The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Cl0p Linux Variant

Feb 28, 2023 12:53:32 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, Cl0p

0 Comments

Verticals Targeted: Education, Various

Executive Summary

SentinelLabs recently reported on a newly discovered Linux variant of Cl0p ransomware. The Linux variant is similar to the Windows variant but uses a flawed encryption logic.

Read More

MortalKombat Ransomware Used in Recent Campaign

Feb 24, 2023 1:57:55 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Cryptocurrency, Laplas Clipper, MortalKombat, Xorist

0 Comments

Related Families: Xorist, Laplas Clipper

Executive Summary

Cisco Talos recently reported on threat actor activity leveraging MortalKombat ransomware and Laplas Clipper. MortalKombat encrypts files on the infected machine and drops a ransom note instructing victims on how to pay the ransom to recover their files.

Key Takeaways

Read More

ESXiArgs Ransomware

Feb 21, 2023 1:20:39 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, ESXiArgs, Babuk, CVE-2021-21974

0 Comments

Related Malware: Babuk
Verticals Targeted: Multiple

Executive Summary

Industry researchers recently reported on ESXiArgs ransomware, which targeted VMware ESXi servers around the globe. After CISA released a recovery script, the threat actors behind ESXiArgs distributed a new variant of the ransomware.

Key Takeaways

Read More

Mimic Ransomware

Feb 7, 2023 12:25:08 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Mimic, Everything.exe, Conti

0 Comments

Related Families: Conti

Executive Summary

Trend Micro recently reported on Mimic ransomware, a ransomware family that abuses Everything APIs.

Key Takeaways

Read More

Consulate Health Ransomware attack

Jan 18, 2023 2:35:50 PM / by The Hivemind posted in Malware, Ransomware, Hive, Cybercriminals

0 Comments



Ransomware attacks have become a major concern for businesses and organizations in recent years, with devastating consequences for those who fall victim. The Hive ransomware gang, which recently targeted Consulate Health Care, is one example of cybercriminals constructing sophisticated and ruthless tactics to steal sensitive data and extort money from their victims. But how can you protect yourself from these kinds of attacks in the future?

Read More

Royal Ransomware

Dec 1, 2022 1:22:05 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Royal, DEV-0569

0 Comments



Executive Summary

Microsoft recently reported on Royal ransomware, a ransomware family used by the threat actor DEV-0569

Read More

Azov Ransomware Built to Wipe Data

Nov 17, 2022 1:36:37 PM / by PolySwarm Tech Team posted in Ukraine, Threat Bulletin, Ransomware, Azov

0 Comments



Executive Summary

Azov ransomware is a recently discovered malware family being distributed through pirated software, keygens, and adware bundles. It acts as a wiper and is capable of backdooring 64-bit executables. It also uses a unique pattern for overwriting files.

Read More

Recent Threats to the Healthcare Vertical

Nov 14, 2022 12:49:52 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Healthcare, Data Theft, Extortion, Data Leak

0 Comments

Verticals Targeted: Healthcare

Executive Summary

Multiple incidents in the last few months highlight the ongoing threats to the Healthcare vertical. These incidents have included data leaks, data theft and extortion, ransomware, and other cyber attacks.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More