Related Families: Ermac
Verticals Targeted: Financial
Executive Summary
Threat Fabric recently reported on Hook, an Android banking trojan that is a fork of Ermac.
Related Families: Wacatac
Executive Summary
Fortinet recently reported on a supply chain attack in which threat actors leveraged a 0-day attack embedded in three PyPI packages to deliver Wacatac.
Related Families: Raccoon, Vidar
Executive Summary
Sekoia recently reported on a campaign leveraging fake cracked software sites to deliver information stealers, including Raccoon and Vidar.
Related Families: Andromeda, Kopiluwak, QuietCanary
Executive Summary
Mandiant recently reported on a Turla campaign targeting Ukraine. The threat actors used multiple malware families in this campaign, including Kopiluwak, QuietCanary, and Andromeda.
Executive Summary
This threat bulletin features PolySwarm’s top malware to watch in 2023, as chosen by our analysts.
Executive Summary
This threat bulletin features PolySwarm analysts’ predictions for the 2023 threat landscape.
Key Takeaways
Executive Summary
This Threat Bulletin is part of PolySwarm’s 2022 Recap series. This report provides highlights of activity perpetrated by Russia-based threat actors in 2022. Russian APT activity in 2022 was heavily focused on targeting Ukraine for espionage and sabotage due to the ongoing Russia-Ukraine conflict. While the Russian cyber threat landscape includes a wide variety of ransomware and cybercrime threat actors, we have limited the scope of this report to state-sponsored threat actor activity.
Key Takeaways
- This report highlights activity perpetrated by Russia-based APT threat actors in 2022.
- Threat actors featured in this report include Cozy Bear, Fancy Bear, Energetic Bear, Venomous Bear, Primitive Bear, VooDoo Bear, Ember Bear, Saint Bear, UAC-0041, UAC-0088, and UAC-0098.
- PolySwarm tracked malware associated with multiple Russia nexus threat actors in 2022.