[***]            Summary:            [***]

5 new Open, 41 new Pro (5 + 36).  DNSChanger, Presenoker, Various Android, Coinminers, Various Phish.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2028637 - ET TROJAN DNSChanger CnC Domain in DNS Lookup (trojan.rules)
2028638 - ET TROJAN DNSChanger CnC Domain in DNS Lookup (trojan.rules)
2028639 - ET TROJAN DNSChanger CnC Domain in DNS Lookup (trojan.rules)
2028640 - ET TROJAN DNSChanger CnC Domain in DNS Lookup (trojan.rules)
2028641 - ET TROJAN DNSChanger CnC Domain in DNS Lookup (trojan.rules)

Pro:

2838540 - ETPRO TROJAN Win32/Presenoker UA Observed (trojan.rules)
2838651 - ETPRO TROJAN Win32/Presenoker UA Observed (trojan.rules)
2838652 - ETPRO TROJAN Win32/Presenoker UA Observed (trojan.rules)
2838667 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.FakeDep.a Checkin (mobile_malware.rules)
2838668 - ETPRO MOBILE_MALWARE Android/Clicker.KN CnC Beacon 4 (mobile_malware.rules)
2838669 - ETPRO MOBILE_MALWARE Android/Clicker.KN CnC Beacon 5 (mobile_malware.rules)
2838670 - ETPRO MOBILE_MALWARE Android/Clicker.KN CnC Beacon 6 (mobile_malware.rules)
2838671 - ETPRO MOBILE_MALWARE AndroidOS/Skymobi.B CnC Beacon (mobile_malware.rules)
2838672 - ETPRO MOBILE_MALWARE Android/Clicker.KN CnC Beacon 7 (mobile_malware.rules)
2838673 - ETPRO MOBILE_MALWARE Android/FakePlayer.AT CnC Beacon (mobile_malware.rules)
2838674 - ETPRO MOBILE_MALWARE Android/FakePlayer.AT CnC Beacon 2 (mobile_malware.rules)
2838675 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Dowgin.a Checkin 2 (mobile_malware.rules)
2838676 - ETPRO MOBILE_MALWARE Android Monitor KgTracker Reporting Location (mobile_malware.rules)
2838677 - ETPRO MOBILE_MALWARE Android-Trojan/Gobo.4926 Checkin (mobile_malware.rules)
2838678 - ETPRO TROJAN Observed Malicious SSL Cert (Get2 CnC) (trojan.rules)
2838679 - ETPRO CURRENT_EVENTS Successful Airbnb Phish 2019-10-01 (current_events.rules)
2838680 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-10-01 (current_events.rules)
2838681 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 1) (trojan.rules)
2838682 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 2) (trojan.rules)
2838683 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 3) (trojan.rules)
2838684 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 4) (trojan.rules)
2838685 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 5) (trojan.rules)
2838686 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 6) (trojan.rules)
2838687 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 7) (trojan.rules)
2838688 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 8) (trojan.rules)
2838689 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 9) (trojan.rules)
2838690 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 10) (trojan.rules)
2838691 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 11) (trojan.rules)
2838692 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 12) (trojan.rules)
2838693 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 13) (trojan.rules)
2838694 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 14) (trojan.rules)
2838695 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 15) (trojan.rules)
2838696 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 16) (trojan.rules)
2838697 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-09-30 17) (trojan.rules)
2838698 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-10-01 (current_events.rules)
2838699 - ETPRO CURRENT_EVENTS Successful OneDrive Phish 2019-10-01 (current_events.rules)

[///]     Modified active rules:     [///]

2028636 - ET EXPLOIT Possible EXIM DoS (CVE-2019-16928) (exploit.rules)
2836370 - ETPRO TROJAN MSIL/Spy.Agent.BXY Variant CnC Checkin (trojan.rules)

[---]         Removed rules:         [---]

2838121 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Agent.af CnC Beacon (mobile_malware.rules)
2838540 - ETPRO USER_AGENTS Win32/Presenoker UA Observed (user_agents.rules)
2838651 - ETPRO USER_AGENTS Win32/Presenoker UA Observed (user_agents.rules)
2838652 - ETPRO USER_AGENTS Win32/Presenoker UA Observed (user_agents.rules)

Date: 
Monday, September 30, 2019 - 22:00