The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

ALPHV Targeting ONG, Critical Infrastructure Entities

Feb 23, 2024 2:25:34 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Ransomware, BlackCat, ALPHV, Energy, ONG, Oil & Gas

0 Comments

Verticals Targeted: Critical Infrastructure, Energy, Oil & Gas

Executive Summary

ALPHV recently claimed responsibility for a cybersecurity incident targeting Canada's Trans-Northern Pipelines.

Read More

Cactus Ransomware

Feb 5, 2024 2:04:38 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Ransomware, Energy, Cactus

0 Comments

Verticals Targeted: Energy

Executive Summary

Cactus is a ransomware family that has been active since at least March 2023 and has been gaining momentum in recent months. Cactus recently claimed an attack on Schneider Electric.

Read More

2023 Recap - Cyber Threats to the Energy Vertical

Jan 2, 2024 11:43:43 AM / by The Hivemind posted in Threat Bulletin, Europe, LockBit, ALPHV, Charming Kitten, 2023, Cl0p, YoroTrooper, Energy, Bitter APT, Volt Typhoon, SpyNote, Rhysida, DroxiDat, VooDoo Bear, RedStinger, 2023 Recap, BlackBasta, Earth Yako, Prophet Spider, Cuba Ransomware

0 Comments

Executive Summary

Cyber threats pose a significant risk to the energy vertical, which encompasses various sectors such as oil, gas, electricity, renewable energy, utilities, and related critical infrastructure entities. PolySwarm has been tracking cyber activity targeting the energy vertical in 2023. In this report, we provide highlights of this year’s threat actors and cyber attacks known to target the energy sector.

Read More

DroxiDat Targets African Power Company

Aug 18, 2023 2:54:28 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Energy, DroxiDat, Pistachio Tempest, SystemBC, Fin12

0 Comments

Related Families: SystemBC
Verticals Targeted: Energy

Executive Summary

An African energy sector entity was recently targeted using DroxiDat, a variant of SystemBC.

Read More

SpyNote Targets Utility Company Customers

Aug 4, 2023 2:38:03 PM / by The Hivemind posted in Threat Bulletin, Android, Critical Infrastructure, Mobile, Energy, Utilities, SpyNote

0 Comments

Verticals Targeted: Utilities, Energy, Water, Critical Infrastructure

Read More

CosmicEnergy

Jun 9, 2023 2:23:26 PM / by The Hivemind posted in Critical Infrastructure, ICS, Energy, CosmicEnergy, OT

0 Comments

Verticals Targeted: Energy, Critical Infrastructure

Executive Summary

CosmicEnergy is a novel malware targeting operational technology (OT) and ICS.

Read More

Volt Typhoon Targets US Critical Infrastructure

Jun 5, 2023 2:07:00 PM / by The Hivemind posted in US, Critical Infrastructure, China, Energy, Volt Typhoon, Guam

0 Comments

Verticals Targeted: Critical Infrastructure, Communications, Manufacturing, Utility, Transportation, Construction, Maritime, Government, Information Technology, Education

Executive Summary

Volt Typhoon was discovered targeting critical infrastructure entities in the US mainland and Guam. Volt Typhoon maintained stealth throughout this espionage campaign.

Read More

Mint Sandstorm Targets US Critical Infrastructure

May 1, 2023 3:22:04 PM / by The Hivemind posted in Threat Bulletin, Middle East, Government, Critical Infrastructure, Iran, Telecommunications, Charming Kitten, MENA, Energy, Mint Sandstorm, North Africa, Transportation

0 Comments

Related Families: Drokbk, Soldier
Verticals Targeted:
Critical Infrastructure, Telecommunications, Government, Energy, Transportation. Utilities, Oil & Gas

Executive Summary

Mint Sandstorm was recently observed targeting US critical infrastructure entities. These include seaports, energy companies, transportation systems, and a US utility and gas entity.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts