March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – DDG Mining Trojan and Botnet Attacking Linux Systems
April 2, 2020Rewterz Threat Advisory – Multiple Vulnerabilities in Firefox Exploited in the Wild
April 6, 2020Rewterz Threat Alert – DDG Mining Trojan and Botnet Attacking Linux Systems
April 2, 2020Rewterz Threat Advisory – Multiple Vulnerabilities in Firefox Exploited in the Wild
April 6, 2020
Severity
Medium
Analysis Summary
Formbook malware continues to target victim with their latest campaign on Covid-19 cure as they impersonate to be WHO and targeting users in different regions to rob them off with their credentials and sensitive information for their gain. This comes at a very crucial time when the world is battling with the novel Coronavirus and struggling to find a cure for the disease with different researchers in the world are in the race to find out the cure for this global pandemic.
Impact
- Credential theft
- Exposure of sensitive data
Indicators of Compromise
Email Subject
Latest vaccine release for Corona-virus(COVID-19)
MD5
03db3c58e9ff87b03894a49263546b9c
SHA-256
83ba9d7bcfba422fd9f4e801d8f61901c56473d287d952a41530f6a49c59c905
SHA1
ec7946929e717862a5dfeee3faed6c59b41711f9
URL
http[:]//www[.]grabascoop[.]com/e8p
Remediation
- Block all threat indicators at your respective controls.
- Always be suspicious about emails sent by unknown senders.
- Never click on the links/attachments sent by unknown senders.