true
Blog OSINT Threat Report: Kovter Trojan Reemerges - Week of 4/5/19

OSINT Threat Report: Kovter Trojan Reemerges - Week of 4/5/19

Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here.

Given that Monday was April Fools this week’s trending threat results really made us do a double take.

njRAT Remains Prevalent

While njRAT remains at the top in terms of most seen malware on the TruSTAR platform we had a blast from the past with a big return of Pony. Pony is often seen with other malware such as Hancitor, which has been reported to have a new campaign running. It also often shows up with Gozi, Ursnif and others so don’t be surprised to see those correlated to reports of Pony malware.
 

Kovter Trojan Reemerges

Stranger still, Kovter rose to be the third most-seen malware on the platform. To some degree, this makes sense because Kovter can often be delivered by Pony. Kovter hasn’t been heavily reported since late 2018 and is best known for being “file-less” malware since its persistence method depends on registry keys.

View this OSINT Threat Report on TruSTAR to correlate IOCs with your own data:

View Report on TruSTAR

 

Not on TruSTAR yet? Request a demo, and in the meantime download IOCs via .txt file: 

  Download .txt File

OSINT Threat Report: Top Three Malware NJRat, Pony, Gandcrab - Week of July 31 Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here. Read More
OSINT Threat Report: Pony and NJRAT Stay Prevalent - Week of July 29 Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here. Read More
OSINT Threat Report: Pony, njRAT, Trickbot Still Rampant, DHS Issues Statement About Increased Cyber Attacks - Week of July 15 Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here.  Read More
OSINT Threat Report: Trickbot Continues to Deceive - Week of July 8 Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here.  Read More