Banking Trojans, RAT Distributions Increase in 3Q 2019
A recent report highlighted that more banking trojans and remote access tools (RATs) were detected in the third quarter of 2019. The most observed banking trojans were Ursnif, Trickbot, IcedID and Dridex, which were distributed in multiple campaigns operated by various threat groups such as TA556, TA544 and TA516. For RATs, TA505 was responsible for large FlawedAmmy and FlawedGrace campaigns, which accounted for 75% of all RAT detections. Meanwhile, there was a resurgence of botnet activities as the Emotet botnet re-emerged in September. The threat group, TA542, is known to spread financial-themed emails containing malicious attachments that install Emotet in targeted systems. In the latest Emotet campaign, TA542 has expanded the target countries beyond US and Europe to include Asian countries such as Singapore, Hong Kong and Japan.
More Weekly Cyber Newsanalysis and insights
Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.
Ensign Systems Integration
Architecting and implementing cybersecurity solutions that bolster defences
Ensign Managed Security Services
Managing your security operations for advanced threat detection, continuous monitoring, and triage services