• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Malware Leveraging XML-RPC Vulnerability to Exploit WordPress Sites
September 17, 2020
Rewterz Threat Advisory – Linux Kernel vgacon_scrolldelta information disclosure
September 18, 2020

Rewterz Threat Alert – Recent Wave of Sophisticated Malware Infecting Public Facing Websites

September 17, 2020

Severity

High

Analysis Summary

Recently, different threat intelligence forums have been reporting a number of public facing Pakistani websites being infected with sophisticated malware. These sophisticated malware mostly include banking trojans and information stealers and are found targeting the public sector. Most of these reported public websites are infected with the Emotet banking trojan. Secondly, Qakbot banking trojan was found on a considerable number of these websites.

While some public websites were infected with the AZORult information stealer, some of the reported public URLs are also infected with the Dridex banking trojan. It is recommended to immediately block all recent Indicators of Compromise associated with these malware. Moreover, as the trend of infections of public facing websites goes up, much caution is recommended while surfing the internet. 

update-1600341068.png

Impact

  • Information Theft
  • Theft of Financial Information
  • Data Exfiltration
  • Files Encryption
  • Financial Loss
  • Confidentiality Breach
  • Network-wide Infection

Indicators of Compromise

Find links to all relevant IoCs attached below in the remediation section.

Remediation

  • Strictly avoid visiting untrusted websites and URLs and do not click on Ads or links if not necessary.
  • Block all IoCs related to the above mentioned malware. IoCs can be found at links given below.

Emotet IoCs

Rewterz Threat Alert – Emotet Malware Massive Email Campaign
Rewterz Threat Alert – Emotet – IoCs
Rewterz Threat Alert – Emotet Malware Steals Email Attachments to Attack Contacts
Rewterz Threat Alert – Emotet IOCs
Rewterz Threat Alert – Latest Emotet IOCs
Rewterz Threat Alert – Emotet Malware – IOCs
Rewterz Threat Alert – Emotet Malware – IOCs
Rewterz Threat Alert – Emotet Malware – IOCs
Rewterz Threat Alert – Emotet Malware September Campaign – IOCs

AZORult IoCs

Rewterz Threat Alert – AZORult Malware – IOCs
Rewterz Threat Alert – Latest AZORult Malware – IOC’s

Qakbot IoCs

Rewterz Threat Alert – Emotet Epoch 3 botnet Deploys Trickbot and Qakbot
Rewterz Threat Alert – Qakbot (Qbot) Maldoc Campaign – IoCs
Rewterz Threat Alert – Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex
Rewterz Threat Alert – Qakbot Spreads through VBS Files

Dridex IoCs

Rewterz Threat Alert – Dridex Activity on the Rise
Rewterz Threat Alert – Microsoft Excel used to Spread New Dridex Trojan Variant
  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.