The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

PolySwarm Tech Team

Find me on:

Recent Posts

GwisinLocker

Aug 29, 2022 2:33:33 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, GwisinLocker, South Korea

0 Comments

Verticals Targeted: pharmaceutical, healthcare, industrial

Executive Summary

Ahnlab recently reported on GwisinLocker, a multi-platform ransomware targeting multiple verticals in South Korea.

Read More

Bumblebee Loader

Aug 25, 2022 1:48:41 PM / by PolySwarm Tech Team posted in Threat Bulletin, Loader, BazarLoader, BazarBackdoor, Bumblebee, BazaLoader

0 Comments

Related Families: BazarLoader, BazaLoader, Conti, BazarBackdoor, Trickbot, Diavol, Sliver, Bokbot, Meterpreter, Cobalt Strike

Verticals Targeted: Multiple

Executive Summary

Earlier this month, Palo Alto’s Unit 42 reported on recent activity leveraging Bumblebee. Unit 42 observed activity by multiple threat actors, including Projector Libra.

Read More

RapperBot Targets IoT

Aug 22, 2022 3:09:40 PM / by PolySwarm Tech Team posted in Threat Bulletin, Linux, IoT, SSH, Mirai, RapperBot

0 Comments



Executive Summary

FortiGuard Labs recently reported on RapperBot, a malware family with a built-in capability to brute force credentials and gain access to SSH servers.

Read More

Mars Stealer Malware Targeting Crypto

Aug 18, 2022 12:04:52 PM / by PolySwarm Tech Team posted in Threat Bulletin, Stealer, Cryptocurrency, Atomic Wallet, Mars stealer

0 Comments



Executive Summary

A malware researcher on Twitter, @ViriBack, recently discovered a fake Atomic Wallet site distributing Mars Stealer.

Key Takeaways

Read More

Woody RAT Targets Russia

Aug 15, 2022 2:18:29 PM / by PolySwarm Tech Team posted in Russia, Threat Bulletin, Woody RAT, RAT

0 Comments



Executive Summary

Malwarebytes recently reported on Woody RAT, a RAT being used to target entities in Russia.

Read More

Manjusaka Framework

Aug 11, 2022 2:51:07 PM / by PolySwarm Tech Team posted in Threat Bulletin, China, Cobalt Strike, Manjusaka, Silver

0 Comments



Executive Summary

Cisco Talos recently reported on a campaign leveraging Manjusaka, a new attack framework being used in the wild that is advertised as an alternative to Cobalt Strike or Sliver.

Read More

Lilith Ransomware

Aug 4, 2022 2:37:11 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Lilith, Lilithcrypt

0 Comments



Executive Summary

Cyble recently reported on Lilith Ransomware, which appends the .lilith extension to encrypted files.

Read More

Raspberry Robin

Aug 1, 2022 2:21:21 PM / by PolySwarm Tech Team posted in Threat Bulletin, Windows, LNK Worm, Raspberry Robin, QNAP

0 Comments



Executive Summary

Cybereason recently reported on Raspberry Robin, a worm that uses LNK shortcuts to lure victims and leverages compromised QNAP devices as stagers.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More