The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

PolySwarm adds “Emerging Threats” feed, includes stream for COVID-19 malware samples

Mar 19, 2020 11:10:55 AM / by PolySwarm Team

The world is experiencing a trying time, and every sector is impacted in some way by the COVID-19 pandemic. The unfortunate reality is that in times of crisis, hackers exploit vulnerabilities in systems...and humans: the COVID-19 pandemic is no exception. Over the last two weeks, here at PolySwarm, our malware analysts have seen a severe increase in pandemic related cyber threats--from Android ransomware to malware-laden “coronavirus map trackers”--that prey on people’s fragility and trust. 

On top of this, companies are scrambling to support a remote workforce, a shift that necessitates new cybersecurity considerations. For hackers, more online operations means new threat vectors to exploit. IT teams and network architecture are strained as security teams are encountering new challenges securing data, managing BYOD policies and ensuring safe communication. 

Here at PolySwarm--a tool that uses a novel method to detect new and emergent malware--we wanted to remind about the many free-to-use resources at your disposal. While companies can use PolySwarm’s command line interface (CLI) and API for automated detection, PolySwarm’s user interface (polyswarm.network) and homepage can also be used, and now displays an “Emerging Threats” feed with a dedicated column for malware related to COVID-19. It’s free and easy to get file details, see what engines are detecting and download samples.

2020-03-17-180212_1089x672_scrot

If you click “View scan results” you’ll go to the results page where you can see what engines are detecting, find the HASH and/or SHA-256 and see the File Details. 

Screenshot 2020-03-17 at 8.05.36 PM

Here at PolySwarm, we aggregate research-driven threat detection engines (pictured above)---both from AV companies and individual, specialized security experts---that compete in real-time to detect threats. These engines (called “microengines” in PolySwarm) are economically rewarded for early and accurate malware detection. Consumers of the intel (individuals, enterprise users, etc.) benefit from deeper coverage of the malware landscape and unique threat intelligence from PolySwarm. 

We are doing our best to support IT security professionals and researchers that are on the frontlines of malware discovery and detection, especially at this time. 

We also have our researcher community, polyX, which is free to join, where there’s lots of great sharing of emerging threats--with a lot of discussions about COVID-19 malware right now--best practices and resources for cyber defenders.  

Best to all at this time! 

Visit the PolySwarm marketplace to start scanning, searching and getting samples.

Topics: Research

PolySwarm Team

Written by PolySwarm Team