The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Charming Kitten Hyperscrape Tool

Sep 9, 2022 1:13:55 PM / by PolySwarm Tech Team posted in Threat Bulletin, Iran, Hyperscrape, Scraper, Charming Kitten, APT35

0 Comments



Executive Summary

Google’s Threat Analysis Group (TAG) recently reported on Hyperscrape, a new data extraction tool used by the Iranian nexus threat actor group Charming Kitten.


Key Takeaways

Read More

Agenda Ransomware

Sep 6, 2022 3:11:38 PM / by PolySwarm Tech Team posted in Threat Bulletin, Agenda Ransomware, GoLang

0 Comments

Related Families: Black Basta, Black Matter, REvil

Verticals Targeted: healthcare, education

Executive Summary

Trend Micro recently reported on Agenda Ransomware, a tailored ransomware written in GoLang.

Read More

Lightning Framework

Sep 1, 2022 12:30:19 PM / by PolySwarm Tech Team posted in Threat Bulletin, Linux, Lightning Framework

0 Comments



Executive Summary

Intezer recently reported on Lightning Framework, a Linux malware with modular plugins and the ability to install rootkits.

Key Takeaways

Read More

GwisinLocker

Aug 29, 2022 2:33:33 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, GwisinLocker, South Korea

0 Comments

Verticals Targeted: pharmaceutical, healthcare, industrial

Executive Summary

Ahnlab recently reported on GwisinLocker, a multi-platform ransomware targeting multiple verticals in South Korea.

Read More

Bumblebee Loader

Aug 25, 2022 1:48:41 PM / by PolySwarm Tech Team posted in Threat Bulletin, Loader, BazarLoader, BazarBackdoor, Bumblebee, BazaLoader

0 Comments

Related Families: BazarLoader, BazaLoader, Conti, BazarBackdoor, Trickbot, Diavol, Sliver, Bokbot, Meterpreter, Cobalt Strike

Verticals Targeted: Multiple

Executive Summary

Earlier this month, Palo Alto’s Unit 42 reported on recent activity leveraging Bumblebee. Unit 42 observed activity by multiple threat actors, including Projector Libra.

Read More

RapperBot Targets IoT

Aug 22, 2022 3:09:40 PM / by PolySwarm Tech Team posted in Threat Bulletin, Linux, IoT, SSH, Mirai, RapperBot

0 Comments



Executive Summary

FortiGuard Labs recently reported on RapperBot, a malware family with a built-in capability to brute force credentials and gain access to SSH servers.

Read More

Mars Stealer Malware Targeting Crypto

Aug 18, 2022 12:04:52 PM / by PolySwarm Tech Team posted in Threat Bulletin, Stealer, Cryptocurrency, Atomic Wallet, Mars stealer

0 Comments



Executive Summary

A malware researcher on Twitter, @ViriBack, recently discovered a fake Atomic Wallet site distributing Mars Stealer.

Key Takeaways

Read More

Woody RAT Targets Russia

Aug 15, 2022 2:18:29 PM / by PolySwarm Tech Team posted in Russia, Threat Bulletin, Woody RAT, RAT

0 Comments



Executive Summary

Malwarebytes recently reported on Woody RAT, a RAT being used to target entities in Russia.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts