February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – LockBit Ransomware Targeting Network – Active IOCs
September 13, 2021Rewterz Threat Alert – Vidar Malware – Active IOCs
September 13, 2021Rewterz Threat Alert – LockBit Ransomware Targeting Network – Active IOCs
September 13, 2021Rewterz Threat Alert – Vidar Malware – Active IOCs
September 13, 2021
Severity
High
Analysis Summary
Donot APT group has been actively dropping malicious samples and targeting android users to exfiltrate data. The group has previously been active in the past and has now again shifted its focus to phishing campaigns. The group has a history of attacking Pakistani government officials and military personnel and has been linked to India. They previously targeted Pakistani users with android malware named (StealJob) was used to target Pakistani android mobile users by Phishing on the name of “Kashmiri Voice” The attackers hunt for confidential information and intellectual property. The hackers’ targets include countries in South Asia, in particular, the state sector of Pakistan.
Impact
- Information Theft and Espionage
- Exposure of sensitive data
Indicators of Compromise
MD5
- 46899620da3c24566258eda6202251b5
SHA-256
- 44cf129932589b66edc106594945ff798a7d7c6ed35e22b9fa5aad2a3fd8b335
SHA-1
- 19e8af17ec22c4c9955c427e8e06ea3df1c10645
Remediation
- Search for IOCs in your environment.
- Block all the threats indicators at your respective controls.