The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

RapperBot Targets IoT

Aug 22, 2022 3:09:40 PM / by PolySwarm Tech Team posted in Threat Bulletin, Linux, IoT, SSH, Mirai, RapperBot

0 Comments



Executive Summary

FortiGuard Labs recently reported on RapperBot, a malware family with a built-in capability to brute force credentials and gain access to SSH servers.

Read More

Mars Stealer Malware Targeting Crypto

Aug 18, 2022 12:04:52 PM / by PolySwarm Tech Team posted in Threat Bulletin, Stealer, Cryptocurrency, Atomic Wallet, Mars stealer

0 Comments



Executive Summary

A malware researcher on Twitter, @ViriBack, recently discovered a fake Atomic Wallet site distributing Mars Stealer.

Key Takeaways

Read More

Woody RAT Targets Russia

Aug 15, 2022 2:18:29 PM / by PolySwarm Tech Team posted in Russia, Threat Bulletin, Woody RAT, RAT

0 Comments



Executive Summary

Malwarebytes recently reported on Woody RAT, a RAT being used to target entities in Russia.

Read More

Manjusaka Framework

Aug 11, 2022 2:51:07 PM / by PolySwarm Tech Team posted in Threat Bulletin, China, Cobalt Strike, Manjusaka, Silver

0 Comments



Executive Summary

Cisco Talos recently reported on a campaign leveraging Manjusaka, a new attack framework being used in the wild that is advertised as an alternative to Cobalt Strike or Sliver.

Read More

Luca Stealer

Aug 8, 2022 3:41:00 PM / by PolySwarm Team posted in Threat Bulletin, Stealer, Windows, Rust, Luca Stealer

0 Comments



Executive Summary

Cyble recently reported on Luca Stealer, a Rust based stealer malware targeting Windows.

Key Takeaways

Read More

Lilith Ransomware

Aug 4, 2022 2:37:11 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Lilith, Lilithcrypt

0 Comments



Executive Summary

Cyble recently reported on Lilith Ransomware, which appends the .lilith extension to encrypted files.

Read More

Raspberry Robin

Aug 1, 2022 2:21:21 PM / by PolySwarm Tech Team posted in Threat Bulletin, Windows, LNK Worm, Raspberry Robin, QNAP

0 Comments



Executive Summary

Cybereason recently reported on Raspberry Robin, a worm that uses LNK shortcuts to lure victims and leverages compromised QNAP devices as stagers.

Read More

PennyWise Infostealer Targets Crypto and Browsers

Jul 28, 2022 12:21:07 PM / by PolySwarm Tech Team posted in Threat Bulletin, Infostealer, Cryptocurrency, PennyWise, YouTube

0 Comments



Executive Summary

Cyble recently reported on PennyWise, an infostealer targeting crypto and browsers. PennyWise uses YouTube videos to bait victims into installing what they believe to be Bitcoin mining software.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More