm at Black Hat / DEF CON 2019: Keynote speaker + VIP party

Using PolySwarm Threat Hunting and Metadata Searching for intel on 0-days

Introducing the first ever 'threat bounty'

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts