The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

PolySwarm Tech Team

Find me on:

Recent Posts

2023 Recap - Malware Trends and Observations

Dec 22, 2023 11:06:05 AM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, TTPs, 2023 Recap, trends, targeting

0 Comments

Executive Summary

In January, our analysts made various predictions for the 2023 threat landscape. In this report, we present malware trends and observations that correlate with those predictions. 

Read More

Qakbot Threat Actors Distributing Ransom Knight And Remcos

Oct 20, 2023 4:30:11 PM / by PolySwarm Tech Team posted in Threat Bulletin, Qbot, RAT, Remcos RAT, Ransom Knight, Qakbot

0 Comments

Executive Summary

Threat actors affiliated with Qakbot were observed distributing Ransom Knight ransomware and Remcos RAT.

Read More

Cyberstance promoted to Arbiter in the PolySwarm Marketplace

Mar 22, 2023 12:46:51 PM / by PolySwarm Tech Team posted in Partner, Engine, Arbiter

0 Comments



“We are excited to promote Cyberstanc as the next Arbiter in the PolySwarm Marketplace. The Cyberstanc Engine has proven itself in the PolySwarm Marketplace to be reliable and accurate for the past 2.5 years. Their unique malware detection and threat intelligence insights will continue to support PolySwarm’s crowdsourced ecosystem of innovative anti-malware engines in their fight against malware.” - Steve Bassi, CEO of PolySwarm.

AI-driven cybersecurity company, Cyberstanc’s Engine joined PolySwarm’s Marketplace on Oct 29, 2020. Since then, their threat detection engine has proven to accurately and reliably detect malware. And as a result, they have earned the role of Arbiter. Cyberstanc’s new role within the platform will be to arbitrate on engine determinations to establish ‘ground truth,’ which means making a final decision on the maliciousness of submitted samples 2 to 3 weeks after first being scanned.

As pioneers in malware detection and mitigation strategies, our partnership with PolySwarm has led to a more secure digital world. Our exceptional capabilities in detecting and preventing malicious attacks as an arbiter ensure a collaborative ecosystem for malware analysis. Our reliable threat detection engine enables us to make final decisions on tracking APT groups and detecting new malware, providing customers with a rapid response to new and evasive threats.- Rohit Bankoti, Cyberstanc Founder and COO.

About Cyberstanc

Cyberstanc is a product-based company in the field of cybersecurity that provides managed security services. Cyberstanc continues to work to address some of the biggest security challenges, with constant innovations and the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. Cyberstanc specializes in the safe simulation of cyber-attacks, threats, tactics, and procedures with cutting-edge technology. Learn more at www.cyberstanc.com.

About PolySwarm

Staying ahead of emerging malware threats is the best way to protect your business. Yet the increasing magnitude and sophistication of malware attacks is an ongoing challenge. By tapping into PolySwarm’s next-generation malware intelligence marketplace, you get better insight faster, so you can cut through extraneous, inaccurate data to detect, analyze, and respond to the most critical threats before they can make an impact.

PolySwarm’s first-of-its-kind marketplace focuses on democratizing malware intelligence by using a blockchain backend to compensate both the researcher-based malware engines and ongoing sources of new malware samples. The result of this compensation model is that it enables you to prioritize, focus, and scale your cybersecurity efforts with unprecedented speed and accuracy. For more information, please visit polyswarm.ioor try PolySwarm free at polyswarm.network

Read More

Fake Cracked Software Sites Delivering Stealers

Jan 24, 2023 11:02:41 AM / by PolySwarm Tech Team posted in Threat Bulletin, Stealer, Infostealer, Racoon

0 Comments

Related Families: Raccoon, Vidar

Executive Summary

Sekoia recently reported on a campaign leveraging fake cracked software sites to deliver information stealers, including Raccoon and Vidar.

Read More

PolySwarm's 2023 Analyst Predictions

Jan 12, 2023 12:57:24 PM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, 2023, Predictions, Threat Landscape

0 Comments



Executive Summary

This threat bulletin features PolySwarm analysts’ predictions for the 2023 threat landscape.


Key Takeaways

Read More

Godfather Android Banking Trojan

Jan 5, 2023 12:27:16 PM / by PolySwarm Tech Team posted in Threat Bulletin, Banking, Android, Trojan, Mobile, Godfather

0 Comments

Related Families: Anubis
Verticals Targeted: Financial

Read More

PolySwarm 2022 Recap - Threat Actor Activity Highlights: Russia

Dec 29, 2022 3:17:20 PM / by PolySwarm Tech Team posted in Russia, Threat Bulletin, APT, Europe, 2022 Recap

0 Comments



Executive Summary

This Threat Bulletin is part of PolySwarm’s 2022 Recap series. This report provides highlights of activity perpetrated by Russia-based threat actors in 2022. Russian APT activity in 2022 was heavily focused on targeting Ukraine for espionage and sabotage due to the ongoing Russia-Ukraine conflict. While the Russian cyber threat landscape includes a wide variety of ransomware and cybercrime threat actors, we have limited the scope of this report to state-sponsored threat actor activity.

Key Takeaways

  • This report highlights activity perpetrated by Russia-based APT threat actors in 2022.
  • Threat actors featured in this report include Cozy Bear, Fancy Bear, Energetic Bear, Venomous Bear, Primitive Bear, VooDoo Bear, Ember Bear, Saint Bear, UAC-0041, UAC-0088, and UAC-0098.
  • PolySwarm tracked malware associated with multiple Russia nexus threat actors in 2022. 
Read More

PolySwarm 2022 Recap - Threat Actor Activity Highlights: China

Dec 27, 2022 11:35:41 AM / by PolySwarm Tech Team posted in Threat Bulletin, China, 2022 Recap, Asia, APAC

0 Comments



Executive Summary

This Threat Bulletin is part of PolySwarm’s 2022 Recap series. This report provides highlights of activity perpetrated by China-based threat actors in 2022.

Key Takeaways

  • This report highlights activity perpetrated by China-based threat actors in 2022.
  • Threat actors featured in this report include Keyhole Panda, Stone Panda, Deep Panda, Twisted Panda, Vixen Panda, Pirate Panda, Aquatic Panda, Wicked Panda, Mustang Panda, Emissary Panda, Kryptonite Panda, Lotus Panda, TA410, Red Menshen, Scarab, Aoquin Dragon, and Lotus Blossom.
  • PolySwarm tracked malware associated with multiple China nexus threat actors in 2022.
Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts