The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

CastleLoader

Aug 8, 2025 11:51:37 AM / by The Hivemind posted in Threat Bulletin, Phishing, Redline, Emerging Threat, PowerShell, StealC, ClickFix, CastleLoader, GitHub, DeerStealer, malware loader, NetSupport RAT

0 Comments

Verticals Targeted: Government
Regions Targeted: US
Related Families: StealC, RedLine, NetSupport RAT, DeerStealer, HijackLoader, SectopRAT

Executive Summary

CastleLoader, a versatile malware loader, has infected 469 devices since May 2025, leveraging Cloudflare-themed ClickFix phishing and fake GitHub repositories to deliver information stealers and RATs. Its sophisticated attack chain, high infection rate, and modular design make it a significant threat to organizations, particularly U.S. government entities.

Read More

APT42 Targets US Presidential Campaigns and Israel in Phishing Campaign

Aug 23, 2024 1:05:04 PM / by The Hivemind posted in Threat Bulletin, Government, Phishing, Military, APT42

0 Comments

Related Families: NewsTerminal, OfficeFuel, FuelDump, Gorble
Verticals Targeted: Government, Military, Education, Aerospace

Executive Summary

Iran nexus threat actor group APT42 was recently observed targeting entities in the US and Israel in a phishing campaign. Targets included entities in the government, military, education, and aerospace verticals, as well as individuals associated with the 2024 US Presidential candidates.

Read More

Rhadamanthys Targeting ONG Sector

Mar 8, 2024 1:36:26 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Stealer, Phishing, Energy, ONG, Oil & Gas, Rhadamanthys

0 Comments

Verticals Targeted: Oil & Gas, Energy, Critical Infrastructure

Read More

Phishing and Android Malware Campaign Targets Indian Banks

Nov 21, 2022 1:12:25 PM / by PolySwarm Tech Team posted in Threat Bulletin, Financial, India, Android, Phishing, Elibomi, FakeReward, AxBanker, IcRA, IcSpy

0 Comments

Related Families: Elibomi, FakeReward, AxBanker, IcRAT, IcSpy
Verticals Targeted: Financial

Executive Summary

Trend Micro recently reported on a phishing and Android malware campaign targeting clients of multiple banks in India. The campaign leverages multiple malware families, including Elibomi, FakeReward, AxBanker, IcRAT, and IcSpy.

Read More

Cyber Threats to Aviation and Aerospace

Oct 25, 2022 5:02:07 PM / by PolySwarm Tech Team posted in Russia, Threat Bulletin, China, Ransomware, Aerospace, Hacktivism, Aviation, Data Theft, Killnet, Phishing

0 Comments



Executive Summary

The aviation and aerospace verticals face numerous challenges in the form of cyber threats. This report gives an overview of the different threat actor motivations to target aviation and aerospace and the types of threats to these verticals.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More