The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

CoffeeLoader

Apr 11, 2025 2:29:33 PM / by The Hivemind posted in Threat Bulletin, Loader, Emerging Threat, CoffeeLoader

0 Comments

Related Families: SmokeLoader, Rhadamanthys  

Read More

MintsLoader Delivering StealC and BOINC

Jan 31, 2025 12:35:53 PM / by The Hivemind posted in Threat Bulletin, Loader, MintsLoader, BOINC, StealC

0 Comments

Verticals Targeted: Oil & Gas, Energy, Legal Services 

Executive Summary

MintsLoader, a PowerShell-based loader, was recently observed delivering StealC and BOINC.

Read More

BabbleLoader

Nov 29, 2024 12:54:44 PM / by The Hivemind posted in Threat Bulletin, Loader, BabbleLoader, Meduza, WhiteSnake, Donut Loader

0 Comments

Related Families: WhiteSnake, Meduza
Verticals Targeted: Finance, Business Administration

Executive Summary

BabbleLoader is a new stealthy, metamorphic loader that was recently observed delivering stealers, including WhiteSnake and Meduza.

Read More

BumbleBee Returns With New Infection Chain

Oct 28, 2024 12:26:54 PM / by The Hivemind posted in Threat Bulletin, Loader, Bumblebee, Operation Endgame, Evolving Threat

0 Comments

Related Families: BazarLoader, BazaLoader

Executive Summary

BumbleBee is a sophisticated loader. It was first seen in the wild in 2022 and was a replacement for BazarLoader. It recently re-emerged with a new infection chain, indicating an evolving threat.

Read More

DarkGate

Apr 15, 2024 3:29:16 PM / by The Hivemind posted in Threat Bulletin, Loader, DarkGate, CVE-2023-36025, CVE-2024-21412

0 Comments

Verticals Targeted: Financial

Executive Summary

DarkGate was observed in early 2024 in a campaign leveraging CVE-2024-21412 to target entities in the financial vertical.

Read More

BunnyLoader 3.0

Mar 25, 2024 2:06:27 PM / by The Hivemind posted in Threat Bulletin, Loader, BunnyLoader, MaaS, BunnyLoader 3.0

0 Comments

Executive Summary

BunnyLoader malware as a service (MaaS) released its latest variant, BunnyLoader 3.0, in February. BunnyLoader 3.0 boasts multiple improvements, including a reduced payload size, keylogging capabilities, and a modular structure.

Read More

AresLoader

Oct 13, 2023 2:27:36 PM / by The Hivemind posted in Russia, Threat Bulletin, Loader, Cybercrime, AresLoader, MaaS

0 Comments

Executive Summary

AresLoader is a loader malware-as-a-service (MaaS) active in the wild since at least November 2022. AresLoader is designed to masquerade as legitimate software, while covertly downloading malicious payloads.

Read More

BunnyLoader

Oct 9, 2023 12:00:10 PM / by The Hivemind posted in Threat Bulletin, Loader, BunnyLoader, Malware-As-A-Service, Cybercrime

0 Comments

Executive Summary

BunnyLoader is a recently discovered malware-as-a-service (MaaS) threat being sold on multiple forums. It was released in September 2023 and appears to be under active development, with feature updates and bug fixes available.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More