[***] Summary: [***]

1 new OPEN, 16 new PRO (1 + 15). ELF/DarkNexus, Android/Agent.BQX,
AsyncRAT, Phish.

thanks: @rootprivilege

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2032895 - ET TROJAN ELF/DarkNexus User-Agent (trojan.rules)

Pro:

2848367 - ETPRO MOBILE_MALWARE Android/Agent.BQX (TLS SNI) 27
(mobile_malware.rules)
2848368 - ETPRO MOBILE_MALWARE Android/Agent.BQX (TLS SNI) 28
(mobile_malware.rules)
2848369 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)
2848370 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)
2848371 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)
2848372 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)
2848373 - ETPRO TROJAN MSIL/HELLRAZOR Stealer CnC Exfil (trojan.rules)
2848374 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)
2848375 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-05-01 1) (trojan.rules)
2848376 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-05-01 2) (trojan.rules)
2848377 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-05-01 3) (trojan.rules)
2848378 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-05-01 4) (trojan.rules)
2848379 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-05-01 5) (trojan.rules)
2848380 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)
2848381 - ETPRO CURRENT_EVENTS Successful Banco de Chile Phish
2021-05-03 (current_events.rules)

[///] Modified active rules: [///]

2018302 - ET INFO Possible Phish - Mirrored Website Comment Observed
(info.rules)
2031535 - ET EXPLOIT Possible TerraMaster TOS RCE Inbound
(CVE-2020-28188 CVE-2020-35665) (exploit.rules)
2848365 - ETPRO TROJAN RustyBuer Checkin (trojan.rules)

Date:
Summary title:
1 new OPEN, 16 new PRO (1 + 15). ELF/DarkNexus, Android/Agent.BQX, AsyncRAT, Phish.