Rewterz Threat Alert – Lazarus FastCash Activity

Rewterz Threat Alert – RATs Wrapped and Hidden in PNG

March 5, 2020

Rewterz Threat Advisory – CVE-2020-10189 – Zoho Critical Zero-Day Flaw Disclosed

March 7, 2020

Rewterz Threat Alert – Lazarus FastCash Activity – IOC’s

Severity

High

Analysis Summary

FASTCash schemes remotely compromise payment switch application servers within banks to facilitate fraudulent transactions. Lazarus has been targeting this fastcash schemes previous aly as well for their financial gains and targeting different banking sectors around the world.

Impact

Financial Loss

Indicators of Compromise

MD5

932a845b27d5fb9ec78638a839ba5fb1
7f6263ccd71f05e5d3a7ca694ae513ad
8bd120acee67839d73ff6b1fea81b37a
7a372a2f85e9d2b6a3aebb63d8884080

SHA-256

a17e6634ddbb192ae03a11603c44687dfc99d8968b66057487761a601fa2b159
3df7d613434b4b66295b0b83cc2bd1fce1b13661099a1df59a4b900e87ca0b14
927ec6575482f38b5c832aea665fe4d17c79ad9cac78e563f660ab1c858496c8
209d6c39e187e53339b77571f47baa9e1b9b9630c19f763116680554212732b6

SHA1

716f4d04c0b75c320e18b7baaf9aaa9e17596faf
721ba19465d9758becad3c62676364c8ca18a269
9c16b9332f70a7ee5aecc98f67e59986d9c188fb
d47868a0f152c9b30d1d4afbc7a046132da1bc27

Remediation

Block all threat indicators at your respective controls.
Always be suspicious about emails sent by unknown senders.
Never click on the links/attachments sent by unknown senders.

Rewterz Threat Alert – RATs Wrapped and Hidden in PNG

Rewterz Threat Advisory – CVE-2020-10189 – Zoho Critical Zero-Day Flaw Disclosed

Rewterz Threat Alert – Lazarus FastCash Activity – IOC’s

Severity

Analysis Summary

Impact

Indicators of Compromise

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan