“SecondWrite is excited to join Polyswarm’s marketplace as an engine. Our mission is to secure computers and networks using our market-leading technology to detect malware. Polyswarm enables us to reach a large community of users and provides us with additional recent samples for our threat intelligence.” stated Rajeev Barua, CEO of SecondWrite.
Verticals Affected: Financial, Various
Victim Location: US, UK, Germany, Canada
Related Malware Families: TrickBot, Ryuk, QakBot, Zloader
A number of threat intelligence companies have recently reported on the return of the Emotet banking trojan. We first saw new variants of Emotet in our marketplace on November 15, 2021, before any industry in-depth analysis reports were released.
"As a unique malware detection and threat intelligence data platform, PolySwarm's crowdsourced model substantially improves the ability to explore, enrich, and mine malware data, which directly benefits the infosec community. Qi An Xin is excited to partner with PolySwarm to continue to innovate” Liejun Wang, Director of Threat Intelligence at QiAnXin.
We recently completed the “New Engine Claiming and Management” milestone on our development roadmap. Our goal was to make it easier for Engine owners to build, configure and test an engine, and then join the PolySwarm Marketplace, so we’ve completely redesigned the architecture.
Today we introduce a new utility use for PolySwarm’s Nectar token for average users: distributing rewards for security-relevant data about TLS certificates, DNS resolutions, and potentially malicious files encountered in daily computer use. Many of these telemetry sources are already collected from user devices by Antivirus (AV) providers. Still, there are a number of serious issues with how they are collected, how users are compensated for their information, and how these results are shared. By re-imagining how this marketplace works, we can increase collection transparency, fairly compensate all participants in the marketplace, and, most importantly, create a more unified source of security telemetry that will better protect users worldwide.
SentinelOne joined PolySwarm’s marketplace, and their threat detection engine is now live. The US-based company, a pioneer in advanced endpoint protection, leverages machine learning designed to identify unknown malware and remediate threats in real-time.
Global cybersecurity company Kaspersky joined PolySwarm’s marketplace, and their threat detection engine is now live. Kaspersky’s role within the platform will be to arbitrate on engine’s determinations to establish ‘ground truth’, which means making a final decision on the maliciousness of a given sample, 2 to 3 weeks after the sample has been first scanned.
The last 12 months have been intense yet very productive for PolySwarm, as we have scaled our platform, fast-tracked user acquisition and released new key features.
Let’s do a quick recap of what we’ve accomplished before we get into what lies ahead of us.