The PolySwarm Blog

Verticals Targeted: Government, Healthcare

Executive Summary

INC is a relatively new ransomware group that has been active since summer 2023. The group recently claimed responsibility for attacks on Leicester City Council and NHS services in Scotland.

Related Families: Brunhilda
Verticals Targeted: Financial 

Verticals Targeted: Technology, Finance, Legal Services, Manufacturing, Government, Energy, Insurance, Construction

Executive Summary

StrelaStealer was recently used in a widespread campaign targeting over 100 entities in the US and EU. The newest version of StrelaStealer is more advanced than previous versions and includes features to help thwart analysis.

Related Families: AcidRain
Verticals Targeted: Telecommunications 

Executive Summary

AcidPour, a variant of AcidRain, was recently observed targeting entities in Ukraine. The targets likely included telecommunications entities.

Executive Summary

BunnyLoader malware as a service (MaaS) released its latest variant, BunnyLoader 3.0, in February. BunnyLoader 3.0 boasts multiple improvements, including a reduced payload size, keylogging capabilities, and a modular structure.

Related Families: MgBot

Executive Summary

Evasive Panda was recently observed targeting Tibetans using a combination of strategic web compromise and supply chain attacks to deliver Nightdoor.

Related Families: Babuk
Verticals Targeted: Healthcare, Finance, Insurance 

Executive Summary

RA World is a multistage ransomware family that was recently observed targeting healthcare entities in Latin America.

Related Families: Elking, Eight, Devos, Backmydata, Faust, Perdak, CrySiS, Dharma, SmokeLoader, Cobalt Strike, Bloodhound
Verticals Targeted: Critical Infrastructure, Government, Emergency Services, Education, Healthcare

Executive Summary

CISA recently released an advisory on Phobos ransomware being used to target critical infrastructure entities, including government entities, emergency services, education, public healthcare, and other unspecified entities.