The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Tomiris Targets Central Asia in Espionage Campaign

May 5, 2023 2:00:47 PM / by The Hivemind posted in Russia, Threat Bulletin, Kopiluwak, TunnusSched, Roopy, Tomiris, Central Asia, Telemiris, JLORAT


Related Families: Telemiris, TunnusSched, Roopy, JLORAT, KopiLuwak
Verticals Targeted: Government, Diplomatic Entities

Executive Summary

A Russian-speaking threat actor group dubbed Tomiris was recently observed conducting an espionage campaign targeting countries in Central Asia. The group uses a variety of tools, some of which overlap with the Russian threat actor group Venomous Bear.

Key Takeaways

Read More

Recent Turla Activity Targeting Ukraine

Jan 19, 2023 12:39:38 PM / by The Hivemind posted in Ukraine, Russia, Threat Bulletin, Espionage, Venomous Bear, Andromeda, Kopiluwak, Turla, QuietCanary


Related Families: Andromeda, Kopiluwak, QuietCanary

Executive Summary

Mandiant recently reported on a Turla campaign targeting Ukraine. The threat actors used multiple malware families in this campaign, including Kopiluwak, QuietCanary, and Andromeda.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts