Related Families: Andromeda, Kopiluwak, QuietCanary
Executive Summary
Mandiant recently reported on a Turla campaign targeting Ukraine. The threat actors used multiple malware families in this campaign, including Kopiluwak, QuietCanary, and Andromeda.
Ransomware attacks have become a major concern for businesses and organizations in recent years, with devastating consequences for those who fall victim. The Hive ransomware gang, which recently targeted Consulate Health Care, is one example of cybercriminals constructing sophisticated and ruthless tactics to steal sensitive data and extort money from their victims. But how can you protect yourself from these kinds of attacks in the future?
Executive Summary
This threat bulletin features PolySwarm’s top malware to watch in 2023, as chosen by our analysts.
Executive Summary
This threat bulletin features PolySwarm analysts’ predictions for the 2023 threat landscape.
Key Takeaways
Executive Summary
This Threat Bulletin is part of PolySwarm’s 2022 Recap series. This report provides highlights of activity perpetrated by Russia-based threat actors in 2022. Russian APT activity in 2022 was heavily focused on targeting Ukraine for espionage and sabotage due to the ongoing Russia-Ukraine conflict. While the Russian cyber threat landscape includes a wide variety of ransomware and cybercrime threat actors, we have limited the scope of this report to state-sponsored threat actor activity.
Key Takeaways
- This report highlights activity perpetrated by Russia-based APT threat actors in 2022.
- Threat actors featured in this report include Cozy Bear, Fancy Bear, Energetic Bear, Venomous Bear, Primitive Bear, VooDoo Bear, Ember Bear, Saint Bear, UAC-0041, UAC-0088, and UAC-0098.
- PolySwarm tracked malware associated with multiple Russia nexus threat actors in 2022.
Executive Summary
This Threat Bulletin is part of PolySwarm’s 2022 Recap series. This report provides highlights of activity perpetrated by China-based threat actors in 2022.
Key Takeaways
- This report highlights activity perpetrated by China-based threat actors in 2022.
- Threat actors featured in this report include Keyhole Panda, Stone Panda, Deep Panda, Twisted Panda, Vixen Panda, Pirate Panda, Aquatic Panda, Wicked Panda, Mustang Panda, Emissary Panda, Kryptonite Panda, Lotus Panda, TA410, Red Menshen, Scarab, Aoquin Dragon, and Lotus Blossom.
- PolySwarm tracked malware associated with multiple China nexus threat actors in 2022.
Executive Summary
This Threat Bulletin is part of PolySwarm’s 2022 Recap series. This report highlights the activity perpetrated by North Korea-based threat actors in 2022.
Key Takeaways
- This report provides highlights of activity perpetrated by North Korea-based threat actors in 2022.
- Threat actors featured in this report include Lazarus Group, BlueNoroff, Reaper, Andariel, Kimsuky, Gwisin, and H0ly Gh0st.
- PolySwarm tracked malware associated with multiple North Korea nexus threat actors in 2022.