The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

LockBit MacOS Variant

Apr 24, 2023 3:36:34 PM / by The Hivemind posted in Threat Bulletin, Ransomware, LockBit, MacOS, Mac, Apple

0 Comments

Related Families: LockBit

Read More

Iranian Threat Actors Target Hybrid Environment

Apr 21, 2023 2:39:06 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Iran, Muddy Water, Static Kitten, DEV-1084, Mercury

0 Comments



Executive Summary

Iranian threat actors were observed targeting a hybrid environment using ransomware as a decoy for destructive attacks.

Key Takeaways

Read More

Rorschach Ransomware

Apr 14, 2023 2:25:33 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Rorschach

0 Comments



Executive Summary

Rorschach is a newly discovered ransomware family with the fastest encryption to date. While the developers seemed to borrow TTPs from other ransomware strains, Rorschach is unique and points to a sophisticated threat actor.

Read More

Bitter APT Campaign Targets Energy Sector

Apr 10, 2023 1:22:19 PM / by The Hivemind posted in Threat Bulletin, China, Energy, South Asia, Bitter APT, Nuclear

0 Comments

Verticals Targeted: Energy

Executive Summary

A recent Bitter APT campaign targeted nuclear energy entities in China. The threat actors used multiple techniques to obtain access to the victim machine, maintain persistence, and download and execute next-stage payloads.

Read More

MacStealer Targeting MacOS Devices

Apr 6, 2023 4:06:25 PM / by The Hivemind posted in Threat Bulletin, Stealer, MacOS, Mac, MacStealer

0 Comments



Executive Summary

Read More

Nexus Android Banking Trojan

Apr 4, 2023 3:28:28 PM / by The Hivemind posted in Threat Bulletin, Banking, Android, Trojan, Botnet, Mobile, POISON, Nexus, Banker, SOVA

0 Comments

Related Families: SOVA
Verticals Targeted: Financial, Cryptocurrency 

Read More

Trigonia Ransomware

Mar 31, 2023 2:10:27 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Trigonia, crylock

0 Comments

Related Families: CryLock
Verticals Targeted: Manufacturing, Finance, Construction, Agriculture, Marketing, Technology

Read More

CatB Ransomware

Mar 28, 2023 3:49:33 PM / by The Hivemind posted in Threat Bulletin, Ransomware, CatB, CatB99, Baxtoy, Pandora

0 Comments

Related Families: Pandora

Executive Summary

Sentinel One recently reported on CatB ransomware. CatB, also known as CatB99 or Baxtoy, was first seen in the wild in late 2022.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More