Executive Summary
Cyble recently reported on Luca Stealer, a Rust based stealer malware targeting Windows.
Key Takeaways
Luca Stealer
Aug 8, 2022 3:41:00 PM / by PolySwarm Team posted in Threat Bulletin, Stealer, Windows, Rust, Luca Stealer
Raspberry Robin
Aug 1, 2022 2:21:21 PM / by PolySwarm Tech Team posted in Threat Bulletin, Windows, LNK Worm, Raspberry Robin, QNAP
Executive Summary
Cybereason recently reported on Raspberry Robin, a worm that uses LNK shortcuts to lure victims and leverages compromised QNAP devices as stagers.
Black Basta Ransomware
Jul 5, 2022 3:33:54 PM / by PolySwarm Tech Team posted in Threat Bulletin, Ransomware, Windows, Linux, Black Basta, Qbot
Executive Summary
Cybereason recently reported on Black Basta ransomware, which has claimed around 50 victims so far, making it a prominent threat.
Pymafka Targets macOS, Windows, Linux
Jun 17, 2022 2:17:39 PM / by PolySwarm Tech Team posted in Threat Bulletin, Windows, Linux, Python, Pymafka, Cobalt Strike
Executive Summary
Sonatype recently reported on Pymakfa, a malicious Python package in the PyPl registry dropping Cobalt Strike on macOS, Windows, and Linux.
Follina MSDT Vulnerability (CVE-2022-30190)
Jun 6, 2022 1:54:53 PM / by PolySwarm Tech Team posted in Threat Bulletin, Windows, Follina, CVE-2022-30190, MS Office, MSDT
Background
Microsoft recently published an advisory on a newly identified zero-day vulnerability that affects Microsoft Support Diagnostic Tool (MSDT). CVE-2022-30190, which is being exploited in the wild, has been dubbed Follina by industry researcher Kevin Beaumont.
AvosLocker Ransomware
Mar 18, 2022 1:31:01 PM / by PolySwarm Tech Team posted in Threat Bulletin, Windows, AvosLocker, Linux
Background
Qualys recently published a blog post on AvosLocker ransomware, which targets both Windows and Linux operating systems.
RedLine Stealer Delivered Via Fake Windows 11 Update
Mar 14, 2022 1:27:00 PM / by PolySwarm Tech Team posted in Threat Bulletin, Malware, RedLine Stealer, Microsoft, Windows, Infostealer
Background
Last month HP published research on RedLine Stealer, a stealer malware being delivered via fake Windows 11 updates. Almost a month later, RedLine Stealer continues to be active in the wild, with new samples surfacing over the past week.