Rewterz Threat Alert – Formbook delivered by Covid-19 lure

Rewterz Threat Alert – DDG Mining Trojan and Botnet Attacking Linux Systems

April 2, 2020

Rewterz Threat Advisory – Multiple Vulnerabilities in Firefox Exploited in the Wild

April 6, 2020

Rewterz Threat Alert – Formbook delivered by Covid-19 lure

Severity

Medium

Analysis Summary

Formbook malware continues to target victim with their latest campaign on Covid-19 cure as they impersonate to be WHO and targeting users in different regions to rob them off with their credentials and sensitive information for their gain. This comes at a very crucial time when the world is battling with the novel Coronavirus and struggling to find a cure for the disease with different researchers in the world are in the race to find out the cure for this global pandemic.

Impact

Credential theft
Exposure of sensitive data

Indicators of Compromise

Email Subject

Latest vaccine release for Corona-virus(COVID-19)

MD5

03db3c58e9ff87b03894a49263546b9c

SHA-256

83ba9d7bcfba422fd9f4e801d8f61901c56473d287d952a41530f6a49c59c905

SHA1

ec7946929e717862a5dfeee3faed6c59b41711f9

URL

http[:]//www[.]grabascoop[.]com/e8p

Remediation

Block all threat indicators at your respective controls.
Always be suspicious about emails sent by unknown senders.
Never click on the links/attachments sent by unknown senders.

Rewterz Threat Alert – DDG Mining Trojan and Botnet Attacking Linux Systems

Rewterz Threat Advisory – Multiple Vulnerabilities in Firefox Exploited in the Wild

Rewterz Threat Alert – Formbook delivered by Covid-19 lure

Severity

Analysis Summary

Impact

Indicators of Compromise

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan