Rewterz Threat Advisory –Multiple IBM Security Vulnerabilities
July 19, 2021Rewterz Threat Advisory – FortiManager & FortiAnalyzer – Use after free vulnerability
July 21, 2021Rewterz Threat Advisory –Multiple IBM Security Vulnerabilities
July 19, 2021Rewterz Threat Advisory – FortiManager & FortiAnalyzer – Use after free vulnerability
July 21, 2021Severity
Medium
Analysis Summary
AZORult is a payment card and credential information stealer. It was sold on Russian underground forums as a means to collect sensitive information from infected systems. The malware is also able to steal cookies, browsing history, cryptocurrency, and ID/passwords. Exploits such as phishing emails and Fallout Exploit Kit (EK) paired with social engineering techniques are major infection vectors of the AZORult malware. The malware can also be used as a loader to download other malware.
Impact
- Information Theft
- Credential Theft
- Exposure of Sensitive Data
Indicators of Compromise
URL
- http://34.89.184.90//l/f/oPOunoBagrSXdgRlxjK/80d4b25050485ed88b48597d51fbe0268ae113b3
- http://34.89.184.90//l/f/oPOunoBagrSXdgRlxjK/944be11a68bd9c43eaa7214c9cc4f5bb67125a33
- http://cvae.ac.ug/zxcv.EXE
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.