The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

BrainCipher Ransomware

Oct 21, 2024 12:07:07 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Lockbit 3.0, Emerging Threat, BrainCipher, BrainCypher

0 Comments

Related Families: LockBit 3.0
Verticals Targeted: Media, Insurance, Legal Services, Healthcare, Retail, Software, Construction, Manufacturing, Real Estate, Education, Government 

Executive Summary

BrainCipher ransomware, which was first observed in June 2024, is an emerging threat. BrainCipher is based on the leaked LockBit 3.0 builder and is functionally similar to LockBit 3.0.  

Read More

Trinity Ransomware

Oct 18, 2024 2:30:02 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Healthcare, Manufacturing, Emerging Threat, Trinity

0 Comments

Related Families: Venus, 2023Lock
Verticals Targeted: Healthcare, Manufacturing, Business Services 

Read More

Perfectl Linux Malware

Oct 15, 2024 2:29:59 PM / by The Hivemind posted in Threat Bulletin, Linux, Cryptominer, Perfectl, Monero, Proxyjacking

0 Comments

Executive Summary

Perfectl is a malware family that targets misconfigured Linux servers. In a recent campaign, Perfectl was observed deploying cryptominers and proxyjacking software.

Read More

Silent Chollima Extortion Activity Targets US Entities

Oct 11, 2024 2:12:45 PM / by The Hivemind posted in Threat Bulletin, North Korea, Extortion, Silent Chollima, Andariel, APT 45, Stonefly, Onyx Sleet, Preft

0 Comments

Related Families: Preft

Read More

Octo2 Android Banking Trojan

Oct 7, 2024 2:06:59 PM / by The Hivemind posted in Threat Bulletin, Android, Trojan, Banking Trojan, Latrodectus, Octo, ExobotCompact

0 Comments

Related Families: Exobot, ExobotCompact, Octo
Verticals Targeted: Financial

Executive Summary

Octo2, an updated version of Octo Android banking trojan, was recently observed targeting Android users in Europe.

Read More

DragonForce Ransomware

Oct 4, 2024 1:05:42 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Lockbit 3.0, Conti, evolving, Emerging, DragonForce

0 Comments

Related Families: LockBit 3.0, Conti
Verticals Targeted: Business Services, Construction, Retail, Telecommunications, Manufacturing, Mining, Government, Healthcare, Transportation, Energy, Software, Education 

Executive Summary

DragonForce is a ransomware as a service (RaaS) that has significantly evolved in the past year, making it a formidable threat.

Read More

Labyrinth Chollima Using Poisoned Python Packages to Deliver PondRAT

Sep 30, 2024 1:49:09 PM / by The Hivemind posted in Threat Bulletin, North Korea, Linux, MacOS, PondRAT, PoolRAT, Labyrinth Chollima

0 Comments

Related Families: PondRAT, PoolRAT
Verticals Targeted: Software Development 

Executive Summary

North Korea nexus threat actor group Labyrinth Chollima was observed using poisoned Python packages to deliver PondRAT, a backdoor that targets MacOS and Linux systems.  

Read More

Vice Society Using INC Ransomware to Target Healthcare Vertical

Sep 27, 2024 4:06:33 PM / by The Hivemind posted in Threat Bulletin, Ransomware, INC, Vice Society

0 Comments

Verticals Targeted: Healthcare

Executive Summary

Vice Society was recently observed using INC ransomware to target entities in the healthcare sector.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts