true
Blog OSINT Threat Report: Kovter Trojan Reemerges - Week of 4/5/19

OSINT Threat Report: Kovter Trojan Reemerges - Week of 4/5/19

Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here.

Given that Monday was April Fools this week’s trending threat results really made us do a double take.

njRAT Remains Prevalent

While njRAT remains at the top in terms of most seen malware on the TruSTAR platform we had a blast from the past with a big return of Pony. Pony is often seen with other malware such as Hancitor, which has been reported to have a new campaign running. It also often shows up with Gozi, Ursnif and others so don’t be surprised to see those correlated to reports of Pony malware.
 

Kovter Trojan Reemerges

Stranger still, Kovter rose to be the third most-seen malware on the platform. To some degree, this makes sense because Kovter can often be delivered by Pony. Kovter hasn’t been heavily reported since late 2018 and is best known for being “file-less” malware since its persistence method depends on registry keys.

View this OSINT Threat Report on TruSTAR to correlate IOCs with your own data:

View Report on TruSTAR

 

Not on TruSTAR yet? Request a demo, and in the meantime download IOCs via .txt file: 

  Download .txt File

OSINT Threat Report: Ursnif and Gozi Malware on the Rise - Week of 4/23/19 Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here. Read More
OSINT Threat Report: 11 New Exploits Associated With Mirai Botnet - Week of 3/25/19 Join TruSTAR every Wednesday for a weekly digest of trending threats. Click to download IOCs. Related posts here. Read More
OSINT Threat Report: Trickbot Emerges as Top Malware, New Ransomware KeyPass and B0r0nt0K - Week of 2/25/19 Join TruSTAR every Wednesday for a weekly digest of trending threats. Click to download IOCs. Related posts here. Read More