The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Asylum Ambuscade

Jun 20, 2023 1:49:52 PM / by The Hivemind posted in Financial, Government, Cryptocurrency, Asylum Ambuscade, SMB, SunSeed, AHKBOT, NODEBOT

0 Comments

Related Families: SunSeed, AHKBOT, NODEBOT
Verticals Targeted: Government, Cryptocurrency, Financial

Executive Summary

Asylum Ambuscade is a threat actor group known to engage in both cybercrime and espionage activity. Their targets include government, financial, and SMB entities, primarily in Europe and North America. 

Read More

Parallax RAT Targeting Crypto

Mar 7, 2023 11:36:09 AM / by The Hivemind posted in Threat Bulletin, Cryptocurrency, RAT, Parallax, ParallaxRat

0 Comments

Verticals Targeted: Cryptocurrency, DeFi, Finance 

Executive Summary

Uptycs recently reported on activity in which threat actors used Parallax RAT to target entities in the cryptocurrency sector.

Read More

MortalKombat Ransomware Used in Recent Campaign

Feb 24, 2023 1:57:55 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Cryptocurrency, Laplas Clipper, MortalKombat, Xorist

0 Comments

Related Families: Xorist, Laplas Clipper

Executive Summary

Cisco Talos recently reported on threat actor activity leveraging MortalKombat ransomware and Laplas Clipper. MortalKombat encrypts files on the infected machine and drops a ransom note instructing victims on how to pay the ransom to recover their files.

Key Takeaways

Read More

Mars Stealer Malware Targeting Crypto

Aug 18, 2022 12:04:52 PM / by PolySwarm Tech Team posted in Threat Bulletin, Stealer, Cryptocurrency, Atomic Wallet, Mars stealer

0 Comments



Executive Summary

A malware researcher on Twitter, @ViriBack, recently discovered a fake Atomic Wallet site distributing Mars Stealer.

Key Takeaways

Read More

PennyWise Infostealer Targets Crypto and Browsers

Jul 28, 2022 12:21:07 PM / by PolySwarm Tech Team posted in Threat Bulletin, Infostealer, Cryptocurrency, PennyWise, YouTube

0 Comments



Executive Summary

Cyble recently reported on PennyWise, an infostealer targeting crypto and browsers. PennyWise uses YouTube videos to bait victims into installing what they believe to be Bitcoin mining software.

Read More

Cryware Targets Crypto Wallets

May 27, 2022 12:34:55 PM / by PolySwarm Tech Team posted in Cryptocurrency, Cryware, Keylogging, Memory Dumping, Clipping & Switching, Crypto Wallet

0 Comments



Background

Microsoft recently reported on “cryware”, information stealers that target non-custodial cryptocurrency wallets, or hot wallets.

Read More

Lazarus Group Targets Crypto With TraderTraitor

Apr 25, 2022 11:26:42 AM / by PolySwarm Tech Team posted in Threat Bulletin, North Korea, Lazarus Group, TraderTraitor, Cryptocurrency

0 Comments



Background

CISA, FBI, and the US Treasury Department recently released a joint advisory on TraderTraitor, a Lazarus group campaign targeting blockchain companies.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More