Daily Ruleset Update Summary 2018/08/28

[***]            Summary:            [***]

2 new Open, 14 new Pro (2 + 12). Spyware.BondPath, OSX/Monroe, KPOT Stealer, Various Phish, Mobile.

Thanks: @AttackDetection

[+++]          Added rules:          [+++]

Open:

2026039 - ET TROJAN [PTsecurity] Spyware.BondPath (PathCall/Dingwe) Check-in (trojan.rules)
2026040 - ET TROJAN CobaltStrike DNS Beacon Response (trojan.rules)

Pro:

2832357 - ETPRO TROJAN OSX/Monroe CoinMiner Downloader DNS Lookup (ondayon .com) (trojan.rules)
2832358 - ETPRO TROJAN KPOT Stealer Check-In (trojan.rules)
2832359 - ETPRO TROJAN KPOT Stealer Exfiltration (trojan.rules)
2832360 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 378 (mobile_malware.rules)
2832361 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh CnC Beacon 12 (mobile_malware.rules)
2832362 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh CnC Beacon 13 (mobile_malware.rules)
2832363 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Piom.wmg Checkin (mobile_malware.rules)
2832364 - ETPRO TROJAN MSIL/Unknown Stealer Checkin (trojan.rules)
2832365 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-08-28 (current_events.rules)
2832366 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-28 1) (trojan.rules)
2832367 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-28 2) (trojan.rules)
2832368 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-28 3) (trojan.rules)

[///]     Modified active rules:     [///]

2831878 - ETPRO TROJAN MSIL/AcridRain Stealer CnC Exfil (trojan.rules)

Date: 
Tuesday, August 28, 2018 - 00:00