The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.


Apr 12, 2024 2:32:43 PM / by The Hivemind posted in Threat Bulletin, IcedID, DanaBot, Downloader, Latrodectus, TA577, TA578, IAB, initial access broker


Related Families: IcedID, DanaBot

Executive Summary

Latrodectus is a downloader first seen in the wild in late 2023.  It has been used by threat actors who operate as initial access brokers (IAB).

Read More

CVE-2022-31199 Used in Truebot Attacks

Jul 14, 2023 2:36:23 PM / by The Hivemind posted in Threat Bulletin, Cl0p, Downloader, FlawedGrace, CVE-2022-31199, Truebot


Related Families: Cl0p

Executive Summary

New Truebot variants have been observed on victim machines that were compromised using CVE-2022-31199. The activity is targeting entities in

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts