Threat Advisories July 2020: Spike in Ursnif Trojan Activity Targeting BFSI Companies


Ensign Labs’ proprietary Automated Malware Analysis Platform has detected a spike in malware activities targeting BFSI companies.

Ensign Labs has detected an increase in malware activities targeting Banking, Financial Services and Insurance (BFSI) companies, through our proprietary Automated Malware Analysis Platform. From February 2020, our team of analysts observed a rise in Ursnif attributed detections, which spiked 5 times since March 2020.

The highlights of the advisory include:

  • Spike in Ursnif trojan activity; BFSI sector most targeted, accounting for 63.4% of detection alerts
  • Threat behaviour and techniques of the Ursnif trojan by mapping to the MITRE ATT&CK framework
  • Conclusion and recommendations
Ensign Consulting

Provides insights on how organisations can enhance their security posture across their cybersecurity lifecycles

Ensign Systems Integration

Architects and deploys advanced cybersecurity solutions that bolster defences

Ensign Managed Security Services

Operates intelligence-led advanced detection, threat hunting and response services

Ensign Labs

Performs deep research to develop next-generation solutions for enhanced early warning detection capabilities