Xamalicious Android Backdoor
Jan 16, 2024 7:42:21 AM / by The Hivemind posted in Threat Bulletin, Android, Backdoor, Mobile, Xamalicious
Fancy Bear Campaign Leverages New Malware
Jan 12, 2024 11:42:16 AM / by The Hivemind posted in Ukraine, Russia, Threat Bulletin, Espionage, Government, Fancy Bear, STEELHOOK, OCEANMAP, MASEPIE
Related Families: OCEANMAP, MASEPIE, STEELHOOK
Verticals Targeted: Government
Executive Summary
Fancy Bear was recently observed engaging in a phishing campaign targeting entities in Ukraine. In the campaign, the threat actors used three never before seen malware families, OCEANMAP, MASEPIE, and STEELHOOK.
PolySwarm's 2024 Malware to Watch
Jan 8, 2024 1:04:35 PM / by The Hivemind posted in Threat Bulletin, Malware, LockBit, ALPHV, Predictions, BlackSuit, Rhysida, 2024, Hunters International, Play, 8base
Executive Summary
In this first report of 2024, PolySwarm analysts chose the malware families to watch in 2024. A small selection of samples of each family are provided as well.
2023 Recap - Cyber Threats to the Energy Vertical
Jan 2, 2024 11:43:43 AM / by The Hivemind posted in Threat Bulletin, Europe, LockBit, ALPHV, Charming Kitten, 2023, Cl0p, YoroTrooper, Energy, Bitter APT, Volt Typhoon, SpyNote, Rhysida, DroxiDat, VooDoo Bear, RedStinger, 2023 Recap, BlackBasta, Earth Yako, Prophet Spider, Cuba Ransomware
Executive Summary
Cyber threats pose a significant risk to the energy vertical, which encompasses various sectors such as oil, gas, electricity, renewable energy, utilities, and related critical infrastructure entities. PolySwarm has been tracking cyber activity targeting the energy vertical in 2023. In this report, we provide highlights of this year’s threat actors and cyber attacks known to target the energy sector.
2023 Recap - Malware Trends and Observations
Dec 22, 2023 11:06:05 AM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, TTPs, 2023 Recap, trends, targeting
Executive Summary
In January, our analysts made various predictions for the 2023 threat landscape. In this report, we present malware trends and observations that correlate with those predictions.
2023 Recap - Malware Hall of Fame
Dec 18, 2023 3:13:23 PM / by The Hivemind posted in Threat Bulletin, Malware, LockBit, ALPHV, Cl0p, MOVEit, Rhysida, 2023 Recap, story of the year, BlackBasta
Executive Summary
In this report, PolySwarm analysts chose our top five standout malware families for the 2023 Malware Hall of Fame. We also feature the Story of the Year, MOVEit. A small selection of our most recent samples of each family are provided as well.
2023 Recap - Threat Actor Activity Highlights - North Korea
Dec 15, 2023 1:37:07 PM / by The Hivemind posted in Threat Bulletin, North Korea, APAC, 2023 Recap, Chollima
Executive Summary
Several high-profile North Korea nexus threat actor groups have been active in 2023. Reported activities include but are not limited to supply chain attacks, targeting of cryptocurrency, and proliferation of MacOS malware. In this report, PolySwarm highlights cyber activity perpetrated by North Korea nexus threat actor groups in 2023.
2023 Recap - Cyber Activity in the Gaza Conflict
Dec 11, 2023 3:08:36 PM / by The Hivemind posted in Threat Bulletin, Gaza, Hacktivism, Palestine, Israel, Hamas, BiBi-Linux, Conflict, Cyberwar, BiBi-Windows, SysJoker