[***] Summary: [***]
2 new Open, 14 new Pro (2 + 12). Spyware.BondPath, OSX/Monroe, KPOT Stealer, Various Phish, Mobile.
Thanks: @AttackDetection
[+++] Added rules: [+++]
Open:
2026039 - ET TROJAN [PTsecurity] Spyware.BondPath (PathCall/Dingwe) Check-in (trojan.rules)
2026040 - ET TROJAN CobaltStrike DNS Beacon Response (trojan.rules)
Pro:
2832357 - ETPRO TROJAN OSX/Monroe CoinMiner Downloader DNS Lookup (ondayon .com) (trojan.rules)
2832358 - ETPRO TROJAN KPOT Stealer Check-In (trojan.rules)
2832359 - ETPRO TROJAN KPOT Stealer Exfiltration (trojan.rules)
2832360 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 378 (mobile_malware.rules)
2832361 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh CnC Beacon 12 (mobile_malware.rules)
2832362 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh CnC Beacon 13 (mobile_malware.rules)
2832363 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Piom.wmg Checkin (mobile_malware.rules)
2832364 - ETPRO TROJAN MSIL/Unknown Stealer Checkin (trojan.rules)
2832365 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-08-28 (current_events.rules)
2832366 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-28 1) (trojan.rules)
2832367 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-28 2) (trojan.rules)
2832368 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-28 3) (trojan.rules)
[///] Modified active rules: [///]
2831878 - ETPRO TROJAN MSIL/AcridRain Stealer CnC Exfil (trojan.rules)