Analysis & Insights


Threat Advisories July 2020: Spike in Ursnif Trojan Activity Targeting BFSI Companies

Ensign Labs’ proprietary Automated Malware Analysis Platform has detected a spike in malware activities targeting BFSI companies.

Ensign Labs has detected an increase in malware activities targeting Banking, Financial Services and Insurance (BFSI) companies, through our proprietary Automated Malware Analysis Platform. From February 2020, our team of analysts observed a rise in Ursnif attributed detections, which spiked 5 times since March 2020.

The highlights of the advisory include:

  • Spike in Ursnif trojan activity; BFSI sector most targeted, accounting for 63.4% of detection alerts
  • Threat behaviour and techniques of the Ursnif trojan by mapping to the MITRE ATT&CK framework
  • Conclusion and recommendations