OSINT collection playbooks updated with new threats: ClearFake, DarkGate, HijackLoader, PovertyStealer, RisePro 🦠
Each month Sekoia.io updates the configuration of its collection playbooks to automatically gather Indicators of Compromise (IoCs) of new threats. Our collection playbooks are aggregating, enriching and contextualising IoCs from community threat intelligence feeds (URLhaus, ThreatFox, and others) and analysis of Hatching Triage sandbox. This time, it includes the following threats:
* Infostealers: Agniane, Bandit Stealer, Blank Grabber, Creal Stealer, Mystic, PovertyStealer, RisePro, WhiteSnake Stealer;
* Loaders: Astasia, DarkGate, DiceLoader (aka Lizar);
* Threats directly linked to threat groups: TeamSpy, 8220 Gang, TA544;
* Bots: ExoBot, SupremeBot, Socks5Systemz.
Sekoia.io proactively monitors new widespread malware and we invite you to read our FLINT about ClearFake, a new "fake updates" threat!