Get started
POLONIUM Malware attack with Creepy malware: How Cypex Could Have Prevented the Threat

Empower your security operations with unparalleled visibility into hacker strategies and infrastructure. Stay ahead of emerging threats with data-driven insights from the red side

POLONIUM Malware attack with Creepy malware: How Cypex Could Have Prevented the Threat

Cypex identified POLONIUM's attack infrastructure two months before the strike-well before anyone else noticed. Discover how our proactive approach detected the threat early

These are the steps the attackers took—steps only Cypex detected
Setting Up the Infrastructure
01
Setting Up the Infrastructure

Building the Command & Control (C&C) server, including Base64 encoding for secure communication and data transmission

C&C - 02.09.22
Exfiltration tools
02
Exfiltration tools

Attackers added exfiltration tools to the infrastructure to steal data, enabling unauthorized data transfer and breaches

Exfiltration- 27.08.22
Traffic tunneling tool
03
Traffic tunneling tool

The attackers deployed a traffic tunneling tool to conceal their activity and evade detection

Tunneling - 13.09.22
The attack
04
The attack

The attack occurred on October 12th, causing damage to 127 companies

Attack - September 2022
The investigation
05
The investigation

Further investigation uncovered additional Indicators of Compromise (IOCs) and revealed evidence that we detected signs of the attackers' activity a month before the attack. This could have prevented the breach, even though the IOCs were not listed on any blacklists

Curious to learn more?
Submit your request, and we'll gladly provide you with a personalized product presentation
Thank you for your request
Thank you for your request.
We've received your request, we will contact you soon.