PolySwarm, the decentralized threat detection marketplace, is excited to announce that we are developing an expansion of our groundbreaking NectarNet browser extension.
Related Families: HelimodSteal, HelimodProxy, HelimodRedirect
Executive Summary
A longstanding botnet campaign is known to deliver Ebury, an OpenSSH backdoor and credential stealer.
Related Families: SunSeed, AHKBOT, NODEBOT
Verticals Targeted: Government, Cryptocurrency, Financial
Executive Summary
Asylum Ambuscade is a threat actor group known to engage in both cybercrime and espionage activity. Their targets include government, financial, and SMB entities, primarily in Europe and North America.
Verticals Targeted: Cryptocurrency, DeFi, Finance
Executive Summary
Uptycs recently reported on activity in which threat actors used Parallax RAT to target entities in the cryptocurrency sector.
Related Families: Xorist, Laplas Clipper
Executive Summary
Cisco Talos recently reported on threat actor activity leveraging MortalKombat ransomware and Laplas Clipper. MortalKombat encrypts files on the infected machine and drops a ransom note instructing victims on how to pay the ransom to recover their files.
Key Takeaways
Executive Summary
A malware researcher on Twitter, @ViriBack, recently discovered a fake Atomic Wallet site distributing Mars Stealer.
Key Takeaways
Executive Summary
Cyble recently reported on PennyWise, an infostealer targeting crypto and browsers. PennyWise uses YouTube videos to bait victims into installing what they believe to be Bitcoin mining software.
