A new strain of a JavaScript dropper was observed recently delivering Bumblebee and IcedID malware, a development security pros should take note of because both Bumblebee and IcedID are known to execute ransomware. In a blog post June 22, Deep Instinct’s Threat Research Lab said the dropper contains comments in Russian and uses the unique user-agent string “PindOS,” which potentially ties it to current and past anti-American sentiment in Russia.
Source: SC Magazine