The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

SharkLoader Emerges as Stealthy Cobalt Strike Delivery Framework

Jul 2, 2026 9:31:24 AM / by The Hivemind posted in Threat Bulletin, Cobalt Strike, malware loader, DLL sideloading, SharkLoader, StrikeShark

0 Comments

Verticals Targeted: Government, Diplomatic Organizations, Software Development
Regions Targeted: Indonesia, Taiwan, Hong Kong, Lebanon, Syria, Colombia, North Macedonia, Nepal, Serbia
Related Families: SharkLoader, Cobalt Strike

Executive Summary

Researchers have identified a previously undocumented malware loader named SharkLoader, used by an intrusion cluster tracked as StrikeShark to deploy Cobalt Strike Beacon against organizations across multiple countries and industries. The campaign has leveraged exploitation of vulnerable internet-facing applications alongside custom droppers disguised as legitimate software installers to establish initial access. Confirmed victims include government-related organizations, diplomatic entities, software development companies, and organizations in additional sectors spanning Asia, Europe, the Middle East, and Latin America.

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts