The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Ghost (Cring) Ransomware

Feb 24, 2025 11:57:27 AM / by The Hivemind posted in Threat Bulletin, Ransomware, Ghost, Cring

0 Comments

Verticals Targeted: Healthcare, Government, Education, Technology, Manufacturing, SMBs

Executive Summary

Ghost, also known as Cring, is a ransomware family that has been active since at least late 2020. A recent uptick in Ghost activity prompted US agencies to release a joint cybersecurity advisory on Ghost.

Read More

FrigidStealer MacOS Stealer

Feb 21, 2025 1:48:14 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, MacOS, Emerging Threat, FrigidStealer

0 Comments

Executive Summary

FrigidStealer is a stealer that targets MacOS devices. It has been active since at least late 2024 and is delivered via web injection campaigns.

Read More

SystemBC Now Targeting Linux

Feb 18, 2025 2:05:57 PM / by The Hivemind posted in Threat Bulletin, Linux, RAT, SystemBC, Evolving Threat

0 Comments

Related Families: RIG, Fallout EK

Executive Summary

SystemBC, a RAT that previously only targeted Windows systems was recently observed targeting Linux.

Read More

Chinese Threat Actors Using BadIIS to Manipulate SEO

Feb 14, 2025 1:01:25 PM / by The Hivemind posted in Threat Bulletin, China, BadIIS, SEO manipulation, DragonRank

0 Comments

Verticals Targeted: Government, Education, Technology, Telecommunications

Executive Summary

Chinese threat actors were recently observed using BadIIS to manipulate SEO and direct victims to illegal gambling sites.

Read More

Evasive Panda Uses SSH Backdoor to Target Network Devices

Feb 10, 2025 1:56:30 PM / by The Hivemind posted in Threat Bulletin, China, Linux, Evasive Panda, Daggerfly, ELF/Sshdinjector.A!tr

0 Comments

Executive Summary

Read More

Coyote Banking Trojan

Feb 7, 2025 1:04:08 PM / by The Hivemind posted in Threat Bulletin, Windows, Banker, Banking Trojan, Evolving Threat, Coyote

0 Comments

Verticals Targeted: Financial 

Executive Summary

Coyote, which was first observed in early 2024, is a banking trojan that has targeted over 1030 sites and 73 financial institutions.

Read More

Lynx Ransomware

Feb 3, 2025 1:43:43 PM / by The Hivemind posted in Threat Bulletin, Ransomware, INC, Emerging Threat, Lynx

0 Comments

Related Families: INC
Verticals Targeted: Legal Services, Retail, Finance, Telecommunications, Agriculture, Manufacturing, Construction, Transportation, Healthcare, Energy

Executive Summary

Lynx ransomware is a ransomware-as-a-service (RaaS) that was first observed in July 2024. Since its debut, the ransomware has gained momentum and has continued its activity into early 2025.

Read More

MintsLoader Delivering StealC and BOINC

Jan 31, 2025 12:35:53 PM / by The Hivemind posted in Threat Bulletin, Loader, MintsLoader, BOINC, StealC

0 Comments

Verticals Targeted: Oil & Gas, Energy, Legal Services 

Executive Summary

MintsLoader, a PowerShell-based loader, was recently observed delivering StealC and BOINC.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More