Emotet Remains Dominant
Emotet remains at the top of our list in terms of most seen malware on the TruSTAR. This is unlikely to change for a long time to come as Emotet has become a near end all and be all for botnet services included delivering a large number and wide variety of malware. Likewise, we'd expect to see njRAT continue to hang around because of its proven efficacy and free cost.
GandCrab Ransomware Reemerges
What is new, is a surge in the reporting of GandCrab (aka GrandCrab) ransomware making it the second most reported malware on TruSTAR since last week. This is most likely due to the fact that the makers of GandCrab have announced that they are shutting down their operation after making more than $2B dollars. Not only were these bad guys able to make $150 million dollars per year, but they have reportedly been able to launder the money and are now heading off to retirement. The biggest thing for end users here is that if for any reason you are compromised by GandCrab after June 20th or 21st, there will be no way to recover your files as they will delete all remaining keys. You can read more about the GandCrab shutdown here from GBHackers.
View this OSINT Threat Report on TruSTAR to correlate IOCs with your own data:
Not on TruSTAR yet? Request a demo, and in the meantime download IOCs via .txt file: