Rewterz Threat Alert “Beyond The Grave” Virus – Threat Indicators

Tuesday, March 5, 2019

Severity

Medium

Analysis Summary


‘Beyond The Grave (BYTG) virus has surfaced in a phishing campaign that executes a malicious code initiated by a malicious URL. The campaign aims to alter data confidentiality in the targeted hedge funds and a post by the phisher says that BYTG will continue to attack banking and financial institutions.

Impact


Data breach


Indicators of Compromise

IP(s) / Hostname(s)

46.226.108[.]201

URLs

  • aksia[.]co
  • hxxp[:]//aksia[.]co/research/report/interim?id=4547b495-1863-4e5c-8613-ab38dd121144

Email Address

kmorgan[@]aksia[.]co

bill.trust.88992[@]mail[.]com

Remediation


Block the threat indicators at their respective controls.

Data Sheets

Corporate Brochure


Our Story


Services


Solutions


Managed Security


Upcoming Rewterz Trainings/Events

Rewterz News

  • 6, March 2019 Rewterz Threat Alert – Threat Indicators – Ursnif/Gozi Malspam
  • 6, March 2019 Rewterz Threat Alert – Threat Actors Targeting Banks Using Tools to Bypass Cyber Security Controls
  • 5, March 2019 Rewterz Threat Alert “Beyond The Grave” Virus – Threat Indicators
  • 5, March 2019 Rewterz Threat Alert – Redaman/RTM Banking Trojan Campaigns

Copyright © Rewterz. All rights reserved.