The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

RansomHouse Upgrades Its Encryption

Dec 29, 2025 12:26:13 PM / by The Hivemind posted in Threat Bulletin, double extortion, Mario Encryptor, MrAgent Tool, VMware hypervisor, RansomHouse Ransomware, ESXi Targeting, ransomware upgrade, encryption evolution

0 Comments

Verticals Targeted:  Healthcare, Finance, Transportation, Government
Regions Targeted: Not specified
Related Families: MrAgent, Mario

Read More

Kraken Ransomware

Nov 21, 2025 1:56:50 PM / by The Hivemind posted in Threat Bulletin, Cross-Platform Ransomware, double extortion, HelloKitty successor, Cloudflared persistence, Kraken ransomware, ESXi ransomware, ChaCha20 encryption, SMB exploitation

0 Comments

Verticals Targeted: None specified
Regions Targeted: United States, United Kingdom, Canada, Denmark, Panama, Kuwait
Related Families: HelloKitty

Read More

LockBit 5.0

Oct 10, 2025 2:50:07 PM / by The Hivemind posted in Cybercrime, Linux Malware, Windows Malware, LockBit Ransomware, double extortion, VMware virtualization, ESXi attacks, ransomware trends, data encryption, anti-analysis techniques

0 Comments

Verticals Targeted: Not specified
Regions Targeted: Not specified
Related Families: LockBit

Executive Summary

LockBit 5.0, the latest evolution of the notorious ransomware, targets Windows, Linux, and VMware ESXi systems with advanced obfuscation, DLL reflection, and anti-analysis techniques. Its cross-platform capabilities and enhanced encryption methods make it a formidable threat to enterprise networks.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More