The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Rhysida and LockBit Observed Targeting the Healthcare Vertical

Aug 14, 2023 2:34:16 PM / by The Hivemind posted in Threat Bulletin, Ransomware, LockBit, Healthcare, SILENTKILL, Rhysida

0 Comments

Related Families: Rhysida, SILENTKILL, LockBit
Verticals Targeted: Healthcare

Read More

Ransomware Threats to the Healthcare Vertical

Aug 11, 2023 1:34:43 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Healthcare

0 Comments

Verticals Targeted: Healthcare

Read More

DcRAT Distributed Via Adult Content Themed Lures

Jun 26, 2023 1:57:42 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Infostealer, RAT, DcRAT, AsyncRAT

0 Comments

Related Families: AsyncRAT
Verticals Targeted: Consumer Services

Executive Summary

DcRAT is a clone of AsyncRAT and is used for remote access and stealing information. It also has ransomware capabilities. DcRAT has distributed via adult content-themed lures, including lures for OnlyFans pages.

Read More

BlackSuit Ransomware

Jun 12, 2023 2:55:54 PM / by The Hivemind posted in Ransomware, Windows, Linux, Royal, BlackSuit, encryption

0 Comments

Related Families: Royal

Executive Summary

BlackSuit ransomware targets both Windows and Linux systems and bears a striking resemblance to Royal ransomware.

Read More

BlackByte NT

May 30, 2023 2:01:00 PM / by The Hivemind posted in BlackByte, Ransomware, BlackByte NT

0 Comments

Related Families: BlackByte

Executive Summary

BlackByte NT, the most recently discovered variant of BlackByte ransomware, was recently reported by DuskRise. BlackByte NT is written in C++ and contains a variety of anti-analysis techniques in an attempt to thwart malware analysts.

Read More

LockBit MacOS Variant

Apr 24, 2023 3:36:34 PM / by The Hivemind posted in Threat Bulletin, Ransomware, LockBit, MacOS, Mac, Apple

0 Comments

Related Families: LockBit

Read More

Iranian Threat Actors Target Hybrid Environment

Apr 21, 2023 2:39:06 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Iran, Muddy Water, Static Kitten, DEV-1084, Mercury

0 Comments



Executive Summary

Iranian threat actors were observed targeting a hybrid environment using ransomware as a decoy for destructive attacks.

Key Takeaways

Read More

Rorschach Ransomware

Apr 14, 2023 2:25:33 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Rorschach

0 Comments



Executive Summary

Rorschach is a newly discovered ransomware family with the fastest encryption to date. While the developers seemed to borrow TTPs from other ransomware strains, Rorschach is unique and points to a sophisticated threat actor.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More