The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Famous Chollima’s PylangGhost

Jun 23, 2025 2:25:38 PM / by The Hivemind posted in Blockchain, Threat Bulletin, North Korea, India, Malware, Python, Cryptocurrency, RAT, PylangGhost, GolangGhost, Famous Chollima

0 Comments

Verticals Targeted: Cryptocurrency
Regions Targeted: India
Related Families: GolangGhost

Executive Summary

Famous Chollima, a North Korean-aligned threat actor, has deployed PylangGhost, a Python-based remote access trojan (RAT), targeting cryptocurrency and blockchain professionals in India. This malware, a variant of the GolangGhost RAT, facilitates credential theft and remote system control via sophisticated social engineering tactics.

Read More

Pymafka Targets macOS, Windows, Linux

Jun 17, 2022 2:17:39 PM / by PolySwarm Tech Team posted in Threat Bulletin, Windows, Linux, Python, Pymafka, Cobalt Strike

0 Comments



Executive Summary

Sonatype recently reported on Pymakfa, a malicious Python package in the PyPl registry dropping Cobalt Strike on macOS, Windows, and Linux.

Read More

Serpent Backdoor

Apr 1, 2022 1:19:34 PM / by PolySwarm Tech Team posted in Threat Bulletin, Serpent, Chocolatey, Backdoor, Python

0 Comments


Background

Proofpoint recently published research on Serpent, a newly discovered backdoor malware. Proofpoint observed the malware targeting the construction, real estate, and government verticals in France.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More