Rewterz Threat Alert –Raccoon Infostealer – Active IOCs
August 5, 2021Rewterz Threat Advisory –CVE-2021-26095 – Fortimail Improper Cryptographic Operations in Cookie Encryption
August 5, 2021Rewterz Threat Alert –Raccoon Infostealer – Active IOCs
August 5, 2021Rewterz Threat Advisory –CVE-2021-26095 – Fortimail Improper Cryptographic Operations in Cookie Encryption
August 5, 2021Severity
High
Analysis Summary
The SideWinder Advanced Persistent Threat (APT) group has used recent territory disputes between China, India, Nepal, and Pakistan as lures. The goal is to gather sensitive information from its targets, mainly located in Nepal and Afghanistan. The targets here include multiple government and military units for countries in the region researchers said, including the Nepali Ministries of Defense and Foreign Affairs, the Nepali Army, the Afghanistan National Security Council, the Sri Lankan Ministry of Defense, the Presidential Palace in Afghanistan, and more.
Impact
- Information theft and espionage
Indicators of Compromise
Filename
- Invitation Pass[.]pdf[.]lnk
MD5
- 4df2aeff34ad8987c7f991d5ada7fd68
SHA-256
- 460c098565a7f5866bb96281ebada37d8e3a7f9e4112de663a05bba470e27929
SHA-1
- ea8b7faf4f85fbf51639af214a0798703357430e
Remediation
- Block the threat indicators at their respective controls.
- Search for IOCs in your environment.