Daily Ruleset Update Summary 2018/01/17

[***]            Summary:            [***]

2 new Open, 15 new Pro (2 + 13). Win32.Blouiroet, Gozi/Ursnif Payload, Downloader.Fon, Various Phishing.

Thanks: @AttackDetection

[+++]          Added rules:          [+++]

Open:

2025204 - ET TROJAN MoneroPay Ransomware Payment Activity (trojan.rules)
2025205 - ET TROJAN [PTsecurity] Gozi/Ursnif Payload v14 (trojan.rules)

Pro:

2829321 - ETPRO TROJAN W32/z.wll Checkin (trojan.rules)
2829322 - ETPRO TROJAN Downloader.Fon CnC Beacon 1 (trojan.rules)
2829323 - ETPRO TROJAN Downloader.Fon CnC Beacon 2 (trojan.rules)
2829324 - ETPRO CURRENT_EVENTS Possible Successful Wells Fargo Phish 2018-01-17 (current_events.rules)
2829325 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-01-17 M1 (current_events.rules)
2829326 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-01-17 M2 (current_events.rules)
2829327 - ETPRO CURRENT_EVENTS Successful Banque Postale (FR) Phish 2018-01-17 (current_events.rules)
2829328 - ETPRO TROJAN Trojan.Win32.Blouiroet CnC - Reporting Miner Status (trojan.rules)
2829329 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-17 1) (trojan.rules)
2829330 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-17 2) (trojan.rules)
2829331 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-17 3) (trojan.rules)
2829332 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-17 4) (trojan.rules)
2829333 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2018-01-17 (current_events.rules)

[///]     Modified active rules:     [///]

2820512 - ETPRO TROJAN MSIL/Zyklon/Censer Plugin DL (trojan.rules)
2822954 - ETPRO CURRENT_EVENTS Successful Generic Phish M2 Oct 27 2016 (current_events.rules)
2824923 - ETPRO CURRENT_EVENTS Apple Phishing Landing M1 Feb 13 2017 (current_events.rules)

[---]         Removed rules:         [---]

2827962 - ETPRO TROJAN Malicious Domain in SNI (Backconnet RAT PWStealer Module DL) (trojan.rules)

Date: 
Wednesday, January 17, 2018 - 00:00