The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

MOIS Affiliated Threat Actor Using Liontail Framework

Nov 6, 2023 12:58:47 PM / by The Hivemind posted in Threat Bulletin, APT, Financial, Government, Iran, Telecommunications, framework, Military, MOIS, Liontail, OilRig, Scarred Manticore, IT, NGOs

0 Comments

Verticals Targeted: Government, Defense, Telecommunications, Finance, NGO, IT services  

Executive Summary

Scarred Manticore, a threat actor group associated with Iran’s MOIS, was observed using Liontail framework in an espionage campaign. 

Read More

Exfiltrator-22 Framework

Mar 21, 2023 2:09:02 PM / by The Hivemind posted in Threat Bulletin, LockBit, Lockbit 3.0, Exfiltrator-22, EX-22, framework

0 Comments

Related Families: LockBit, LockBit 3.0
Verticals Targeted: Multiple 

Executive Summary

CYFIRMA recently reported on Exfiltrator-22, also known as EX-22, a new post-exploitation framework capable of spreading ransomware while evading detection.

Key Takeaways

  • Exfiltrator-22, also known as EX-22, is a new post-exploitation framework capable of spreading ransomware while evading detection. 
  • Exfiltrator-22, which is a framework-as-a-service, is designed to primarily target corporate networks.
  • Analysts at CYFIRMA have linked Exfiltrator-22 to former LockBit 3.0 affiliates.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More