true
Blog OSINT Threat Report: Trickbot Emerges as Top Malware, New Ransomware KeyPass and B0r0nt0K - Week of 2/25/19

OSINT Threat Report: Trickbot Emerges as Top Malware, New Ransomware KeyPass and B0r0nt0K - Week of 2/25/19

Join TruSTAR every Wednesday for a weekly digest of trending threats. Click to download IOCs. Related posts here.

This week njRAT has moved back to the top of the list in terms of the most reported malware on TruSTAR. While Emotet has remained highly active it has switched from delivering IcedID to target in the U.S. to delivering Trickbot, which has moved up into the Top 5 malware category for the first time since we began tracking these trends on the platform. The change has been noted by Brad Duncan at @malware_traffic as well.
 
Where commodity malware is concerned, DarkComet and Nanocore remain among the most commonly seen with their positions unchanged from our last look. IOCs for the top three malware can be found on TruSTAR here
 
 
New to the scene is KeyPass and B0r0nt0K ransomware. KeyPass does not target a specific file extension but instead seeks to encrypt nearly everything on the drive which could potentially cause greater damage than just lost access to files. IOCs can be found on TruSTAR here.
 
Being aware of B0r0nt0K ransomware is important not so much because of prevalence (it's just now ramping up), but because it demands 20 Bitcoin (~$75,000 current value) from victims. The latter is using phishing and other social engineering attack vectors and does not yet have much in the way defense of by AVs. The Internet Patrol has more info on what little is known at present.
 

Not on TruSTAR yet? Request a demo, and in the meantime... 

  Download .txt File

OSINT Threat Report: Ursnif and Gozi Malware on the Rise - Week of 4/23/19 Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here. Read More
OSINT Threat Report: Kovter Trojan Reemerges - Week of 4/5/19 Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here. Read More
OSINT Threat Report: 11 New Exploits Associated With Mirai Botnet - Week of 3/25/19 Join TruSTAR every Wednesday for a weekly digest of trending threats. Click to download IOCs. Related posts here. Read More