Related Families: ValleyRAT
Verticals Targeted: Medical
Related Families: RIG, Fallout EK
Executive Summary
SystemBC, a RAT that previously only targeted Windows systems was recently observed targeting Linux.
Verticals Targeted: Financial
Executive Summary
Coyote, which was first observed in early 2024, is a banking trojan that has targeted over 1030 sites and 73 financial institutions.
Related Families: AISURU
Executive Summary
AIRASHI is a variant of the AISURU botnet that has been active since at least late 2024. It is in active development and has the capability to conduct large-scale DDoS attacks.
Verticals Targeted: Manufacturing, Finance, Transportation, Legal Services, Healthcare, Defense, Business Services
Executive Summary
Black Basta is a ransomware group that rose in the aftermath of the dissolution of Conti ransomware in 2022. In recent months, Black Basta has begun using tactics that are reminiscent of nation-state threat actor tactics and has shifted from opportunistic targeting to more refined, strategic targeting.
Related Families: HellDown
Verticals Targeted: Energy
Executive Summary
HellCat ransomware recently targeted French energy giant Schneider Electric. PolySwarm analysts consider HellCat to be an emerging threat.
Verticals Targeted: Aerospace, Manufacturing, Professional Services, Scientific and Technical Services, Retail, Construction, Insurance, Telecommunications, Hospitality, and Legal Services
Executive Summary
Akira ransomware is one of the most prolific ransomware families of 2024. Active in the wild since April 2023, Akira has continued to evolve, maintaining its relevance on the threat landscape.
Related Families: BazarLoader, BazaLoader