The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

New XLoader Variant Disguised as Signed App

Sep 1, 2023 1:24:48 PM / by The Hivemind posted in Threat Bulletin, Xloader, MacOS


Executive Summary

A new XLoader variant has been observed in the wild, targeting MacOS systems and disguising itself as a signed OfficeNote app. 

Read More

Roaming Mantis Wroba.o Android Malware

Feb 3, 2023 1:20:46 PM / by The Hivemind posted in Threat Bulletin, Android, Shaoye, Xloader, Roaming Mantis, DNS, Wroba.o


Related Families: Wroba.o, Xloader

Executive Summary

Kaspersky SecureList recently reported on a Roaming Mantis campaign using Wroba.o with DNS hijacking to infect routers and Android devices.

Key Takeaways

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts