The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

DcRAT Distributed Via Adult Content Themed Lures

Jun 26, 2023 1:57:42 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Infostealer, RAT, DcRAT, AsyncRAT

0 Comments

Related Families: AsyncRAT
Verticals Targeted: Consumer Services

Executive Summary

DcRAT is a clone of AsyncRAT and is used for remote access and stealing information. It also has ransomware capabilities. DcRAT has distributed via adult content-themed lures, including lures for OnlyFans pages.

Read More

Fake Cracked Software Sites Delivering Stealers

Jan 24, 2023 11:02:41 AM / by PolySwarm Tech Team posted in Threat Bulletin, Stealer, Infostealer, Racoon

0 Comments

Related Families: Raccoon, Vidar

Executive Summary

Sekoia recently reported on a campaign leveraging fake cracked software sites to deliver information stealers, including Raccoon and Vidar.

Read More

W4SP Infostealer

Dec 5, 2022 2:09:46 PM / by PolySwarm Tech Team posted in Threat Bulletin, Infostealer, Discord, W4SP

0 Comments



Executive Summary

Checkmarx recently reported on W4SP, an infostealer malware hidden in tainted PyPi packages.

Key Takeaways

Read More

New Armageddon Activity Targets Ukraine

Sep 22, 2022 12:45:11 PM / by PolySwarm Tech Team posted in Ukraine, Russia, Threat Bulletin, Infostealer, Armageddon, Gameredon, Primitive Bear, Shuckworm

0 Comments



Executive Summary

Cisco Talos researchers recently reported on new activity perpetrated by Russian nexus threat actor group Armageddon. The group is using a new infostealer to target entities in Ukraine.

Key Takeaways

Read More

PennyWise Infostealer Targets Crypto and Browsers

Jul 28, 2022 12:21:07 PM / by PolySwarm Tech Team posted in Threat Bulletin, Infostealer, Cryptocurrency, PennyWise, YouTube

0 Comments



Executive Summary

Cyble recently reported on PennyWise, an infostealer targeting crypto and browsers. PennyWise uses YouTube videos to bait victims into installing what they believe to be Bitcoin mining software.

Read More

IcedID and Zimbra Exploits Target Ukrainian Government Entities

Apr 22, 2022 1:38:37 PM / by PolySwarm Tech Team posted in Ukraine, Threat Bulletin, Infostealer, IcedID, BokBot, UAC-0098, UAC-0097, Zimbra

0 Comments



Background

CERT-UA recently released an advisory on IcedID, a modular banking trojan being dropped via a social engineering campaign targeting Ukrainian government entities, and related Zimbra exploits.

Read More

RedLine Stealer Delivered Via Fake Windows 11 Update

Mar 14, 2022 1:27:00 PM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, RedLine Stealer, Microsoft, Windows, Infostealer

0 Comments



Background

Last month HP published research on RedLine Stealer, a stealer malware being delivered via fake Windows 11 updates. Almost a month later, RedLine Stealer continues to be active in the wild, with new samples surfacing over the past week.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More