The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Medusa Ransomware

Jan 24, 2025 2:18:04 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Medusa

0 Comments

Verticals Targeted: Government, Insurance, Real Estate, Healthcare, Manufacturing, Legal Services, Construction, Retail, Business Services, Energy, Education, Telecommunications, Software, Hospitality, Transportation, Financial 

Executive Summary

Medusa ransomware is a RaaS that has been active since at least 2023. Medusa has claimed several victims so far in 2025, including UK’s Gateshead Council.

Read More

FunkSec Ransomware

Jan 21, 2025 2:22:27 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Emerging Threat, FunkSec

0 Comments

Verticals Targeted: Government, Business Services, Education, Insurance, Software, Media, Finance, Agriculture, Manufacturing, Construction, Healthcare, Retail

Read More

Banshee MacOS Stealer

Jan 17, 2025 2:31:03 PM / by The Hivemind posted in Threat Bulletin, Infostealer, MacOS, Banshee

0 Comments

Executive Summary

Banshee is a stealer that targets MacOS systems. The latest variant of Banshee uses a string encryption algorithm that is the same as the one used in Apple’s Xprotect antivirus engine for MacOS systems.

Read More

"FakePOC" Infostealer Masquerading as LDAPNightmare PoC Exploit

Jan 13, 2025 3:00:14 PM / by The Hivemind posted in Threat Bulletin, Infostealer, FakePOC, LDAPNightmare

0 Comments

Executive Summary

An infostealer, dubbed “FakePOC”, was recently observed masquerading as an LDAPNightmare proof of concept (PoC) exploit.

Read More

FireScam Android Malware

Jan 10, 2025 1:36:56 PM / by The Hivemind posted in Threat Bulletin, Android, Stealer, Spyware, FireScam

0 Comments

Executive Summary

FireScam is a sophisticated Android malware family that is disguised as a Telegram Premium app. It has both infostealer and spyware capabilities.

Read More

2024 Recap - Malware Hall of Fame

Dec 30, 2024 12:05:01 PM / by The Hivemind posted in Threat Bulletin, Malware, 2024 Recap

0 Comments

Executive Summary

In this report, PolySwarm analysts chose fifteen standout malware families for the 2024 Malware Hall of Fame. A small selection of IOCs of our most recent samples of each family are provided as well.

Read More

2024 Recap - Russian Threat Actor Activity

Dec 19, 2024 12:38:53 PM / by The Hivemind posted in Russia, Threat Bulletin, Europe, 2024, Recap

0 Comments

Executive Summary

This Threat Bulletin is part of PolySwarm’s 2024 Recap series. This report provides highlights of activity perpetrated by Russia-based threat actors in 2024.

Read More

2024 Recap - Iranian Threat Actor Activity

Dec 16, 2024 1:42:43 PM / by The Hivemind posted in Threat Bulletin, Middle East, Iran, MENA, 2024, Recap

0 Comments

Executive Summary

This Threat Bulletin is part of PolySwarm’s 2024 Recap series. This report provides highlights of activity perpetrated by Iran-based threat actors in 2024.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More