[***] Summary: [***]

1 new OPEN, 30 new PRO (1 + 29). TerraMaster TOS RCE, CVE-2021-2109,
Android Girinex, MSIL/Spy.Agent.DCT Variant, TokenStealer Script Download,
RATs, CoinMiners, Various PHISH.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2031535 - ET EXPLOIT Possible TerraMaster TOS RCE Inbound
(CVE-2020-28188) (exploit.rules)

Pro:

2846656 - ETPRO MOBILE_MALWARE Android/Obfus.RJ (TLS SNI) 76
(mobile_malware.rules)
2846657 - ETPRO MOBILE_MALWARE Android/Obfus.RJ (TLS SNI) 77
(mobile_malware.rules)
2846658 - ETPRO MOBILE_MALWARE Android Girinex Checkin
(mobile_malware.rules)
2846659 - ETPRO MOBILE_MALWARE Android Girinex CnC Beacon
(mobile_malware.rules)
2846660 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT)
(trojan.rules)
2846661 - ETPRO POLICY External IP Address Lookup (eryaz .net)
(policy.rules)
2846662 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-01-21 1) (trojan.rules)
2846663 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-01-21 2) (trojan.rules)
2846664 - ETPRO CURRENT_EVENTS Successful Generic Billing Phish
2021-01-21 (current_events.rules)
2846665 - ETPRO CURRENT_EVENTS Successful Generic Financial Phish
2021-01-21 (current_events.rules)
2846666 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2021-01-21 (current_events.rules)
2846667 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2021-01-21 (current_events.rules)
2846668 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2021-01-21 (current_events.rules)
2846669 - ETPRO CURRENT_EVENTS Successful Apple Phish 2021-01-21
(current_events.rules)
2846670 - ETPRO CURRENT_EVENTS Successful Cash App Phish 2021-01-21
(current_events.rules)
2846671 - ETPRO CURRENT_EVENTS Successful New York Department of Labor
Phish 2021-01-21 (current_events.rules)
2846672 - ETPRO CURRENT_EVENTS Successful Chase Phish 2021-01-21
(current_events.rules)
2846673 - ETPRO CURRENT_EVENTS Successful Chase Phish 2021-01-21
(current_events.rules)
2846674 - ETPRO CURRENT_EVENTS Successful Chase Phish 2021-01-21
(current_events.rules)
2846675 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2021-01-21 (current_events.rules)
2846676 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2021-01-21 (current_events.rules)
2846677 - ETPRO TROJAN MSIL/Spy.Agent.DCT Variant CnC Activity
(trojan.rules)
2846678 - ETPRO TROJAN MSIL/Spy.Agent.DCT Variant CnC Exfil (trojan.rules)
2846679 - ETPRO TROJAN Win32/Kryptik.HIWC Variant Stealer Activity
(trojan.rules)
2846680 - ETPRO TROJAN Win32/Kryptik.HIWC Variant Downloader Activity
(trojan.rules)
2846681 - ETPRO TROJAN Win32/Remcos RAT Checkin 656 (trojan.rules)
2846682 - ETPRO TROJAN Win32/Remcos RAT Checkin 657 (trojan.rules)
2846683 - ETPRO TROJAN Win32/Remcos RAT Checkin 658 (trojan.rules)
2846684 - ETPRO TROJAN TokenStealer Script Download via Discord
(trojan.rules)

[///] Modified active rules: [///]

2846324 - ETPRO CURRENT_EVENTS Successful RBFCU Phish 2020-12-31
(current_events.rules)

Date:
Summary title:
1 new OPEN, 30 new PRO (1 + 29). TerraMaster TOS RCE, CVE-2021-2109, Android Girinex, MSIL/Spy.Agent.DCT Variant, TokenStealer Script Download, RATs, CoinMiners, Various PHISH.