The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

PurpleFox Botnet Targeting Entities in Ukraine

Feb 16, 2024 11:44:26 AM / by The Hivemind posted in Ukraine, Threat Bulletin, Backdoor, Trojan, Botnet, rootkit, Exploit Kit, PurpleFox

0 Comments

Executive Summary

Read More

Androxgh0st

Jan 29, 2024 1:52:50 PM / by The Hivemind posted in Threat Bulletin, Botnet, Androxgh0st, SMTP cracker

0 Comments

Executive Summary

Androxghost is a Python-based SMTP cracker that has been active in the wild since at least 2022. The FBI and CISA released a joint advisory warning of the dangers of Androxgh0st.

Read More

Mirai IZ1H9

Oct 16, 2023 2:17:16 PM / by The Hivemind posted in Threat Bulletin, Linux, IoT, Mirai, Botnet, IZ1H9

0 Comments

Executive Summary

Mirai IZ1H9, a newer variant of Mirai, is being used to infect Linux devices for use in a DDoS campaign.

Read More

Condi DDoS Botnet

Jun 30, 2023 3:05:33 PM / by The Hivemind posted in Threat Bulletin, DDoS, Mirai, Botnet, CVE-2023-1389, Condi

0 Comments

Related Families: Mirai

Executive Summary

Condi is a DDoS as a service botnet based on Mirai. It has been observed leveraging CVE-2023-1389 to propagate.

Read More

Nexus Android Banking Trojan

Apr 4, 2023 3:28:28 PM / by The Hivemind posted in Threat Bulletin, Banking, Android, Trojan, Botnet, Mobile, POISON, Nexus, Banker, SOVA

0 Comments

Related Families: SOVA
Verticals Targeted: Financial, Cryptocurrency 

Read More

Emotet Observed Using New TTPs

Oct 20, 2022 11:06:46 AM / by PolySwarm Tech Team posted in Threat Bulletin, Banking, Loader, Trojan, Botnet, Emotet

0 Comments

Related Families: TrickBot, Ryuk, QakBot, Zloader, Quantum, BlackCat

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts