The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Android Droppers on Google Play Store Distribute Banking Trojans

Nov 10, 2022 1:42:53 PM / by PolySwarm Tech Team posted in Threat Bulletin, Banking, Financial, Android, Trojan, Sharkbot, Brunhilda, Vultur

0 Comments

Verticals Targeted: Financial

Executive Summary

ThreatFabric recently reported on multiple Android droppers found on the Google Play Store distributing banking trojans.

Read More

Winnti Targets Hong Kong With Spyder Loader

Nov 7, 2022 1:37:10 PM / by PolySwarm Tech Team posted in Threat Bulletin, Espionage, APT41, Wicked Panda, China, Winnti, Loader, Spyder Loader

0 Comments

Verticals Targeted: Government

Executive Summary

Symantec recently reported on Spyder Loader, a tool used by Chinese nexus state-sponsored threat actor group Winnti to target government entities in Hong Kong.

Read More

Prestige Ransomware

Nov 3, 2022 2:37:56 PM / by PolySwarm Tech Team posted in Ukraine, Threat Bulletin, Ransomware, Poland, Prestige

0 Comments

Verticals Targeted: Transportation, Logistics

Executive Summary

Microsoft Threat Intelligence Center recently reported on Prestige ransomware. A novel ransomware family used to target entities in Ukraine and Poland in October 2022.

Read More

SideWinder WarHawk Backdoor

Oct 31, 2022 1:16:52 PM / by PolySwarm Tech Team posted in Threat Bulletin, India, Pakistan, Backdoor, Sidewinder, WarHawk

0 Comments



Executive Summary

Zscaler recently reported on WarHawk, a new backdoor used by the Indian threat actor group SideWinder.

Read More

Cyber Threats to Aviation and Aerospace

Oct 25, 2022 5:02:07 PM / by PolySwarm Tech Team posted in Russia, Threat Bulletin, China, Ransomware, Aerospace, Hacktivism, Aviation, Data Theft, Killnet, Phishing

0 Comments



Executive Summary

The aviation and aerospace verticals face numerous challenges in the form of cyber threats. This report gives an overview of the different threat actor motivations to target aviation and aerospace and the types of threats to these verticals.

Read More

Earth Aughisky's Malware Arsenal

Oct 24, 2022 1:58:51 PM / by PolySwarm Tech Team posted in Threat Bulletin, Roudan, GrubbyRAT, Earth Aughisky, Taidoor, LuckDLL, Taikite, SiyBot, Taleret, Serkdes, Buxzop

0 Comments

Related Families: Roudan/Taidoor, LuckDLL, GrubbyRAT, Taikite, SiyBot, Taleret, Serkdes, Buxzop

Verticals Targeted: Government, Technology, Transportation, Telecommunications, Manufacturing, Healthcare, Heavy Industries

Executive Summary

Trend Micro recently reported on Earth Aughisky and the myriad of tools used by this threat actor group.

Read More

Emotet Observed Using New TTPs

Oct 20, 2022 11:06:46 AM / by PolySwarm Tech Team posted in Threat Bulletin, Banking, Loader, Trojan, Botnet, Emotet

0 Comments

Related Families: TrickBot, Ryuk, QakBot, Zloader, Quantum, BlackCat

Read More

RatMilad Android Spyware

Oct 17, 2022 11:17:37 AM / by PolySwarm Tech Team posted in Threat Bulletin, Android, Spyware, RatMilad

0 Comments

Executive Summary

Zimperium recently reported on RatMilad, spyware targeting Android devices.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More