Executive Summary
Checkmarx recently reported on W4SP, an infostealer malware hidden in tainted PyPi packages.
Key Takeaways
W4SP Infostealer
Dec 5, 2022 2:09:46 PM / by PolySwarm Tech Team posted in Threat Bulletin, Infostealer, Discord, W4SP
New Armageddon Activity Targets Ukraine
Sep 22, 2022 12:45:11 PM / by PolySwarm Tech Team posted in Ukraine, Russia, Threat Bulletin, Infostealer, Armageddon, Gameredon, Primitive Bear, Shuckworm
Executive Summary
Cisco Talos researchers recently reported on new activity perpetrated by Russian nexus threat actor group Armageddon. The group is using a new infostealer to target entities in Ukraine.
Key Takeaways
PennyWise Infostealer Targets Crypto and Browsers
Jul 28, 2022 12:21:07 PM / by PolySwarm Tech Team posted in Threat Bulletin, Infostealer, Cryptocurrency, PennyWise, YouTube
Executive Summary
Cyble recently reported on PennyWise, an infostealer targeting crypto and browsers. PennyWise uses YouTube videos to bait victims into installing what they believe to be Bitcoin mining software.
IcedID and Zimbra Exploits Target Ukrainian Government Entities
Apr 22, 2022 1:38:37 PM / by PolySwarm Tech Team posted in Ukraine, Threat Bulletin, Infostealer, IcedID, BokBot, UAC-0098, UAC-0097, Zimbra
Background
CERT-UA recently released an advisory on IcedID, a modular banking trojan being dropped via a social engineering campaign targeting Ukrainian government entities, and related Zimbra exploits.
RedLine Stealer Delivered Via Fake Windows 11 Update
Mar 14, 2022 1:27:00 PM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, RedLine Stealer, Microsoft, Windows, Infostealer
Background
Last month HP published research on RedLine Stealer, a stealer malware being delivered via fake Windows 11 updates. Almost a month later, RedLine Stealer continues to be active in the wild, with new samples surfacing over the past week.