Rewterz Threat Alert – Alert on Gozi Banking Trojan
November 30, 2020Rewterz Threat Advisory – Apache NiFi code execution
December 1, 2020Rewterz Threat Alert – Alert on Gozi Banking Trojan
November 30, 2020Rewterz Threat Advisory – Apache NiFi code execution
December 1, 2020Severity
High
Analysis Summary
APT-C-23 (also known as Two-Tailed Scorpion and Desert Scorpion). APT-C-23 is known to utilize both Windows and Android components, and has previously targeted victims in the Middle East with apps in order to compromise Android smartphones. The group is highly active in middle east and targeting different organizations. The intention of the group remains unknown at this point, but by previous activities the group has been seen exfiltrating data from different spywares. This campaign is targeting users with a personalized form in which they’re asking for personal details.
Impact
- Information theft
- Data breach
Indicators of Compromise
MD5
- 6964e9ed0a8965b74ef89173b5205b9c
SHA-256
- 9d52c85804d3059ca07cc15e98f41befe699650ee86c67de8cf21bd6b08e3b3b
SHA1
- 039058bb18de398078b0858f2b5ed1af7a6b699b
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.