The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Monti Ransomware Linux Variant

Aug 21, 2023 12:49:38 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, Conti, Monti

0 Comments

Related Families: Conti
Verticals Targeted: Legal, Government

Read More

BlackSuit Ransomware

Jun 12, 2023 2:55:54 PM / by The Hivemind posted in Ransomware, Windows, Linux, Royal, BlackSuit, encryption

0 Comments

Related Families: Royal

Executive Summary

BlackSuit ransomware targets both Windows and Linux systems and bears a striking resemblance to Royal ransomware.

Read More

SysUpdate Linux Variant

Mar 14, 2023 3:30:50 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, RAT, Trojan, SysUpdate, Iron Tiger, Emissary Panda, APT27

0 Comments

Verticals Targeted: Gambling

Executive Summary

Trend Micro recently reported on a new Linux variant of Emissary Panda’s SysUpdate. SysUpdate is one of Emissary Panda’s custom tools. 

Read More

Royal Ransomware Linux Variant

Mar 3, 2023 1:25:10 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, Royal

0 Comments

Verticals Targeted: IT, Financial, Materials, Healthcare, Food Production 

Executive Summary

Trend Micro recently reported on a new Linux variant of Royal ransomware that targets Linux systems and  ESXi servers. Royal ransomware is yet another contender among the many ransomware families now targeting Linux systems.

Read More

Cl0p Linux Variant

Feb 28, 2023 12:53:32 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, Cl0p

0 Comments

Verticals Targeted: Education, Various

Executive Summary

SentinelLabs recently reported on a newly discovered Linux variant of Cl0p ransomware. The Linux variant is similar to the Windows variant but uses a flawed encryption logic.

Read More

ESXiArgs Ransomware

Feb 21, 2023 1:20:39 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, ESXiArgs, Babuk, CVE-2021-21974

0 Comments

Related Malware: Babuk
Verticals Targeted: Multiple

Executive Summary

Industry researchers recently reported on ESXiArgs ransomware, which targeted VMware ESXi servers around the globe. After CISA released a recovery script, the threat actors behind ESXiArgs distributed a new variant of the ransomware.

Key Takeaways

Read More

SideWalk Linux Variant

Oct 3, 2022 3:59:17 PM / by PolySwarm Tech Team posted in Threat Bulletin, Linux, Backdoor, SparklingGoblin, SideWalk

0 Comments

Related Families: Specter RAT, SideWalk (Windows)
Verticals Targeted: Education

Executive Summary

ESET recently reported on a SideWalk Linux variant. SideWalk is a backdoor used by the SparklingGoblin threat actor group.

Read More

Shikitega Linux Malware

Sep 15, 2022 1:51:05 PM / by PolySwarm Tech Team posted in Threat Bulletin, Linux, Shikitega, CVE-2021-4034, CVE-2021-3493

0 Comments



Executive Summary

In our 2021 Year in Review, we predicted a rise in Linux malware for 2022. AT&T Alien Labs recently reported on Shikitega, a new Linux malware with stealth capabilities.

Key Takeaways

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More