March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Trickbot Banking Trojan Delivered via Malspam – IoCs
April 6, 2020
Maze Ransomware Targets State-owned oil Company of Algeria
April 6, 2020Rewterz Threat Alert – Trickbot Banking Trojan Delivered via Malspam – IoCs
April 6, 2020Maze Ransomware Targets State-owned oil Company of Algeria
April 6, 2020
Severity
Medium
Analysis Summary
Threat actors are once again using official images and trademarks of WHO as a lure to entice victims to open an attached message that contains the malware. The emails pretends to be the offer details about misinformation concerning the COVID-19 pandemic. This particular campaign has targeted several parts of Asia and in U.S, Turkey, Portugal, Germany and Austria as well. It is quiet obvious that the threat actors are making the most of the situation on Covid-19 and isn’t letting anyone settle down amid the chaos and keeping a close eye on the activities happening around the world regarding the Covid-19 disease. The world has been paying attention to the details specified by the WHO and implementing the guidelines provided by the WHO for the necessary action in their countries which the threat actors are using as a lure victims to open malicious attachments.
Impact
- Information theft
- Exposure of sensitive information
Indicators of Compromise
File name
HEALTH ORGANIZATION CDC_DOC.zip.arj
Remediation
- Block all threat indicators at your respective controls.
- Always be suspicious about emails sent by unknown senders.
- Never click on the links/attachments sent by unknown senders.