Rewterz Threat Alert – Redaman/RTM Banking Trojan Campaigns
March 5, 2019Rewterz Threat Alert – Threat Actors Targeting Banks Using Tools to Bypass Cyber Security Controls
March 6, 2019Rewterz Threat Alert – Redaman/RTM Banking Trojan Campaigns
March 5, 2019Rewterz Threat Alert – Threat Actors Targeting Banks Using Tools to Bypass Cyber Security Controls
March 6, 2019Severity
Medium
Analysis Summary
‘Beyond The Grave (BYTG) virus has surfaced in a phishing campaign that executes a malicious code initiated by a malicious URL. The campaign aims to alter data confidentiality in the targeted hedge funds and a post by the phisher says that BYTG will continue to attack banking and financial institutions.
Impact
Data breach
Indicators of Compromise
IP(s) / Hostname(s)
46.226.108[.]201
URLs
- aksia[.]co
- hxxp[:]//aksia[.]co/research/report/interim?id=4547b495-1863-4e5c-8613-ab38dd121144
Email Address
kmorgan[@]aksia[.]co
bill.trust.88992[@]mail[.]com
Remediation
Block the threat indicators at their respective controls.