The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

ResolverRAT Targets Healthcare Sector

Apr 28, 2025 1:19:17 PM / by The Hivemind posted in Threat Bulletin, Healthcare, RAT, Emerging Threat, ResolverRAT

0 Comments

Verticals Targeted: Healthcare, Pharmaceutical
Regions Targeted: Language based targeting of Czech, Hindi, Indonesian, Italian, Portuguese, Turkish
Related Families: Rhadamanthys, Lumma

Executive Summary

ResolverRAT is a sophisticated remote access trojan (RAT) targeting healthcare and pharmaceutical sectors globally. Deployed via localized phishing campaigns, this previously undocumented malware employs advanced in-memory execution and evasion techniques to steal sensitive data.

Read More

CoffeeLoader

Apr 11, 2025 2:29:33 PM / by The Hivemind posted in Threat Bulletin, Loader, Emerging Threat, CoffeeLoader

0 Comments

Related Families: SmokeLoader, Rhadamanthys  

Read More

Crocodilus Android Banking Trojan

Apr 7, 2025 1:41:20 PM / by The Hivemind posted in Threat Bulletin, Android, Mobile, Banking Trojan, Emerging Threat, Crocodilus

0 Comments

Verticals Targeted: Financial

Executive Summary

Crocodilus is a newly identified Android banking Trojan that exhibits advanced device-takeover capabilities and targets financial institutions and cryptocurrency wallets. Already operational in Spain and Turkey, this malware showcases a mature feature set that challenges traditional defenses, marking a significant evolution in mobile threats.

Read More

VanHelsing Ransomware

Mar 31, 2025 2:19:18 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Emerging Threat, VanHelsing

0 Comments

Executive Summary

VanHelsing is an emerging ransomware threat. VanHelsing targets an expansive array of platforms, including Windows, Linux, BSD, ARM, and ESXi systems, positioning it as a versatile threat across diverse IT environments.

Read More

StilachiRAT

Mar 24, 2025 11:54:35 AM / by The Hivemind posted in Threat Bulletin, Backdoor, Cryptocurrency, RAT, Emerging Threat, StilachiRAT

0 Comments

Executive Summary

StilachiRAT is a newly discovered remote access trojan (RAT) that employs advanced evasion techniques to conduct system reconnaissance, steal credentials, and target cryptocurrency wallets.

Read More

FrigidStealer MacOS Stealer

Feb 21, 2025 1:48:14 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, MacOS, Emerging Threat, FrigidStealer

0 Comments

Executive Summary

FrigidStealer is a stealer that targets MacOS devices. It has been active since at least late 2024 and is delivered via web injection campaigns.

Read More

Lynx Ransomware

Feb 3, 2025 1:43:43 PM / by The Hivemind posted in Threat Bulletin, Ransomware, INC, Emerging Threat, Lynx

0 Comments

Related Families: INC
Verticals Targeted: Legal Services, Retail, Finance, Telecommunications, Agriculture, Manufacturing, Construction, Transportation, Healthcare, Energy

Executive Summary

Lynx ransomware is a ransomware-as-a-service (RaaS) that was first observed in July 2024. Since its debut, the ransomware has gained momentum and has continued its activity into early 2025.

Read More

AIRASHI Botnet

Jan 27, 2025 11:08:56 AM / by The Hivemind posted in Threat Bulletin, DDoS, Botnet, Emerging Threat, Evolving Threat, AIRASHI

0 Comments

Related Families: AISURU

Executive Summary

AIRASHI is a variant of the AISURU botnet that has been active since at least late 2024. It is in active development and has the capability to conduct large-scale DDoS attacks.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More