Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.
Jan 5, 2026 1:04:00 PM / by The Hivemind posted in Threat Bulletin, RedLine Stealer, Akira Ransomware, AsyncRAT trojan, VShell backdoor, 2025 malware trends, ransomware 2025, Cl0p ransomware, Qilin ransomware, SocGholish downloader, LummaStealer infostealer
Verticals Targeted: Multiple
Regions Targeted: Multiple
Related Families: Cl0p, Qilin, SocGholish, Akira, AsyncRAT, LummaStealer, RedLineStealer, VShell
PolySwarm's 2025 Year in Review spotlights resilient malware that dominated the threat landscape and nation-state espionage from the Big Four. React2Shell (CVE-2025-55182) emerged as the top vulnerability, while AI-driven attacks defined the year's paradigm shift.
Oct 6, 2022 2:55:06 PM / by PolySwarm Tech Team posted in Threat Bulletin, RedLine Stealer, NullMixer, Satacom, Dropper, SmokeLoader, PseudoManuscrypt, ColdStealer, FormatLoader, CsdiMonetize, Disbuk, Fabookie, DanaBot, Racealer, Generic.ClipBanker, SgnitLoader, ShortLoader, Downloader.INNO, LgoogLoader, Downloader.Bitser, C-Joker, PrivateLoader, GCleaner, Vidar
Related Families: SmokeLoader, RedLine Stealer, PseudoManuscrypt, ColdStealer, FormatLoader, CsdiMonetize, Disbuk, Fabookie, DanaBot, Racealer, Generic.ClipBanker, SgnitLoader, ShortLoader, Downloader.INNO, LgoogLoader, Downloader.Bitser, C-Joker, PrivateLoader, Satacom, GCleaner, Vidar
Verticals Targeted: Multiple
Executive Summary
Kaspersky recently reported on NullMixer, a dropper used to drop a myriad of malware families, including SmokeLoader, RedLine Stealer, PseudoManuscrypt, ColdStealer, FormatLoader, CsdiMonetize, Disbuk, Fabookie, DanaBot, Racealer, Generic.ClipBanker, SgnitLoader, ShortLoader, Downloader.INNO, LgoogLoader, Downloader.Bitser, C-Joker, PrivateLoader, Satacom, GCleaner, and Vidar.
Mar 14, 2022 1:27:00 PM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, RedLine Stealer, Microsoft, Windows, Infostealer
Background
Last month HP published research on RedLine Stealer, a stealer malware being delivered via fake Windows 11 updates. Almost a month later, RedLine Stealer continues to be active in the wild, with new samples surfacing over the past week.