The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

PolySwarm's 2024 Malware to Watch

Jan 8, 2024 1:04:35 PM / by The Hivemind posted in Threat Bulletin, Malware, LockBit, ALPHV, Predictions, BlackSuit, Rhysida, 2024, Hunters International, Play, 8base

0 Comments

Executive Summary

In this first report of 2024, PolySwarm analysts chose the malware families to watch in 2024. A small selection of samples of each family are provided as well.

Read More

2023 Recap - Cyber Threats to the Energy Vertical

Jan 2, 2024 11:43:43 AM / by The Hivemind posted in Threat Bulletin, Europe, LockBit, ALPHV, Charming Kitten, 2023, Cl0p, YoroTrooper, Energy, Bitter APT, Volt Typhoon, SpyNote, Rhysida, DroxiDat, VooDoo Bear, RedStinger, 2023 Recap, BlackBasta, Earth Yako, Prophet Spider, Cuba Ransomware

0 Comments

Executive Summary

Cyber threats pose a significant risk to the energy vertical, which encompasses various sectors such as oil, gas, electricity, renewable energy, utilities, and related critical infrastructure entities. PolySwarm has been tracking cyber activity targeting the energy vertical in 2023. In this report, we provide highlights of this year’s threat actors and cyber attacks known to target the energy sector.

Read More

2023 Recap - Malware Hall of Fame

Dec 18, 2023 3:13:23 PM / by The Hivemind posted in Threat Bulletin, Malware, LockBit, ALPHV, Cl0p, MOVEit, Rhysida, 2023 Recap, story of the year, BlackBasta

0 Comments

Executive Summary

In this report, PolySwarm analysts chose our top five standout malware families for the 2023 Malware Hall of Fame. We also feature the Story of the Year, MOVEit. A small selection of our most recent samples of each family are provided as well.

Read More

Rhysida and LockBit Observed Targeting the Healthcare Vertical

Aug 14, 2023 2:34:16 PM / by The Hivemind posted in Threat Bulletin, Ransomware, LockBit, Healthcare, SILENTKILL, Rhysida

0 Comments

Related Families: Rhysida, SILENTKILL, LockBit
Verticals Targeted: Healthcare

Read More

LockBit MacOS Variant

Apr 24, 2023 3:36:34 PM / by The Hivemind posted in Threat Bulletin, Ransomware, LockBit, MacOS, Mac, Apple

0 Comments

Related Families: LockBit

Read More

Exfiltrator-22 Framework

Mar 21, 2023 2:09:02 PM / by The Hivemind posted in Threat Bulletin, LockBit, Lockbit 3.0, Exfiltrator-22, EX-22, framework

0 Comments

Related Families: LockBit, LockBit 3.0
Verticals Targeted: Multiple 

Executive Summary

CYFIRMA recently reported on Exfiltrator-22, also known as EX-22, a new post-exploitation framework capable of spreading ransomware while evading detection.

Key Takeaways

  • Exfiltrator-22, also known as EX-22, is a new post-exploitation framework capable of spreading ransomware while evading detection. 
  • Exfiltrator-22, which is a framework-as-a-service, is designed to primarily target corporate networks.
  • Analysts at CYFIRMA have linked Exfiltrator-22 to former LockBit 3.0 affiliates.

Read More

Lockbit 3.0

Jul 14, 2022 1:29:24 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, LockBit, Lockbit 3.0, LockbitBlack

0 Comments



Executive Summary

Cluster25 recently reported on Lockbit 3.0, the latest version of Lockbit ransomware. Version 3.0 includes new features and a ransomware bug bounty program.

Read More

BlackCat Ransomware

Mar 31, 2022 2:57:30 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, BlackMatter, LockBit, BlackCat, ALPHV, DarkSide

0 Comments


Background

In our PolySwarm 2021 Year in Review, we made several predictions for this year, including that BlackCat ransomware would become more prevalent, due to its sophistication. BlackCat ransomware is ransomware as a service (RaaS), which was recently linked to the 

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts