The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

CastleLoader

Aug 8, 2025 11:51:37 AM / by The Hivemind posted in Threat Bulletin, Phishing, Redline, Emerging Threat, PowerShell, StealC, ClickFix, CastleLoader, GitHub, DeerStealer, malware loader, NetSupport RAT

0 Comments

Verticals Targeted: Government
Regions Targeted: US
Related Families: StealC, RedLine, NetSupport RAT, DeerStealer, HijackLoader, SectopRAT


Executive Summary

CastleLoader, a versatile malware loader, has infected 469 devices since May 2025, leveraging Cloudflare-themed ClickFix phishing and fake GitHub repositories to deliver information stealers and RATs. Its sophisticated attack chain, high infection rate, and modular design make it a significant threat to organizations, particularly U.S. government entities.

Read More

PolySwarm 2022 Recap - Threats to the Gaming Industry

Dec 12, 2022 1:55:57 PM / by PolySwarm Tech Team posted in Threat Bulletin, BlackCat, ALPHV, 2022 Recap, Electron Bot, Gaming, Redline, Chaos, Monster, AXLocker

0 Comments

Related Families: RedLine, Chaos, Monster, Electron Bot, AXLocker, RapperBot, ALPHV/BlackCat, Electron Bot
Verticals Targeted: Gaming

Executive Summary

This report is part of PolySwarm’s 2022 Recap series. This edition provides an overview of the 2022 gaming threat landscape.

Key Takeaways

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts