The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

PromptLock AI-Powered Ransomware

Sep 5, 2025 2:36:00 PM / by The Hivemind posted in Threat Bulletin, Data Exfiltration, Linux Malware, Windows Malware, file encryption, proof of concept, AI-powered ransomware, PromptLock malware, AI cybersecurity threats, Golang ransomware, Lua scripts, POC

0 Comments

Verticals Targeted: None yet
Regions Targeted: None yet
Related Families: None

Read More

VShell Linux Backdoor

Aug 29, 2025 12:46:41 PM / by The Hivemind posted in Threat Bulletin, Linux Malware, VShell malware, malicious filename, command injection, XOR encryption, Bash payload, remote access backdoor, fileless malware, Snowlight dropper, Linux server security

0 Comments

Verticals Targeted: Not specified
Regions Targeted: Not specified
Related Families: Snowlight dropper

Executive Summary

VShell is a sophisticated Go-based backdoor targeting Linux systems through a novel infection chain that weaponizes filenames in RAR archives. This malware, linked to Chinese APT groups, exploits common shell scripting practices to execute malicious Bash payloads, delivering a stealthy, memory-resident backdoor capable of remote control, file operations, and network tunneling.

Read More

New Chaos RAT Variants Observed

Jun 16, 2025 1:57:09 PM / by The Hivemind posted in Threat Bulletin, Malware, Data Theft, Evolving Threat, Cybersecurity, Chaos RAT, Remote Administration Tool, Linux Malware, Windows Malware, Phishing Attacks, Cryptocurrency Mining

0 Comments

Verticals Targeted: Not specified
Regions Targeted: Not specified
Related Families: None identified

Executive Summary

New variants of Chaos RAT, an open-source remote administration tool (RAT) first observed in 2022, have been identified. The new variants target both Windows and Linux systems through sophisticated phishing campaigns. This evolving malware deploys cryptominers, steals sensitive data, and establishes persistent control over infected devices.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts