true
Blog OSINT Threat Report: njRAT and DarkComet Trojans Back on the Rise - Week of 12/10/18

OSINT Threat Report: njRAT and DarkComet Trojans Back on the Rise - Week of 12/10/18

Join TruSTAR every Thursday for a weekly digest of trending threats. Click to download IOCs. Related posts here.

NJRat is a remote access trojan (RAT), also known as Bladabindi. It’s a popular exploit used among low-level threat actors and has been known to be used against political targets. Researchers last week detected a new, fileless version of the malicious remote access tool njRAT that propagates as a worm via removable drives.

View NJRat iocs on trustar

DarkComet is a freely available Remote Administration “Tool,” which was developed by DarkCoderSC and designed to provide full access to remote clients. DarkComet is advertised as a tool and not a Trojan but because it is heavily used by hackers it is detected by most antivirus software as a Trojan. Ukrainian police recently arrested a 42-year-old man on charges of infecting over 2,000 users across 50 countries with the DarkComet RAT.

View DarkComet iocs on trustar

Upticking globally on the interwebs is Samsam ransomware activity. This isn’t really new, but it is being talked about quite a bit as of late due to the arrest of two Iranian nationals that were recently indicted.

View Samsam iocs on trustar

 Not using TruSTAR yet? Request a demo, or download an IOC .txt file below.

Download .txt File

OSINT Threat Report: New Novidade Exploit Kit - Week of 12/17/18 Join TruSTAR every Thursday for a weekly digest of trending threats. Click to download IOCs. Related posts here. For the week of December 17, njRAT ... Read More
OSINT Threat Report: Emotet, Dridex, Mylobot Malware Activity - Week of 11/26/18 Join TruSTAR every Thursday for a weekly digest of trending threats. Click to download IOCs. Related posts here. In TruSTAR we see that Emotet has ... Read More