Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Medium
Two campaigns spotted leverage COVID-19 related lures to target employees. The first email spotted claims that an Excel attachment contains guidelines for preventing a Coronavirus outbreak. It leverages TTPs similar to an ongoing malspam campaign that uses these Excel documents to infect systems with Zloader. Zloader then downloads the Zeus banking Trojan onto the victim system as the final payload. The second email analyzed in the blog post uses a shipping-theme, claiming shipment delays because of Coronavirus. A link is provided to see more details; however, visiting this link leads to the download of an IMG file. This IMG file, in turn, infects the victim host with the Nanocore RAT, providing remote access to the attacker.
MD5
579090062d15633c58d1e9a37444ee8f
SHA-256
7b2adf1c8ff725d7dd61b0fdc3ef9e6e3a8bd1b744fd209290a1bf65f9b9acb4
SHA1
27af4e30ca4fd382ae20214c8d777d89b82cb356
URL
http[:]//gbud[.]webd[.]pl/images/COVID-19-04-01-2020[.]IMG