November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – Campaign Deploying Malware via MalSpam Targeting Web Application Servers
February 25, 2019Rewterz Threat Alert – B0r0nt0K Ransomware Infects Linux Servers via Unknown Attack Vector
February 25, 2019Rewterz Threat Alert – Campaign Deploying Malware via MalSpam Targeting Web Application Servers
February 25, 2019Rewterz Threat Alert – B0r0nt0K Ransomware Infects Linux Servers via Unknown Attack Vector
February 25, 2019
Severity
Medium
Analysis Summary
A new campaign of coinbased smishing (via SMS) has been observed which is running actively and has been directed towards senior-level employees. The receiver would be receiving the email like this .
FRM: 9297437532945863372473958264657826267824 SUBJ:__please verify MSG:__Amount received 20 BTC hxxp://zsx-ny[.]com __coinbase_pro”
The message was formatted like so (the FRM number has been altered). The sender’s number was “1 (410) 100-007”
Impact
Loss of sensitive information in your device
Indicators of Compromise
IP(s) / Hostname(s)
213.190.6[.]24
URLs
hxxp://zsx-ny[.]com
Email Subject
Please Verify
Remediation
Do not click on the given links which are being sent from unknown senders. Do not submit your device code to verify your device.