The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

New Medusa Android Banking Trojan Variant Discovered

Jul 1, 2024 1:28:23 PM / by The Hivemind posted in Threat Bulletin, Banking, Financial, Android, Trojan, Mobile, Medusa, on-device fraud

0 Comments

Verticals Targeted: Financial 

Executive Summary

A new variant of the Android banking trojan Medusa was recently discovered. This variant boasts a smaller footprint, needs fewer device permissions, and has full-screen overlay capabilities.

Read More

Anatsa Android Banking Trojan

Jul 3, 2023 12:37:11 PM / by The Hivemind posted in Threat Bulletin, Banking, Financial, Android, Trojan, Banking Trojan, Anatsa

0 Comments

Verticals Targeted: Financial 

Executive Summary

Anatsa is a banking trojan targeting Android devices that is distributed through the Google Play store, disguised as a seemingly innocuous app.

Read More

Nexus Android Banking Trojan

Apr 4, 2023 3:28:28 PM / by The Hivemind posted in Threat Bulletin, Banking, Android, Trojan, Botnet, Mobile, POISON, Nexus, Banker, SOVA

0 Comments

Related Families: SOVA
Verticals Targeted: Financial, Cryptocurrency 

Read More

Hook Android Banking Trojan

Jan 31, 2023 12:25:40 PM / by The Hivemind posted in Threat Bulletin, Banking, Android, RAT, Trojan, Hook, Ermac, DukeEugene

0 Comments

Related Families: Ermac
Verticals Targeted:
Financial

Executive Summary

Threat Fabric recently reported on Hook, an Android banking trojan that is a fork of Ermac.

Read More

Godfather Android Banking Trojan

Jan 5, 2023 12:27:16 PM / by PolySwarm Tech Team posted in Threat Bulletin, Banking, Android, Trojan, Mobile, Godfather

0 Comments

Related Families: Anubis
Verticals Targeted: Financial

Read More

Android Droppers on Google Play Store Distribute Banking Trojans

Nov 10, 2022 1:42:53 PM / by PolySwarm Tech Team posted in Threat Bulletin, Banking, Financial, Android, Trojan, Sharkbot, Brunhilda, Vultur

0 Comments

Verticals Targeted: Financial

Executive Summary

ThreatFabric recently reported on multiple Android droppers found on the Google Play Store distributing banking trojans.

Read More

Emotet Observed Using New TTPs

Oct 20, 2022 11:06:46 AM / by PolySwarm Tech Team posted in Threat Bulletin, Banking, Loader, Trojan, Botnet, Emotet

0 Comments

Related Families: TrickBot, Ryuk, QakBot, Zloader, Quantum, BlackCat

Read More

PolySwarm Threat Bulletin: US and European Banks Fear Russian Cyber Attack

Feb 17, 2022 1:44:35 PM / by PolySwarm Tech Team posted in Russia, Threat Bulletin, US, Europe, Banking, Financial

0 Comments


THIS THREAT BULLETIN IS PROVIDED FOR SITUATIONAL AWARENESS

Background

PolySwarm recently published a Special Report, Threat Bulletin, and blog posts discussing Russia-Ukraine tensions and the potential for both kinetic and cyber conflict. In Russia-Ukraine Conflict and Cyberwar Implications, we discussed political tensions between Russia and Ukraine, past cyber altercations between the two nations, and potential cyber and kinetic implications if the current conflict escalates. In Armageddon Activity Targeting Ukraine, we provided commentary and IOCs for ongoing cyber activity targeting Ukraine, which industry analysts attributed to the Russian state-sponsored threat actor group Armageddon.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts