true
Blog OSINT Threat Report: Pony and NJRAT Stay Prevalent - Week of July 29

OSINT Threat Report: Pony and NJRAT Stay Prevalent - Week of July 29

Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here.

Pony Continues to Evolve

There is something bubbling up with Pony and we're not exactly sure what that is. This week Pony/Fareit as the most reported malware on the TruSTAR platform and from dark web forums we are seeing "Pony Botnet with bulletproof hosting" listed and on a Chinese hack forum (if the Google translations are even halfway reasonable) and suggestions that there is a new version or variant of Pony Loader. These are in no way conclusive given only two data points, but we will be keeping an eye on this one and suggest that you do the same. 

Can't Exterminate NJRAT

Next, we have NJRAT percolating back into the #2 spot followed by Quasar this week. Based on external intelligence and digging into the intel behind the most recent indicators for these two threats it appears that most of this activity is tied to Iranian operations. From Recorded Future, "Our research found that APT33, or a closely aligned threat actor, continues to conduct and prepare for widespread cyber espionage activity, with over 1,200 domains used since March 28, 2019, and with a strong emphasis on using commodity malware."

˜View this OSINT Threat Report on TruSTAR to correlate IOCs with your own data:

View Report on TruSTAR

 

Not on TruSTAR yet? Request a demo, and in the meantime download IOCs via .txt file: 

Download .txt File

  

Intelligence Sharing in the Time of COVID-19 Over the past few months, the world of information sharing has started to come together with security integration and automation. First, the ... Read More
COVID-19 Intelligence Briefing: What Happens Next? TruSTAR recently held an intelligence briefing with leaders from IBM X-Force IRIS, BAE Systems, and Intel471 to discuss the threatscape surrounding ... Read More
COVID-19 Intelligence Briefing: Adversary Attack Patterns & Knock-On Effects TruSTAR recently held an intelligence briefing with leaders from IBM X-Force IRIS, BAE Systems, and Intel471 to discuss the threatscape surrounding ... Read More
OSINT Threat Report: Nemty, the New Ransomware on the Block - Week of September 16 Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here. Read More