true
Blog OSINT Threat Report: Trickbot Emerges as Top Malware, New Ransomware KeyPass and B0r0nt0K - Week of 2/25/19

OSINT Threat Report: Trickbot Emerges as Top Malware, New Ransomware KeyPass and B0r0nt0K - Week of 2/25/19

Join TruSTAR every Wednesday for a weekly digest of trending threats. Click to download IOCs. Related posts here.

This week njRAT has moved back to the top of the list in terms of the most reported malware on TruSTAR. While Emotet has remained highly active it has switched from delivering IcedID to target in the U.S. to delivering Trickbot, which has moved up into the Top 5 malware category for the first time since we began tracking these trends on the platform. The change has been noted by Brad Duncan at @malware_traffic as well.
 
Where commodity malware is concerned, DarkComet and Nanocore remain among the most commonly seen with their positions unchanged from our last look. IOCs for the top three malware can be found on TruSTAR here
 
 
New to the scene is KeyPass and B0r0nt0K ransomware. KeyPass does not target a specific file extension but instead seeks to encrypt nearly everything on the drive which could potentially cause greater damage than just lost access to files. IOCs can be found on TruSTAR here.
 
Being aware of B0r0nt0K ransomware is important not so much because of prevalence (it's just now ramping up), but because it demands 20 Bitcoin (~$75,000 current value) from victims. The latter is using phishing and other social engineering attack vectors and does not yet have much in the way defense of by AVs. The Internet Patrol has more info on what little is known at present.
 

Not on TruSTAR yet? Request a demo, and in the meantime... 

  Download .txt File

OSINT Threat Report: Emotet Surpases njRAT and Dark Comet Activity - Week of 1/29/19 Join TruSTAR every Wednesday for a weekly digest of trending threats. Click to download IOCs. Related posts here. Read More
OSINT Threat Report: ServHelper Malware and Ryuk Ransomware Upticks - Week of 1/21/19 Join TruSTAR every Wednesday for a weekly digest of trending threats. Click to download IOCs. Related posts here. Read More
OSINT Threat Report: New Novidade Exploit Kit - Week of 12/17/18 Join TruSTAR every Thursday for a weekly digest of trending threats. Click to download IOCs. Related posts here. For the week of December 17, njRAT ... Read More