The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

PolySwarm Tech Team

Find me on:

Recent Posts

PennyWise Infostealer Targets Crypto and Browsers

Jul 28, 2022 12:21:07 PM / by PolySwarm Tech Team posted in Threat Bulletin, Infostealer, Cryptocurrency, PennyWise, YouTube

0 Comments



Executive Summary

Cyble recently reported on PennyWise, an infostealer targeting crypto and browsers. PennyWise uses YouTube videos to bait victims into installing what they believe to be Bitcoin mining software.

Read More

APT 29 Using Brute Ratel

Jul 25, 2022 1:58:05 PM / by PolySwarm Tech Team posted in Threat Bulletin, Brute Ratel, APT29, CozyDuke, brc4, Cozy Bear, Cozycar, Dark Halo, Dukes, NOBELIUM, Office Monkeys, StellarParticle, UNC2452, YTTRIUM

0 Comments



Executive Summary

Palo Alto’s Unit 42 recently reported on Brute Ratel C4 (BRc4), a legitimate redteaming and adversarial attack simulation tool being abused by APT 29 threat actors.

Read More

Recent Ransomware Threats to Healthcare

Jul 21, 2022 1:27:35 PM / by PolySwarm Tech Team posted in Threat Bulletin, North Korea, Ransomware, Iran, IcedID, Healthcare, Maui, Quantum, Hospital

0 Comments



Executive Summary

Multiple ransomware families have been used to target the healthcare vertical in the past year.  In this report, we cover recently reported attacks on the healthcare vertical leveraging Maui and Quantum ransomware families.

Read More

HavanaCrypt Distributed Via Fake Google Software Update

Jul 18, 2022 12:04:52 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, HavanaCrypt

0 Comments



Executive Summary

Trend Micro recently reported on HavanaCrypt ransomware, which is being distributed disguised as a fake Google software update.

Read More

Lockbit 3.0

Jul 14, 2022 1:29:24 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, LockBit, Lockbit 3.0, LockbitBlack

0 Comments



Executive Summary

Cluster25 recently reported on Lockbit 3.0, the latest version of Lockbit ransomware. Version 3.0 includes new features and a ransomware bug bounty program.

Read More

New Hive Ransomware Rust Variant

Jul 11, 2022 1:37:20 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Hive, Rust

0 Comments



Executive Summary

Microsoft recently reported on a new variant of Hive ransomware written in Rust. This is a departure from previous versions, which were written in GoLang.

Key Takeaways

Read More

SessionManager Targets Governments and NGOs

Jul 8, 2022 2:33:33 PM / by PolySwarm Tech Team posted in Threat Bulletin, Government, Backdoor, SessionManager, NGO, IIS

0 Comments



Executive Summary

Kaspersky recently reported on SessionManager, a difficult to detect backdoor targeting governments and NGOs in multiple countries.

Read More

Black Basta Ransomware

Jul 5, 2022 3:33:54 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Windows, Linux, Black Basta, Qbot

0 Comments



Executive Summary

Cybereason recently reported on Black Basta ransomware, which has claimed around 50 victims so far, making it a prominent threat.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts