The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

VajraSpy Android Spyware

Feb 20, 2024 12:02:15 PM / by The Hivemind posted in Threat Bulletin, APT, Android, Malware, Spyware, Mobile, VajraSpy

0 Comments

Executive Summary

Read More

Xamalicious Android Backdoor

Jan 16, 2024 7:42:21 AM / by The Hivemind posted in Threat Bulletin, Android, Backdoor, Mobile, Xamalicious

0 Comments

Executive Summary

Read More

SecuriDropper Android Malware

Nov 17, 2023 1:27:39 PM / by The Hivemind posted in Threat Bulletin, Android, Mobile, Ermac, SpyNote, SecuriDropper, Dropper-as-a-service

0 Comments

Related Families: SpyNote, Ermac

Executive Summary

SecuriDropper is a widely distributed dropper-as-a-service that bypasses Android Restricted Settings.

Read More

BadBazaar Spyware Variants Delivered Via Trojanized Android Apps

Sep 11, 2023 3:07:00 PM / by The Hivemind posted in Threat Bulletin, Espionage, Android, Mobile, BadBazaar, GREF

0 Comments

Executive Summary

Two GREF espionage campaigns used trojanized Android apps to deliver BadBazaar spyware variants.

Read More

SpyNote Targets Utility Company Customers

Aug 4, 2023 2:38:03 PM / by The Hivemind posted in Threat Bulletin, Android, Critical Infrastructure, Mobile, Energy, Utilities, SpyNote

0 Comments

Verticals Targeted: Utilities, Energy, Water, Critical Infrastructure

Read More

Wicked Panda Using WyrmSpy and DragonEgg Android Spyware

Jul 31, 2023 2:33:15 PM / by The Hivemind posted in Threat Bulletin, Android, Wicked Panda, Mobile, DragonEgg, WyrmSpy

0 Comments

Executive Summary

Read More

Goldoson Android Adware

Apr 28, 2023 2:51:23 PM / by The Hivemind posted in Threat Bulletin, Android, Mobile, Goldoson, Adware

0 Comments


Executive Summary

Goldoson, a privacy-invasive and clicker adware, was recently discovered in several popular Android apps in South Korea. It generates revenue for the threat actors via fraudulent recursive visits to hidden ads on the infected device.

Read More

Nexus Android Banking Trojan

Apr 4, 2023 3:28:28 PM / by The Hivemind posted in Threat Bulletin, Banking, Android, Trojan, Botnet, Mobile, POISON, Nexus, Banker, SOVA

0 Comments

Related Families: SOVA
Verticals Targeted: Financial, Cryptocurrency 

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts