Verticals Targeted: Cryptocurrency
Regions Targeted: India
Related Families: GolangGhost
Famous Chollima’s PylangGhost
Jun 23, 2025 2:25:38 PM / by The Hivemind posted in Blockchain, Threat Bulletin, North Korea, India, Malware, Python, Cryptocurrency, RAT, PylangGhost, GolangGhost, Famous Chollima
StilachiRAT
Mar 24, 2025 11:54:35 AM / by The Hivemind posted in Threat Bulletin, Backdoor, Cryptocurrency, RAT, Emerging Threat, StilachiRAT
Executive Summary
StilachiRAT is a newly discovered remote access trojan (RAT) that employs advanced evasion techniques to conduct system reconnaissance, steal credentials, and target cryptocurrency wallets.
The Bybit Hack: How the $1.5B Windfall Could Fuel a Surge in Cybercrime
Mar 4, 2025 10:39:08 AM / by Blake Reyes posted in Lazarus Group, Cryptocurrency, Bybit
The recent $1.5 billion hack of Bybit, allegedly orchestrated by the Lazarus Group, has sent shockwaves through the cryptocurrency industry. While this North Korean state-sponsored hacking group has a well-documented history of targeting crypto exchanges, the size of this breach sets a new precedent. Beyond the immediate financial impact, this incident raises serious concerns about how Lazarus will leverage these stolen funds in the future. From within the crypto space to their broader cybercriminal activities.
An Inside Look at NCT’s Role in Advancing Cybersecurity
Nov 1, 2024 10:27:17 AM / by PolySwarm Team posted in Blockchain, Cryptocurrency, NCT
PolySwarm launched in 2018 with the Nectar (NCT) token, an ERC-20 token empowering cybersecurity professionals and enterprises to actively contribute and participate in our threat detection marketplace. The distribution of NCT reflects PolySwarm’s commitment to building a decentralized, community-driven platform. This post describes PolySwarm’s token allocations at launch and the token’s role within the cybersecurity ecosystem.
PolySwarm.AI: Rewarding the Community for Eradicating Invasive Phish
Jun 21, 2024 9:14:34 AM / by PolySwarm Team posted in Blockchain, Cryptocurrency, NCT, Nectar
PolySwarm, the decentralized threat detection marketplace, is excited to announce that we are developing an expansion of our groundbreaking NectarNet browser extension.
Ebury Compromised 400K Linux Servers
May 20, 2024 2:59:44 PM / by The Hivemind posted in Threat Bulletin, Stealer, Linux, Backdoor, Cryptocurrency, Ebury, HelimodSteal, HelimodProxy, HelimodRedirect
Related Families: HelimodSteal, HelimodProxy, HelimodRedirect
Executive Summary
A longstanding botnet campaign is known to deliver Ebury, an OpenSSH backdoor and credential stealer.
Asylum Ambuscade
Jun 20, 2023 1:49:52 PM / by The Hivemind posted in Financial, Government, Cryptocurrency, Asylum Ambuscade, SMB, SunSeed, AHKBOT, NODEBOT
Related Families: SunSeed, AHKBOT, NODEBOT
Verticals Targeted: Government, Cryptocurrency, Financial
Executive Summary
Asylum Ambuscade is a threat actor group known to engage in both cybercrime and espionage activity. Their targets include government, financial, and SMB entities, primarily in Europe and North America.
Parallax RAT Targeting Crypto
Mar 7, 2023 11:36:09 AM / by The Hivemind posted in Threat Bulletin, Cryptocurrency, RAT, Parallax, ParallaxRat
Verticals Targeted: Cryptocurrency, DeFi, Finance
Executive Summary
Uptycs recently reported on activity in which threat actors used Parallax RAT to target entities in the cryptocurrency sector.