Insights, news, education and announcements from PolySwarm | Botnet

AIRASHI Botnet

Jan 27, 2025 11:08:56 AM / by The Hivemind posted in Threat Bulletin, DDoS, Botnet, Emerging Threat, Evolving Threat, AIRASHI

Related Families: AISURU

Executive Summary

AIRASHI is a variant of the AISURU botnet that has been active since at least late 2024. It is in active development and has the capability to conduct large-scale DDoS attacks.

Read More

PurpleFox Botnet Targeting Entities in Ukraine

Feb 16, 2024 11:44:26 AM / by The Hivemind posted in Ukraine, Threat Bulletin, Backdoor, Trojan, Botnet, rootkit, Exploit Kit, PurpleFox

Executive Summary

Read More

Androxgh0st

Jan 29, 2024 1:52:50 PM / by The Hivemind posted in Threat Bulletin, Botnet, Androxgh0st, SMTP cracker

Executive Summary

Androxghost is a Python-based SMTP cracker that has been active in the wild since at least 2022. The FBI and CISA released a joint advisory warning of the dangers of Androxgh0st.

Read More

Mirai IZ1H9

Oct 16, 2023 2:17:16 PM / by The Hivemind posted in Threat Bulletin, Linux, IoT, Mirai, Botnet, IZ1H9

Executive Summary

Mirai IZ1H9, a newer variant of Mirai, is being used to infect Linux devices for use in a DDoS campaign.

Read More

Condi DDoS Botnet

Jun 30, 2023 3:05:33 PM / by The Hivemind posted in Threat Bulletin, DDoS, Mirai, Botnet, CVE-2023-1389, Condi

Related Families: Mirai

Executive Summary

Condi is a DDoS as a service botnet based on Mirai. It has been observed leveraging CVE-2023-1389 to propagate.

Read More

Nexus Android Banking Trojan

Apr 4, 2023 3:28:28 PM / by The Hivemind posted in Threat Bulletin, Banking, Android, Trojan, Botnet, Mobile, POISON, Nexus, Banker, SOVA

Related Families: SOVA
Verticals Targeted: Financial, Cryptocurrency

Read More

Emotet Observed Using New TTPs

Oct 20, 2022 11:06:46 AM / by PolySwarm Tech Team posted in Threat Bulletin, Banking, Loader, Trojan, Botnet, Emotet

Related Families: TrickBot, Ryuk, QakBot, Zloader, Quantum, BlackCat

Read More