Insights, news, education and announcements from PolySwarm

APT24’s BadAudio

Dec 5, 2025 2:11:03 PM / by The Hivemind posted in Threat Bulletin, Phishing Campaigns, Pitty Panda, BadAudio, PRC cyber espionage, APT24, supply chain compromise, strategic web compromise, Cobalt Strike Beacon

0 Comments

Verticals Targeted: Digital Marketing, Industrial Sectors, Recreational Goods, Animal Rescue Organizations
Regions Targeted: Taiwan
Related Families: Cobalt Strike

ClayRAT

Oct 17, 2025 4:14:26 PM / by The Hivemind posted in Threat Bulletin, Malware, mobile threat evolution, ClayRAT, Android Spyware, spyware distribution, Android Security, Telegram phishing, SMS handler abuse, Phishing Campaigns, Malware Propagation

0 Comments

Verticals Targeted: None specified
Regions Targeted: Russia
Related Families: None

Executive Summary

ClayRAT, a sophisticated Android spyware campaign targeting Russian users, leverages Telegram channels and phishing sites to distribute malicious APKs disguised as popular apps. Its rapid evolution, extensive surveillance capabilities, and self-propagation via SMS make it a significant threat to mobile security.

The PolySwarm Blog

APT24’s BadAudio

ClayRAT

Executive Summary

Subscribe to Email Updates

Lists by Topic

Posts by Topic

Recent Posts

Join the Marketplace

For Enterprises and Businesses

For Security Experts and AV Companies