From 3ae0e5f1137968672c1738ba7f6b195afaf948bd Mon Sep 17 00:00:00 2001 From: Deborah Servili Date: Fri, 23 Mar 2018 08:27:14 +0100 Subject: [PATCH] add several tools --- clusters/android.json | 22 +++++++++++++++++++++- clusters/ransomware.json | 8 ++++++++ clusters/tool.json | 3 ++- 3 files changed, 31 insertions(+), 2 deletions(-) diff --git a/clusters/android.json b/clusters/android.json index b11a616..cda8cee 100644 --- a/clusters/android.json +++ b/clusters/android.json @@ -4265,9 +4265,29 @@ ] }, "uuid": "1dcd622c-2d1a-11e8-870e-9f50a5dd5a84" + }, + { + "value": "RedDrop", + "description": "RedDrop can perform a vast array of malicious actions, including recording nearby audio and uploading the data to cloud-storage accounts on Dropbox and Google Drive.", + "meta": { + "refs": [ + "https://www.bleepingcomputer.com/news/security/new-reddrop-android-spyware-records-nearby-audio/" + ] + }, + "uuid": "3178ca72-2ded-11e8-846e-eb40889b4f9f" + }, + { + "value": "Igexin", + "description": "Igexin has the capability of spying on victims through otherwise benign apps by downloading malicious plugins", + "meta": { + "refs": [ + "https://blog.lookout.com/igexin-malicious-sdk" + ] + }, + "uuid": "5400bf04-2e6b-11e8-88c3-f7aa904d55b8" } ], - "version": 5, + "version": 6, "uuid": "84310ba3-fa6a-44aa-b378-b9e3271c58fa", "description": "Android malware galaxy based on multiple open sources.", "authors": [ diff --git a/clusters/ransomware.json b/clusters/ransomware.json index 4b027db..a372450 100644 --- a/clusters/ransomware.json +++ b/clusters/ransomware.json @@ -9354,6 +9354,14 @@ ] }, "uuid": "cbe3ee70-2d11-11e8-84bb-9b3c525a48d9" + }, + { + "value": "Flotera Ransomware", + "meta": { + "refs": [ + "https://www.bleepingcomputer.com/news/security/author-of-polski-vortex-and-flotera-ransomware-families-arrested-in-poland/" + ] + } } ], "source": "Various", diff --git a/clusters/tool.json b/clusters/tool.json index a31a717..b91be30 100644 --- a/clusters/tool.json +++ b/clusters/tool.json @@ -3118,7 +3118,8 @@ "refs": [ "https://blog.malwarebytes.com/threat-analysis/2016/10/trick-bot-dyrezas-successor/", "https://blog.fraudwatchinternational.com/malware/trickbot-malware-works", - "https://securityintelligence.com/trickbot-is-hand-picking-private-banks-for-targets-with-redirection-attacks-in-tow/" + "https://securityintelligence.com/trickbot-is-hand-picking-private-banks-for-targets-with-redirection-attacks-in-tow/", + "https://www.bleepingcomputer.com/news/security/trickbot-banking-trojan-gets-screenlocker-component/" ], "synonyms": [ "TrickBot",