Insights, news, education and announcements from PolySwarm

ResolverRAT Targets Healthcare Sector

Apr 28, 2025 1:19:17 PM / by The Hivemind posted in Threat Bulletin, Healthcare, RAT, Emerging Threat, ResolverRAT

Verticals Targeted: Healthcare, Pharmaceutical
Regions Targeted: Language based targeting of Czech, Hindi, Indonesian, Italian, Portuguese, Turkish
Related Families: Rhadamanthys, Lumma

Executive Summary

ResolverRAT is a sophisticated remote access trojan (RAT) targeting healthcare and pharmaceutical sectors globally. Deployed via localized phishing campaigns, this previously undocumented malware employs advanced in-memory execution and evasion techniques to steal sensitive data.

Trinity Ransomware

Oct 18, 2024 2:30:02 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Healthcare, Manufacturing, Emerging Threat, Trinity

0 Comments

Related Families: Venus, 2023Lock
Verticals Targeted: Healthcare, Manufacturing, Business Services

Recent Ransomware Attacks on the Healthcare Vertical

Aug 19, 2024 12:54:46 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Healthcare, Disbuk, Rhysida, INC

0 Comments

Related Families: Rhysida, INC
Verticals Targeted: Healthcare

Executive Summary

Since late July, at least two ransomware groups have allegedly targeted healthcare vertical entities. The attacks were attributed to INC and Rhysida ransomware groups.

Eldorado Ransomware

Jul 15, 2024 2:43:58 PM / by The Hivemind posted in Healthcare, Education, Manufacturing, Real Estate, Professional Services

0 Comments

Verticals Targeted: Real Estate, Education, Professional Services, Healthcare, Manufacturing

Executive Summary

Eldorado is a relatively new ransomware as a service (RaaS) that targets both Windows and Linux systems. The ransomware has already claimed 16 victims and is gaining momentum.

Black Basta Targeting Critical Infrastructure

May 17, 2024 2:19:41 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Ransomware, Black Basta, Healthcare, Emerging Threat

0 Comments

Related Families: Qakbot
Verticals Targeted: Critical Infrastructure, Healthcare

Executive Summary

CISA recently issued an advisory warning critical infrastructure entities to harden their defenses against attacks from Black Basta.

INC Ransomware

Apr 8, 2024 2:23:53 PM / by The Hivemind posted in Threat Bulletin, Government, Ransomware, Healthcare, INC

0 Comments

Verticals Targeted: Government, Healthcare

Executive Summary

INC is a relatively new ransomware group that has been active since summer 2023. The group recently claimed responsibility for attacks on Leicester City Council and NHS services in Scotland.

RA World Ransomware Targets Healthcare Entities

Mar 18, 2024 2:36:58 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Healthcare, Babuk, Latin America, RA World

0 Comments

Related Families: Babuk
Verticals Targeted: Healthcare, Finance, Insurance

Executive Summary

RA World is a multistage ransomware family that was recently observed targeting healthcare entities in Latin America.

Phobos Targeting Critical Infrastructure

Mar 15, 2024 2:49:12 PM / by The Hivemind posted in Threat Bulletin, Government, Critical Infrastructure, Ransomware, Healthcare, Energy, Education, Phobos, Emergency Services

0 Comments

Related Families: Elking, Eight, Devos, Backmydata, Faust, Perdak, CrySiS, Dharma, SmokeLoader, Cobalt Strike, Bloodhound
Verticals Targeted: Critical Infrastructure, Government, Emergency Services, Education, Healthcare

Executive Summary

CISA recently released an advisory on Phobos ransomware being used to target critical infrastructure entities, including government entities, emergency services, education, public healthcare, and other unspecified entities.

The PolySwarm Blog

ResolverRAT Targets Healthcare Sector

Executive Summary

ResolverRAT is a sophisticated remote access trojan (RAT) targeting healthcare and pharmaceutical sectors globally. Deployed via localized phishing campaigns, this previously undocumented malware employs advanced in-memory execution and evasion techniques to steal sensitive data.

Trinity Ransomware

Recent Ransomware Attacks on the Healthcare Vertical

Executive Summary

Since late July, at least two ransomware groups have allegedly targeted healthcare vertical entities. The attacks were attributed to INC and Rhysida ransomware groups.

Eldorado Ransomware

Executive Summary

Eldorado is a relatively new ransomware as a service (RaaS) that targets both Windows and Linux systems. The ransomware has already claimed 16 victims and is gaining momentum.

Black Basta Targeting Critical Infrastructure

Executive Summary

CISA recently issued an advisory warning critical infrastructure entities to harden their defenses against attacks from Black Basta.

INC Ransomware

Executive Summary

INC is a relatively new ransomware group that has been active since summer 2023. The group recently claimed responsibility for attacks on Leicester City Council and NHS services in Scotland.

RA World Ransomware Targets Healthcare Entities

Executive Summary

RA World is a multistage ransomware family that was recently observed targeting healthcare entities in Latin America.

Phobos Targeting Critical Infrastructure

Executive Summary

CISA recently released an advisory on Phobos ransomware being used to target critical infrastructure entities, including government entities, emergency services, education, public healthcare, and other unspecified entities.

Subscribe to Email Updates

Lists by Topic

Posts by Topic

Recent Posts

Join the Marketplace

For Enterprises and Businesses

For Security Experts and AV Companies