The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Anatsa Android Banking Trojan Targets US Banks

Jul 18, 2025 2:08:41 PM / by The Hivemind posted in Threat Bulletin, Banker, Banking Trojan, Anatsa, Android Malware, overlay attacks, Google Play Store, credential theft, North America, financial fraud, device takeover, mobile banking

0 Comments

Verticals Targeted: Financial
Regions Targeted: US, Canada
Related Families: None

Read More

Coyote Banking Trojan

Feb 7, 2025 1:04:08 PM / by The Hivemind posted in Threat Bulletin, Windows, Banker, Banking Trojan, Evolving Threat, Coyote

0 Comments

Verticals Targeted: Financial 

Executive Summary

Coyote, which was first observed in early 2024, is a banking trojan that has targeted over 1030 sites and 73 financial institutions.

Read More

ToxicPanda Android Banking Trojan

Nov 12, 2024 12:41:07 PM / by The Hivemind posted in Threat Bulletin, Android, Mobile, Banker, Banking Trojan, ToxicPanda, TgToxic

0 Comments

Related Families: TgToxic
Verticals Targeted: Financial 

Executive Summary

ToxicPanda is an Android banking trojan that was first seen in the wild in October 2024. It allows threat actors to steal a victim’s money via account takeover (ATO) using On-Device Fraud (ODF).

Read More

Ajina Android Malware

Sep 23, 2024 2:03:45 PM / by The Hivemind posted in Threat Bulletin, Android, Banker, Ajina

0 Comments

Verticals Targeted: Financial 

Executive Summary

Ajina is an Android banking malware that masquerades as legitimate Android apps in order to steal banking information and intercept 2FA.

Read More

Brokewell Android Banking Trojan

May 6, 2024 2:48:46 PM / by The Hivemind posted in Threat Bulletin, Financial, Android, Trojan, Banker, Banking Trojan, Baron Samedit, Brokewell

0 Comments

Verticals Targeted: Financial

Executive Summary

Brokewell is a newly discovered Android banking trojan with Device Takeover capabilities. Despite being a newcomer to the threat landscape, Brokewell poses a significant threat to the banking industry.

Read More

Vultur Android Malware

Apr 5, 2024 1:49:09 PM / by The Hivemind posted in Threat Bulletin, Android, Brunhilda, Vultur, Mobile, Banker

0 Comments

Related Families: Brunhilda
Verticals Targeted: Financial 

Read More

New BBTok Variant

Oct 2, 2023 2:44:45 PM / by The Hivemind posted in Threat Bulletin, Financial, Banker, Banking Trojan, BBTok, Latin America

0 Comments

Verticals Targeted: Financial

Executive Summary

BBTok, written in Delphi, is a banking trojan that has been active since at least 2020. A new variant was recently observed targeting financial entities in Latin America.

Read More

Nexus Android Banking Trojan

Apr 4, 2023 3:28:28 PM / by The Hivemind posted in Threat Bulletin, Banking, Android, Trojan, Botnet, Mobile, POISON, Nexus, Banker, SOVA

0 Comments

Related Families: SOVA
Verticals Targeted: Financial, Cryptocurrency 

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More