Daily Ruleset Update Summary 2017/02/09

[***] Summary: [***]

5 new Open signatures, 15 new Pro (5 + 10). Spora, VARIOUS PHISHING.

Thanks: @illegalFawn

[+++]          Added rules:          [+++]

Open:

2023887 - ET TROJAN Spora Ransomware DNS Query (trojan.rules)
2023888 - ET CURRENT_EVENTS Successful Apple Phish Feb 09 2017 (current_events.rules)
2023889 - ET CURRENT_EVENTS Tech Support Phone Scam Landing Feb 09 2017 (current_events.rules)
2023890 - ET CURRENT_EVENTS Successful Banco Itau (BR) Mobile Phish M1 Feb 09 2017 (current_events.rules)
2023891 - ET CURRENT_EVENTS Successful Banco Itau (BR) Mobile Phish M2 Feb 09 2017 (current_events.rules)

Pro:

2824863 - ETPRO TROJAN Win32/Fadok.A Checkin (trojan.rules)
2824864 - ETPRO TROJAN Spy.Banker/Unknown CnC Beacon 1 (trojan.rules)
2824865 - ETPRO TROJAN Spy.Banker/Unknown CnC Beacon 2 (trojan.rules)
2824866 - ETPRO TROJAN Unknown CnC Beacon (trojan.rules)
2824867 - ETPRO TROJAN Win32.Laqma.c Checkin (trojan.rules)
2824868 - ETPRO MOBILE_MALWARE Android/SmsSpy.AS CnC Beacon (mobile_malware.rules)
2824869 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.aa Contacts Exfil via SMTP (mobile_malware.rules)
2824870 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ac Contacts Exfil (mobile_malware.rules)
2824871 - ETPRO TROJAN Win32/Spy.Agent.OXA CnC Beacon (trojan.rules)
2824872 - ETPRO MOBILE_MALWARE Android/Styricka.A DNS Lookup (mobile_malware.rules)

[///]     Modified active rules:     [///]

2023697 - ET CURRENT_EVENTS Successful Bradesco Bank Phish M2 Jan 05 2017 (current_events.rules)
2822312 - ETPRO CURRENT_EVENTS Successful Apple Phish M2 Sept 29 2016 (current_events.rules)
2823535 - ETPRO CURRENT_EVENTS RIG EK Landing Nov 30 2016 (RIG-v) (current_events.rules)
2824818 - ETPRO TROJAN Bitcoin Miner Known Malicious Basic Auth (NDg3emFCck...) (trojan.rules)

[---]         Removed rules:         [---]

2821520 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Rootnik.be Checkin (mobile_malware.rules)
 

Date: 
Thursday, February 9, 2017 - 00:00