Rewterz

Rewterz Threat Alert – LokiBot Malware – Active IOCs

May 25, 2021
Rewterz

Rewterz Threat Advisory -Apple iOS and iPadOS Denial of Service

May 25, 2021

Rewterz Threat Alert – SideWinder APT group – IOCs

Severity

High

Analysis Summary

Sidewinder APT Group, which has been working in the interest of the Indian Government, has been observed targeting Pakistani Government Officials through its latest campaigns with a decoy document related to Building Port Resilience Against Pandemics. This APT group has been actively targeting South Asian countries throughout 2020 and fresh IoCs are still being detected in 2021. In earlier months, it was found targeting Pakistan Air Force with malicious samples of PAF Calendar 2021. Other recent campaigns include targeting Pakistanis and the Chinese military & government entities’ windows machines, as well as mobile phones often using weaponized word documents & custom, build mobile apps for information theft & espionage.

Impact

  • Information theft and espionage

Indicator of Compromise

Filename

  • Building Port Resilience Against Pandemics


MD5

  • 344b7370c6e61812eeb1cf1d737f27f3


SHA-256

  • caaf44f16dcbee93071887ab6844ed79975ccd20f9008deb93c13bfdb436e0b0


SHA1

  • 64499252233f47ba779fa66e852be97a359ede2c

Remediation

  • Block all threat indicators at your respective controls.
  • Search for IOCs in your environment.

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.