The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

MuddyWater's UDPGangster Backdoor

Dec 15, 2025 2:04:50 PM / by The Hivemind posted in Threat Bulletin, anti-analysis techniques, Phishing Campaigns, cyber espionage, VBA macros, UDPGangster, UDP backdoor

0 Comments

Verticals Targeted: Not specified
Regions Targeted: Turkey, Israel, Azerbaijan
Related Families: Phoenix

Read More

APT24’s BadAudio

Dec 5, 2025 2:11:03 PM / by The Hivemind posted in Threat Bulletin, Phishing Campaigns, Pitty Panda, BadAudio, PRC cyber espionage, APT24, supply chain compromise, strategic web compromise, Cobalt Strike Beacon

0 Comments

Verticals Targeted: Digital Marketing, Industrial Sectors, Recreational Goods, Animal Rescue Organizations
Regions Targeted: Taiwan
Related Families: Cobalt Strike

Read More

ClayRAT

Oct 17, 2025 4:14:26 PM / by The Hivemind posted in Threat Bulletin, Malware, mobile threat evolution, ClayRAT, Android Spyware, spyware distribution, Android Security, Telegram phishing, SMS handler abuse, Phishing Campaigns, Malware Propagation

0 Comments

Verticals Targeted: None specified
Regions Targeted: Russia
Related Families: None

Executive Summary

ClayRAT, a sophisticated Android spyware campaign targeting Russian users, leverages Telegram channels and phishing sites to distribute malicious APKs disguised as popular apps. Its rapid evolution, extensive surveillance capabilities, and self-propagation via SMS make it a significant threat to mobile security.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More