The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

PupkinStealer Leverages Telegram for Data Exfiltration

May 16, 2025 2:16:41 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, Emerging Threat, PupkinStealer

0 Comments

Verticals Targeted: E-commerce
Regions Targeted: Not specified
Related Families: None identified

Executive Summary

PupkinStealer, a .NET-based infostealer written in C#, targets sensitive data such as browser credentials and desktop files, exfiltrating it via Telegram’s Bot API. First observed in April 2025, its simplicity and reliance on legitimate platforms make it a notable threat.

Read More

StealC Evolves

May 12, 2025 3:01:20 PM / by The Hivemind posted in Threat Bulletin, Stealer, Evolving Threat, StealC, StealCV2, Amadey

0 Comments

Related Families: Amadey

Executive Summary

StealC V2, a sophisticated evolution of the StealC information stealer, introduces enhanced payload delivery, RC4 encryption, and a redesigned control panel, posing significant risks to organizations.

Read More

GIFTEDCROOK Stealer Targets Ukraine

Apr 14, 2025 2:00:22 PM / by The Hivemind posted in Ukraine, Threat Bulletin, Espionage, Stealer, Infostealer, GiftedCrook

0 Comments

Verticals Targeted: Military, Law Enforcement, Government
Regions Targeted: Ukraine

Executive Summary

The Computer Emergency Response Team of Ukraine (CERT-UA) has identified a new phishing campaign by UAC-0226, deploying the GIFTEDCROOK stealer through malicious Excel files to compromise Ukrainian institutions. This operation targets sensitive data from military, law enforcement, and local government entities, leveraging socially engineered lures for execution.

Read More

FrigidStealer MacOS Stealer

Feb 21, 2025 1:48:14 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, MacOS, Emerging Threat, FrigidStealer

0 Comments

Executive Summary

FrigidStealer is a stealer that targets MacOS devices. It has been active since at least late 2024 and is delivered via web injection campaigns.

Read More

FireScam Android Malware

Jan 10, 2025 1:36:56 PM / by The Hivemind posted in Threat Bulletin, Android, Stealer, Spyware, FireScam

0 Comments

Executive Summary

FireScam is a sophisticated Android malware family that is disguised as a Telegram Premium app. It has both infostealer and spyware capabilities.

Read More

PXA Stealer

Nov 22, 2024 1:54:18 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, PXA Stealer, Vietnam

0 Comments

Verticals Targeted: Government, Education 

Executive Summary

PXA Stealer was used in an information-stealing campaign targeting entities in the government and education sectors, located in Europe and Asia.

Read More

Cthulhu MacOS Stealer

Aug 30, 2024 2:09:06 PM / by The Hivemind posted in Threat Bulletin, Stealer, MacOS, Cthulhu

0 Comments

Related Families: Atomic Stealer

Executive Summary

Cthulhu is a stealer malware targeting MacOS systems. First observed in 2023, this malware-as-a-service  (MaaS) is capable of targeting both x86_64 and ARM architectures.

Read More

FickleStealer

Jun 28, 2024 3:08:23 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, FickleStealer

0 Comments

Executive Summary

FickleStealer is a Rust-based stealer that targets Windows devices. It is distributed in a variety of ways and steals information, likely with the intent of using the information for follow-on attacks.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts