• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – PHP-Fusion SQL Injection Vulnerability
June 17, 2020
Rewterz Threat Advisory – CVE-2020-13238 – ICS: Mitsubishi Electric MELSEC iQ-R series
June 17, 2020

Rewterz Threat Alert – Global Malicious Spam Campaign Using Black Lives Matter as a Lure

June 17, 2020

Severity

Medium

Analysis Summary

A global malicious spam campaign that is targeting users who may be sympathetic to the Black Lives Matter movement that began in the United States and is emerging slowly globally. The ongoing COVID-19 pandemic and the numerous protests in the United States and elsewhere, attackers are leveraging the global news cycle to lure unsuspecting victims to download and open malicious attachments. The campaign uses a variety of subject lines for emails with an attached malicious Microsoft Word document to compel the user into opening the attachment. 

Figure 1. Variants of Black Lives Matter Spam and Subject lines

It is believed that the primary target of the campaign was USA but now it has started to shift it’s tile towards other countries as well since the Black lives matter campaign has impacted globally and people are protesting for it different countries. This campaign has been seen active in Canada, Cyprus, Thailand etc.

Impact

  • Exposure of sensitive data
  • Information theft

Indicators of Compromise

MD5

  • 87fcb42e736e76fd147bf282f2fc621b

SHA-256

  • af1fd845b7488ce9582409fd9a7a8a8e9fca0c4d366966cd3b8dfdffada99f98
  • 50b3d47d816b27f2e57c6bfc9cec866e0a1dfa64226679b3d434443016d1de0a
  • c9d7bdceddc35b22087fbe25b31226941a85d45ff942cc057de4077131ba2fad
  • 153179d234d351c03908fdf7a8d5ae208d7f3cd033931c633f2f376b1c6c1cbb
  • c269cbffec913fe22458ebaf05a0b70fdd339f39123c9809c4997bb40107a73f
  • 17fff7062c525cc1f0293fc9693982d793f44e483bab57fd2330ca5769cf4bf1
  • 35e1f022861474407246f0c66218a83019381e8745e4c6b294cf150f401c16dc
  • 84e3cfce2b0f54c908eb2e7e0b2732c86d9cddc4a2b1bc59d13d8ffd51f54a53
  • 3c1639044254cf6359062245277f56404d344a21be60f61d0ebd94476140f45f
  • bc0eef72d7b1bf11866e36a9782c353af9fa554278b8a356a7aac825ae752d5d
  • e449fc1ef3c8aa7bb6c3b6c323a9e465f26c05381912f128fde901234c8e5596
  • 024a8f2a3970df1c34f96770122707a6a60c489318355878517c5a0baafc2453
  • 7295626ebb7105fae83c12c0fac28df28f86b534e91f6fb37ea27e75becc8868
  • 67588ae687109031d7d6b428aaa14708110dab5c9f117e3d30d5b0d234cf5dae

SHA1

  • 378be007538fad9640d1724bbce13ccac49d17f

Remediation

  • Block all threat indicators at your respective controls.
  • Always be suspicious about emails sent by unknown senders.
  • Never click on the links/attachments sent by unknown senders.
  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.