COVID-19 Remote Collaboration Challenges, Threats and Frauds in the Cyberspace

May 10, 2020

Rewterz Threat Alert – Fake Microsoft COVID-19 Relief Fund For Personal Information

May 11, 2020

Rewterz Threat Alert – New COVID-19 Themed Phishing Campaigns

May 11, 2020

Severity

Medium

Analysis Summary

Threat actors continues to target users with their malicious activities in lieu to rob them off with their credentials and with sensitive information. Nigerian threat actors have been targeting users across the continent under the name of SilverTerrier . The threat actors have launched a series of ten COVID-19 themed attack campaigns within the past four months delivering over 170 phishing emails. These campaigns have been relatively targeting government healthcare agencies, local and regional governments, large universities with medical programs/centers, regional utilities, medical publishing firms, and insurance companies across the United States, Australia, Canada, Italy, and the United Kingdom.

Impact

Credential theft
Exposure of sensitive data

Indicators of Compromise

SHA-256

3335ebffd8b4ab739db99f68cd6d79caa39c1210c274bbe4166194cc26de4123
e365100468e9472518d1875796932a8085ab29f6bbfe3357928fa9cc6187628b
27d601ef1a2b340b6b644493a627064f60ad8a95271248e00f7bb54a59abb069
563b1c6252612d06b714bf29b9f53f7aade4c7ac6658b2d0c774a7e244ea83da
0ae2aaeb2938cf4c777be4aa192e4994020609f5640add8e7296de9ff34eb227
4b8b49bdfa435d0faba2e3964b04e20bbfc86aa4ffc3c3b8e1449894892f125b
589a1900b210826e97ec8da3c5c40f707963146e934393eb15e1b07a1398912c
7f661c6f5ebba3eca82e1dbf1a96e27f2503da405093464538d90dc113a7b439
f7183d3a992ead2bf194ac46b1f6f70ad9e30bfd5b6065ffbd96a3529c311725
83457e2b8f9209ec1c987b1a0bee65140cc41d1d59ed38f1d1ad160ea0d1d13c
b58e386928543a807cb5ad69daca31bf5140d8311768a518a824139edde0176f
c5c43b340957830f5d7484ce06f9de0ef593d88f3d48c09cd2150e670661f672
f7b9219f81772e928ab0fbd0becbcf10ca3792ce211bb4a7fa68b41050bdb220
241f09feda09dc33b86e23d317bc2425f4d43b91221815caa5eb055a9a97be74
31d2ef10cad7d68a8627d7cbc8e85f1b118848cefc27f866fcd43b23f8b9cff3
7b2512d06723cc29f80ae8c8d6df141f27bc9d962ae76b5651b84d7be4379bba
aff38fe42c8bdafcd74702d6e9dfeb00fb50dba4193519cc6a152ae714b3b20c
8f56fb41ee706673c706985b70ad46f7563d9aee4ca50795d069ebf9dc55e365
da26ba1e13ce4702bd5154789ce1a699ba206c12021d9823380febd795f5b002
1ee6646e0ea9ceb6fa1721f809bd3cdaeb38c6b2bdd7171b340097c237527568
d731fb3fcc6ecd266251408a282ef4409eac94ce25cecadbfcb2df08e7ca7693
d80a440755dc15803db459b15b991d1abe81054f0942d054d965a578b92917b7
8037a8e12e8cacdaca24b993ffdbd8cdc63ec29dd78eee136083fa09049dbf0c

Remediation

Block all threat indicators at your respective controls.
Always be suspicious about emails sent by unknown senders.
Never click on the links/attachments sent by unknown senders.

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, the Middle East, and Africa – Active IOCs

Strela Stealer Malware Targets Microsoft Outlook Users for Credential Theft – Active IOCs

EncryptHub: A Multi-Stage Malware Breach Impacting 600 Organizations – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us