The PolySwarm Blog

Related Families: Sword2033

Executive Summary

China nexus threat actor group Gallium was recently observed using a new Linux variant of PingPull in an espionage campaign.

Verticals Targeted: Gambling

Executive Summary

Trend Micro recently reported on a new Linux variant of Emissary Panda’s SysUpdate. SysUpdate is one of Emissary Panda’s custom tools. 

Verticals Targeted: Cryptocurrency, DeFi, Finance 

Executive Summary

Uptycs recently reported on activity in which threat actors used Parallax RAT to target entities in the cryptocurrency sector.

Related Families: Ermac
Verticals Targeted: Financial

Executive Summary

Threat Fabric recently reported on Hook, an Android banking trojan that is a fork of Ermac.

Executive Summary

Malwarebytes recently reported on Woody RAT, a RAT being used to target entities in Russia.