Executive Summary
This threat bulletin features PolySwarm’s top malware to watch in 2023, as chosen by our analysts.
2023 Malware to Watch
Jan 17, 2023 1:31:56 PM / by The Hivemind posted in Threat Bulletin, Malware, 2023, Threat Landscape
PolySwarm's 2023 Analyst Predictions
Jan 12, 2023 12:57:24 PM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, 2023, Predictions, Threat Landscape
Executive Summary
This threat bulletin features PolySwarm analysts’ predictions for the 2023 threat landscape.
Key Takeaways
2022 Recap - Mobile Malware Threat Landscape
Dec 8, 2022 1:23:16 PM / by PolySwarm Tech Team posted in Threat Bulletin, Android, Malware, 2022 Recap, ios, Mobile
Verticals Targeted: Financial, Government, Journalism, Various
Executive Summary
This report is part of PolySwarm’s 2022 Recap series. This edition provides an overview of the 2022 mobile malware threat landscape.
Key Takeaways
- The 2022 mobile malware threat landscape saw a 500% increase in malware distribution in early 2022, and mobile malware continued to be rampant throughout the year.
- Some of the attack vectors used by threat actors to distribute mobile malware in 2022 include apps injected with malicious code, zero-click attacks, TOAD, and smashing.
- Types of mobile malware that were prolific in 2022 include banking trojans, dropper apps, spyware, mobile ransomware, and subscriber trojans.
Malware Leverages CAPTCHA to Bypass Browser Warning
Nov 23, 2022 1:00:33 PM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, CAPTCHA, TTPs, Gozi, Ursnif
Related Families: Gozi (Ursnif)
Verticals Targeted: Financial
Executive Summary
Bleeping Computer recently reported on a malware campaign that uses CAPTCHA to bypass browser warnings and deliver Gozi. This technique appears to be a novel TTP for threat actors.
RedLine Stealer Delivered Via Fake Windows 11 Update
Mar 14, 2022 1:27:00 PM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, RedLine Stealer, Microsoft, Windows, Infostealer
Background
Last month HP published research on RedLine Stealer, a stealer malware being delivered via fake Windows 11 updates. Almost a month later, RedLine Stealer continues to be active in the wild, with new samples surfacing over the past week.
DDoS Attacks and New Wiper Malware Target Ukraine
Feb 25, 2022 2:37:21 PM / by PolySwarm Tech Team posted in Ukraine, Russia, Threat Bulletin, Financial, Wiper, Malware, DDoS, Katana, Government, Defense
PolySwarm Threat Bulletin
THIS THREAT BULLETIN IS PROVIDED FOR SITUATIONAL AWARENESS
Background
PolySwarm recently released several publications and blog posts discussing Russia-Ukraine tensions and the potential for both kinetic and cyber conflict: