The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Latrodectus

Apr 12, 2024 2:32:43 PM / by The Hivemind posted in Threat Bulletin, IcedID, DanaBot, Downloader, Latrodectus, TA577, TA578, IAB, initial access broker

0 Comments

Related Families: IcedID, DanaBot

Executive Summary

Latrodectus is a downloader first seen in the wild in late 2023.  It has been used by threat actors who operate as initial access brokers (IAB).

Read More

Emotet’s New TTPs

Feb 13, 2023 12:26:57 PM / by The Hivemind posted in Threat Bulletin, IcedID, Bumblebee, Emotet, xls

0 Comments

Related Families: Bumblebee, IcedId
Verticals Targeted: Financial

Executive Summary

BlackBerry recently reported on Emotet’s new TTPs, including new email lures, IcedID, and Bumblebee as secondary payloads and evasion methods.

Read More

Recent Ransomware Threats to Healthcare

Jul 21, 2022 1:27:35 PM / by PolySwarm Tech Team posted in Threat Bulletin, North Korea, Ransomware, Iran, IcedID, Healthcare, Maui, Quantum, Hospital

0 Comments



Executive Summary

Multiple ransomware families have been used to target the healthcare vertical in the past year.  In this report, we cover recently reported attacks on the healthcare vertical leveraging Maui and Quantum ransomware families.

Read More

IcedID and Zimbra Exploits Target Ukrainian Government Entities

Apr 22, 2022 1:38:37 PM / by PolySwarm Tech Team posted in Ukraine, Threat Bulletin, Infostealer, IcedID, BokBot, UAC-0098, UAC-0097, Zimbra

0 Comments



Background

CERT-UA recently released an advisory on IcedID, a modular banking trojan being dropped via a social engineering campaign targeting Ukrainian government entities, and related Zimbra exploits.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts