Trickbot Enters the Scene
We are certainly seeing a lot more movement this week in malware rankings on the TruSTAR platform. Emotet has dropped to the 8th ranked piece of malware on the TruSTAR platform and Trickbot has surged to number one. This may be related to a new variant of Trickbot that came out a couple of weeks ago or perhaps there is yet a new TTP in this highly modular piece of malware. Just before publication we were able to verify that there is indeed a new variant of Trickbot out with new capabilities including continual updating via C&C, but more information will develop in the coming weeks.
FormBook Gaining Momentum
Following TrickBot, we find that FormBook is now the second most seen malware followed by Pony/Fareit. The notable thing about FormBook is that where it was once targeted, it now seems to be used much more broadly. The most common vector for all of these is malicious spam campaigns so your inbox should be considered your first line of defense.
View this OSINT Threat Report on TruSTAR to correlate IOCs with your own data:
Not on TruSTAR yet? Request a demo, and in the meantime download IOCs via .txt file: