true
Blog OSINT Threat Report: Top Three Malware NJRat, Pony, Gandcrab - Week of July 31

OSINT Threat Report: Top Three Malware NJRat, Pony, Gandcrab - Week of July 31

Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here.

NJRat, Pony, Gandcrab Updates

This week, NJRAT and PONY remain in the top three with NJRAT activity now outpacing PONY by a fair margin. Interestingly, there's been a spike in GANDCRAB reporting over the past week that it's the second most reported malware on the platform. Doing some digging this seems to be that while the makers of Gandcrab announced their retirement, they have actually rebranded themselves with the REvil ransomware. Krebs did a nice writeup on this which is highly recommended reading if you have concerns around this ransomware. 

So in terms of malware ranking this week we have NJRAT, GANDCRAB, and PONY/FAREIT. While there is a fair amount of attribution reporting for the NJRAT activity from RecordedFuture, we'd caution that it is still a piece of commodity malware and thus there are likely to be multiple users and campaigns utilizing this malware.

Trickbot 

As a final note, we still see Trickbot as a significant threat and continue to see adaptations for the malicious tool now the fourth most reported on TruSTAR. And while we don't know if Emotet is merely down for retooling or if the actors behind it have simply closed up shop, but its noticeable drop over the last few weeks has been striking. 

View this OSINT Threat Report on TruSTAR to correlate IOCs with your own data:

View Report on TruSTAR

 

Not on TruSTAR yet? Request a demo, and in the meantime download IOCs via .txt file: 

Download .txt File

  

OSINT Threat Report: Nemty, the New Ransomware on the Block - Week of September 16 Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here. Read More
OSINT Threat Report: The Evolution of Trickbot - Week of August 26 Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here. Read More
OSINT Threat Report: A Closer Look at Sodinokibi and Gandcrab - Week of August 19 Welcome to our OSINT Threat Report, a weekly digest of trending threats reported by TruSTAR platform users. Related posts here. Read More