[***] Summary: [***] 6 new Open rules, 21 new Pro (6/15). Various Android, BKDR_SLOTH.A, PCRat/Gh0st. Thanks: @kafeine @EKwatcher [+++] Added rules: [+++] 2018284 - ET TROJAN Self-Signed Cert Observed in Various Zbot Strains (trojan.rules)
2018285 - ET TROJAN BKDR_SLOTH.A Checkin (trojan.rules)
2018286 - ET CURRENT_EVENTS EMET.DLL in jjencode (current_events.rules)
2018287 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 31 (trojan.rules)
2018288 - ET CURRENT_EVENTS Joomla 3.2.1 SQL injection attempt (current_events.rules)
2018289 - ET CURRENT_EVENTS Joomla 3.2.1 SQL injection attempt 2 (current_events.rules) Pro: 2807835 - ETPRO TROJAN Win32/Small.HK Checkin (trojan.rules)
2807836 - ETPRO TROJAN Backdoor.Win32.Pahador Checkin via Gadu-Gadu (trojan.rules)
2807837 - ETPRO TROJAN Trojan-Spy.Win32.Polyatroj.pej Checkin via Gadu-Gadu (trojan.rules)
2807838 - ETPRO TROJAN Win32/Prosti.L Checkin via Gadu-Gadu (trojan.rules)
2807839 - ETPRO TROJAN Backdoor.Win32.Delf.arb Checkin via Gadu-Gadu (trojan.rules)
2807840 - ETPRO TROJAN Unknown Backdoor Checkin via Gadu-Gadu (trojan.rules)
2807841 - ETPRO TROJAN Trojan-Spy.Win32.KeyLogger.tr via Gadu-Gadu (trojan.rules)
2807842 - ETPRO TROJAN Win32/Jevafus.A Checkin (trojan.rules)
2807843 - ETPRO TROJAN Win32/Shoco.C Checkin (trojan.rules)
2807844 - ETPRO TROJAN Win32/Netins.A Checkin (trojan.rules)
2807846 - ETPRO MOBILE_MALWARE Android.Trojan.Adaln.A Checkin (mobile_malware.rules)
2807847 - ETPRO MOBILE_MALWARE Android.Trojan.Adaln.A Checkin 2 (mobile_malware.rules)
2807848 - ETPRO MOBILE_MALWARE Android.Trojan.Adaln.A Checkin 3 (mobile_malware.rules)
2807849 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.AAE Checkin (mobile_malware.rules)
[///] Modified active rules: [///] 2008299 - ET CHAT GaduGadu Chat Server Login OK Packet (chat.rules)
2016251 - ET TROJAN Win32/Emold.C Checkin (trojan.rules)
2017992 - ET TROJAN Win32/OutBrowse.G Variant Checkin (trojan.rules)
2804323 - ETPRO TROJAN Win32/Ransom.EJ checkin (trojan.rules)
2805110 - ETPRO TROJAN Trojan-Downloader.Banload Chekin (trojan.rules)
2805645 - ETPRO TROJAN TROJ_GEN.F47V1005 CnC traffic (trojan.rules)
2806475 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Obad.a Checkin (mobile_malware.rules)
2807045 - ETPRO TROJAN Trojan.Win32.Agent.aapnf Report via SMTP (trojan.rules)
2807486 - ETPRO TROJAN Worm.Win32/Mamianune.gen spreading via SMTP (trojan.rules)
2807506 - ETPRO TROJAN Win32.Foreign.jowy 1 (trojan.rules)

 

Date: 
Sunday, March 16, 2014 - 22:00