The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

KrustyLoader Backdoor

Mar 11, 2024 3:09:11 PM / by The Hivemind posted in Threat Bulletin, Windows, Linux, Backdoor, KrustyLoader, Avanti, UNC5221

0 Comments

Verticals Targeted: Government, Defense, Finance, Technology, Telecommunications, Aerospace, Pharmaceuticals  

Executive Summary

Multiple industry sources recently reported on KrustyLoader, a Rust-based backdoor with both Windows and Linux variants.

Read More

Faust Ransomware

Feb 12, 2024 1:07:27 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Windows, Faust, Phobos

0 Comments

Related Families: Phobos

Executive Summary

Faust is a newly discovered variant of Phobos ransomware delivered via an office document containing a malicious VBA script.

Read More

New Zloader Variant Discovered

Feb 9, 2024 1:16:59 PM / by The Hivemind posted in Threat Bulletin, Windows, Trojan, Zloader, ZeuS, 64-bit

0 Comments

Related Families: ZeuS

Executive Summary

A new variant of the modular trojan Zloader was recently identified. The new variant has been in development since September 2023.

Read More

Go-Based Proxy Targets Windows and Mac Systems

Aug 28, 2023 2:57:30 PM / by The Hivemind posted in Threat Bulletin, Windows, Mac, Proxy, Go

0 Comments

Executive Summary

A recent malware campaign delivered a proxy server application to both Windows and Mac systems, turning them into proxy exit nodes. 

Read More

BlackSuit Ransomware

Jun 12, 2023 2:55:54 PM / by The Hivemind posted in Ransomware, Windows, Linux, Royal, BlackSuit, encryption

0 Comments

Related Families: Royal

Executive Summary

BlackSuit ransomware targets both Windows and Linux systems and bears a striking resemblance to Royal ransomware.

Read More

BlackLotus UEFI Bootkit

Mar 10, 2023 12:13:45 PM / by The Hivemind posted in Threat Bulletin, Windows, UEFI, CVE-2022-21894, BlackLotus, Bootkit, Windows 11, Baton Drop

0 Comments

Executive Summary

BlackLotus is the first known bootkit to bypass UEFI Secure Boot on fully updated Windows 11 systems. It leverages CVE-2022-21894 to bypass UEFI Secure Boot.

Read More

Luca Stealer

Aug 8, 2022 3:41:00 PM / by PolySwarm Team posted in Threat Bulletin, Stealer, Windows, Rust, Luca Stealer

0 Comments



Executive Summary

Cyble recently reported on Luca Stealer, a Rust based stealer malware targeting Windows.

Key Takeaways

Read More

Raspberry Robin

Aug 1, 2022 2:21:21 PM / by PolySwarm Tech Team posted in Threat Bulletin, Windows, LNK Worm, Raspberry Robin, QNAP

0 Comments



Executive Summary

Cybereason recently reported on Raspberry Robin, a worm that uses LNK shortcuts to lure victims and leverages compromised QNAP devices as stagers.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts