The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Akira Ransomware

Oct 23, 2023 1:37:51 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Akira, Megazord

0 Comments

Related Families: Megazord
Verticals Targeted: Manufacturing, Business Services, Construction, Education, Finance, Legal Services, Retail, Architecture, Engineering and Design, and Investment Banking

Executive Summary

Akira ransomware, active since April 2023, was recently observed targeting Windows and Linux systems.

Read More

ALPHV Hacks MGM Grand

Sep 22, 2023 2:31:31 PM / by The Hivemind posted in Threat Bulletin, Ransomware, ALPHV, Scattered Spider, MGM Grand, social engineering

0 Comments

Verticals Targeted: Gambling, Hospitality, Recreation

Executive Summary

MGM Resorts International was the victim of a recent cyber attack that impacted several systems, including its website, reservations, and in-casino services such as ATMs, slot machines, and credit card machines. ALPHV has taken credit for the attack.

Read More

Mallox Ransomware

Sep 15, 2023 2:00:19 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Mallox, Remcos RAT

0 Comments

Related Families: Remcos RAT, Metasploit
Verticals Targeted:  Manufacturing, Retail, Wholesale, Legal, Professional Services

Executive Summary

Mallox, also known as TargetCompany, FARGO, and Tohnichi, is a ransomware family targeting Windows systems, particularly unsecured MS-SQL servers, to compromise victim networks.

Read More

Cuba Ransomware Used Veeam Vulnerability (CVE-2023-27532)

Aug 25, 2023 1:54:17 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Ransomware, Information Technology, Cuba

0 Comments

Verticals Targeted: Critical Infrastructure, Information Technology

Executive Summary

Cuba ransomware was observed using the Veeam vulnerability (CVE-2023-27532) in June to target critical infrastructure and IT entities in the US and Latin America.

Read More

Monti Ransomware Linux Variant

Aug 21, 2023 12:49:38 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, Conti, Monti

0 Comments

Related Families: Conti
Verticals Targeted: Legal, Government

Read More

Rhysida and LockBit Observed Targeting the Healthcare Vertical

Aug 14, 2023 2:34:16 PM / by The Hivemind posted in Threat Bulletin, Ransomware, LockBit, Healthcare, SILENTKILL, Rhysida

0 Comments

Related Families: Rhysida, SILENTKILL, LockBit
Verticals Targeted: Healthcare

Read More

Ransomware Threats to the Healthcare Vertical

Aug 11, 2023 1:34:43 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Healthcare

0 Comments

Verticals Targeted: Healthcare

Read More

DcRAT Distributed Via Adult Content Themed Lures

Jun 26, 2023 1:57:42 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Infostealer, RAT, DcRAT, AsyncRAT

0 Comments

Related Families: AsyncRAT
Verticals Targeted: Consumer Services

Executive Summary

DcRAT is a clone of AsyncRAT and is used for remote access and stealing information. It also has ransomware capabilities. DcRAT has distributed via adult content-themed lures, including lures for OnlyFans pages.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More