true
Blog OSINT Threat Report: Trickbot Emerges as Top Malware, New Ransomware KeyPass and B0r0nt0K - Week of 2/25/19

OSINT Threat Report: Trickbot Emerges as Top Malware, New Ransomware KeyPass and B0r0nt0K - Week of 2/25/19

Join TruSTAR every Wednesday for a weekly digest of trending threats. Click to download IOCs. Related posts here.

This week njRAT has moved back to the top of the list in terms of the most reported malware on TruSTAR. While Emotet has remained highly active it has switched from delivering IcedID to target in the U.S. to delivering Trickbot, which has moved up into the Top 5 malware category for the first time since we began tracking these trends on the platform. The change has been noted by Brad Duncan at @malware_traffic as well.
 
Where commodity malware is concerned, DarkComet and Nanocore remain among the most commonly seen with their positions unchanged from our last look. IOCs for the top three malware can be found on TruSTAR here
 
 
New to the scene is KeyPass and B0r0nt0K ransomware. KeyPass does not target a specific file extension but instead seeks to encrypt nearly everything on the drive which could potentially cause greater damage than just lost access to files. IOCs can be found on TruSTAR here.
 
Being aware of B0r0nt0K ransomware is important not so much because of prevalence (it's just now ramping up), but because it demands 20 Bitcoin (~$75,000 current value) from victims. The latter is using phishing and other social engineering attack vectors and does not yet have much in the way defense of by AVs. The Internet Patrol has more info on what little is known at present.
 

Not on TruSTAR yet? Request a demo, and in the meantime... 

  Download .txt File

Intelligence Sharing in the Time of COVID-19 Over the past few months, the world of information sharing has started to come together with security integration and automation. First, the ... Read More
COVID-19 Intelligence Briefing: What Happens Next? TruSTAR recently held an intelligence briefing with leaders from IBM X-Force IRIS, BAE Systems, and Intel471 to discuss the threatscape surrounding ... Read More
COVID-19 Intelligence Briefing: Adversary Attack Patterns & Knock-On Effects TruSTAR recently held an intelligence briefing with leaders from IBM X-Force IRIS, BAE Systems, and Intel471 to discuss the threatscape surrounding ... Read More
OSINT Threat Report: Nemty, the New Ransomware on the Block - Week of September 16 Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here. Read More