The PolySwarm Blog

Related Families: Ermac
Verticals Targeted: Financial

Executive Summary

Threat Fabric recently reported on Hook, an Android banking trojan that is a fork of Ermac.

Related Families: Anubis
Verticals Targeted: Financial

Verticals Targeted: Financial

Executive Summary

ThreatFabric recently reported on multiple Android droppers found on the Google Play Store distributing banking trojans.

Related Families: TrickBot, Ryuk, QakBot, Zloader, Quantum, BlackCat

THIS THREAT BULLETIN IS PROVIDED FOR SITUATIONAL AWARENESS

Background

PolySwarm recently published a Special Report, Threat Bulletin, and blog posts discussing Russia-Ukraine tensions and the potential for both kinetic and cyber conflict. In Russia-Ukraine Conflict and Cyberwar Implications, we discussed political tensions between Russia and Ukraine, past cyber altercations between the two nations, and potential cyber and kinetic implications if the current conflict escalates. In Armageddon Activity Targeting Ukraine, we provided commentary and IOCs for ongoing cyber activity targeting Ukraine, which industry analysts attributed to the Russian state-sponsored threat actor group Armageddon.