From a737ce0358141606f85a537f0dec2af950e53459 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy
Date: Fri, 12 Jan 2018 09:56:25 +0100
Subject: [PATCH] Galaxy updated
---
galaxy.html | 3359 +-
galaxy.pdf | 633233 +++++++++++++++++++++++++------------------------
2 files changed, 319572 insertions(+), 317020 deletions(-)
diff --git a/galaxy.html b/galaxy.html
index e680af0..3481b73 100755
--- a/galaxy.html
+++ b/galaxy.html
@@ -10105,6 +10105,26 @@ Banker is a cluster galaxy available in JSON format at
+ A macOS banking trojan that that redirects an infected user’s web traffic in order to extract banking credentials.Dok
+
Links |
+
+ |
PROMETHIUM is an activity group that has been active as early as 2012. The group primarily uses Truvasys, a first-stage malware that has been in circulation for several years. Truvasys has been involved in several attack campaigns, where it has masqueraded as one of server common computer utilities, including WinUtils, TrueCrypt, WinRAR, or SanDisk. In each of the campaigns, Truvasys malware evolved with additional features—this shows a close relationship between the activity groups behind the campaigns and the developers of the malware.