Rewterz Threat Alert – Lokibot Malware – Active IOCs
July 6, 2021Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
July 6, 2021Rewterz Threat Alert – Lokibot Malware – Active IOCs
July 6, 2021Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
July 6, 2021Severity
High
Analysis Summary
FIN7 aka Carbanak group is a Russian criminal advanced persistent threat group that has primarily targeted the U.S. retail, restaurant, and hospitality sectors since mid-2015. A portion of FIN7 is run out of the front company Combi Security. It has been called one of the most successful criminal hacking groups in the world. FIN7 continue to focus high values companies on their operations, as example, some maldocs are being spread in different sectors to target them for their gains.
Impact
- Information theft and espionage
- Exposure of sensitive data
Indicators of Compromise
MD5
- ef11b8213ef4e0b5b250672172509c9c
SHA-256
- 10c6e9aa35802a5d10e893fa7b4421565f6a36a7278b47c5edf682a2d31c949d
SHA-1
- 719ef853297090207e83566ecb512caf7236333b
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.