The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

GIFTEDCROOK Stealer Targets Ukraine

Apr 14, 2025 2:00:22 PM / by The Hivemind posted in Ukraine, Threat Bulletin, Espionage, Stealer, Infostealer, GiftedCrook

0 Comments

Verticals Targeted: Military, Law Enforcement, Government
Regions Targeted: Ukraine

Executive Summary

The Computer Emergency Response Team of Ukraine (CERT-UA) has identified a new phishing campaign by UAC-0226, deploying the GIFTEDCROOK stealer through malicious Excel files to compromise Ukrainian institutions. This operation targets sensitive data from military, law enforcement, and local government entities, leveraging socially engineered lures for execution.

Read More

FrigidStealer MacOS Stealer

Feb 21, 2025 1:48:14 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, MacOS, Emerging Threat, FrigidStealer

0 Comments

Executive Summary

FrigidStealer is a stealer that targets MacOS devices. It has been active since at least late 2024 and is delivered via web injection campaigns.

Read More

Banshee MacOS Stealer

Jan 17, 2025 2:31:03 PM / by The Hivemind posted in Threat Bulletin, Infostealer, MacOS, Banshee

0 Comments

Executive Summary

Banshee is a stealer that targets MacOS systems. The latest variant of Banshee uses a string encryption algorithm that is the same as the one used in Apple’s Xprotect antivirus engine for MacOS systems.

Read More

"FakePOC" Infostealer Masquerading as LDAPNightmare PoC Exploit

Jan 13, 2025 3:00:14 PM / by The Hivemind posted in Threat Bulletin, Infostealer, FakePOC, LDAPNightmare

0 Comments

Executive Summary

An infostealer, dubbed “FakePOC”, was recently observed masquerading as an LDAPNightmare proof of concept (PoC) exploit.

Read More

PXA Stealer

Nov 22, 2024 1:54:18 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, PXA Stealer, Vietnam

0 Comments

Verticals Targeted: Government, Education 

Executive Summary

PXA Stealer was used in an information-stealing campaign targeting entities in the government and education sectors, located in Europe and Asia.

Read More

New Lumma C2 Variant Leverages PowerShell

Sep 16, 2024 2:58:00 PM / by The Hivemind posted in Threat Bulletin, Infostealer, CAPTCHA, Lumma C2, PowerShell

0 Comments

Executive Summary

A new Lumma C2 variant that leverages PowerShell was recently observed. The new variant’s attack chain masquerades as CAPTCHA and actively exploits PowerShell commands.

Read More

FickleStealer

Jun 28, 2024 3:08:23 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, FickleStealer

0 Comments

Executive Summary

FickleStealer is a Rust-based stealer that targets Windows devices. It is distributed in a variety of ways and steals information, likely with the intent of using the information for follow-on attacks.

Read More

Cuckoo: Part Infostealer, Part Spyware

May 13, 2024 2:20:01 PM / by The Hivemind posted in Threat Bulletin, Infostealer, Spyware, MacOS, Cuckoo

0 Comments

Executive Summary

Cuckoo is a recently discovered infostealer and spyware hybrid targeting MacOS systems.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More