Finance

Banking Trojans, RAT Distributions Increase in 3Q 2019

5 - 12 November 2019

A recent report highlighted that more banking trojans and remote access tools were detected in the third quarter of 2019.
Cyber_News_Finance

A recent report highlighted that more banking trojans and remote access tools (RATs) were detected in the third quarter of 2019. The most observed banking trojans were Ursnif, Trickbot, IcedID and Dridex, which were distributed in multiple campaigns operated by various threat groups such as TA556, TA544 and TA516. For RATs, TA505 was responsible for large FlawedAmmy and FlawedGrace campaigns, which accounted for 75% of all RAT detections. Meanwhile, there was a resurgence of botnet activities as the Emotet botnet re-emerged in September. The threat group, TA542, is known to spread financial-themed emails containing malicious attachments that install Emotet in targeted systems. In the latest Emotet campaign, TA542 has expanded the target countries beyond US and Europe to include Asian countries such as Singapore, Hong Kong and Japan.

References:

Proofpoint Q3 2019 Threat Report — Emotet’s Return, RATs Reign Supreme, and More

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence