The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Russia Targets Ukraine Critical Infrastructure With PathWiper

Jun 13, 2025 2:33:09 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, HermeticWiper, PathWiper, Wiper Malware, Ukraine Cyberattack, Russia APT, Endpoint Security, Cyber Warfare, Data Destruction, Administrative Console

0 Comments

Verticals Targeted: Critical infrastructure
Regions Targeted: Ukraine
Related Families: HermeticWiper (aka FoxBlade, NEARMISS)

Executive Summary

PathWiper is a new wiper malware deployed by a Russia-linked APT, targeting Ukraine’s critical infrastructure with destructive intent. The attack leveraged a legitimate endpoint administration framework, highlighting the persistent cyber threat to Ukraine amid ongoing conflict.

Read More

HellCat Ransomware Targets Energy Giant Schneider Electric

Nov 15, 2024 12:52:13 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Ransomware, Energy, Emerging Threat, Evolving Threat

0 Comments

Related Families: HellDown
Verticals Targeted: Energy

Executive Summary

HellCat ransomware recently targeted French energy giant Schneider Electric. PolySwarm analysts consider HellCat to be an emerging threat.

Read More

Black Basta Targeting Critical Infrastructure

May 17, 2024 2:19:41 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Ransomware, Black Basta, Healthcare, Emerging Threat

0 Comments

Related Families: Qakbot
Verticals Targeted: Critical Infrastructure, Healthcare

Executive Summary

CISA recently issued an advisory warning critical infrastructure entities to harden their defenses against attacks from Black Basta.

Read More

VooDoo Bear's Kapeka Backdoor Targets Critical Infrastructure

Apr 26, 2024 2:28:37 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, ICS, Energy, VooDoo Bear, Kapeka

0 Comments

Related Families: GreyEnergy, Prestige
Verticals Targeted: Critical Infrastructure

Executive Summary

Kapeka, also known as KnuckleTouch, is a novel backdoor used by VooDoo Bear to target entities in Eastern Europe.

Read More

Phobos Targeting Critical Infrastructure

Mar 15, 2024 2:49:12 PM / by The Hivemind posted in Threat Bulletin, Government, Critical Infrastructure, Ransomware, Healthcare, Energy, Education, Phobos, Emergency Services

0 Comments

Related Families: Elking, Eight, Devos, Backmydata, Faust, Perdak, CrySiS, Dharma, SmokeLoader, Cobalt Strike, Bloodhound
Verticals Targeted: Critical Infrastructure, Government, Emergency Services, Education, Healthcare

Executive Summary

CISA recently released an advisory on Phobos ransomware being used to target critical infrastructure entities, including government entities, emergency services, education, public healthcare, and other unspecified entities.

Read More

Rhadamanthys Targeting ONG Sector

Mar 8, 2024 1:36:26 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Stealer, Phishing, Energy, ONG, Oil & Gas, Rhadamanthys

0 Comments

Verticals Targeted: Oil & Gas, Energy, Critical Infrastructure

Read More

ALPHV Targeting ONG, Critical Infrastructure Entities

Feb 23, 2024 2:25:34 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Ransomware, BlackCat, ALPHV, Energy, ONG, Oil & Gas

0 Comments

Verticals Targeted: Critical Infrastructure, Energy, Oil & Gas

Executive Summary

ALPHV recently claimed responsibility for a cybersecurity incident targeting Canada's Trans-Northern Pipelines.

Read More

Cactus Ransomware

Feb 5, 2024 2:04:38 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Ransomware, Energy, Cactus

0 Comments

Verticals Targeted: Energy

Executive Summary

Cactus is a ransomware family that has been active since at least March 2023 and has been gaining momentum in recent months. Cactus recently claimed an attack on Schneider Electric.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More