March 7, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Amadey Botnet – Active IOCs
October 11, 2021Rewterz Threat Alert – Cerberus Banking Trojan – Active IOCs
October 11, 2021Rewterz Threat Alert – Amadey Botnet – Active IOCs
October 11, 2021Rewterz Threat Alert – Cerberus Banking Trojan – Active IOCs
October 11, 2021
Severity
High
Analysis Summary
A new info-stealing malware called Anubis was first observed in the cybercriminal underground. The malware uses forked code from Loki to steal vast amounts of data including system info, credentials, credit card details, and cryptocurrency wallets such as Bitcoin and Electrum. This malware should not be confused with the Android banking malware also named Anubis. At present, the new Anubis is being deployed in limited campaigns and contains only a handful of download URLs and C2 servers. This malware uses a text file to exfiltrate data from the victim.
Impact
- Information Theft
- Credential Theft
- Theft of Financial Information
Indicators of Compromise
SHA-256
0c638b5d8132f1204777bd6f10f607b1d080aa80680bbe99685e9b914e816b87
c2e1cafbe3e64911041176003ed76a73546663dc38f026d82c61654a5caeda67
f492b300704bcf6aa7445e0a907ac3b40869c1791322ca0822e224538646fd5f
49f851f1ba64d6a80cca4d3cef8742a889a21604fd151e018d5c3a50b0de55b7
Remediation
- Block the threat indicators at their respective controls.
- Search for IOCs in your environment.