• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Zeus Sphinx Trojan Distributed via Covid-19 Relief Documents
March 30, 2020
Rewterz Threat Alert – Kwampirs Remote Access Trojan – IoCs
March 31, 2020

Rewterz Threat Alert – Hackers Start Capitalizing on Zoom’s Success to Spread Malware Amid Covid-19

March 30, 2020

Severity

Medium

Analysis Summary

With the world in complete lockdown, and more people working from home, using online communication platforms such as Zoom to communicate with their peers, cybercriminals are taking advantage of the spike in usage by registering new fake “Zoom” domains and malicious “Zoom” executable files in an attempt to trick people into downloading malware on their devices. There has been a major spike of 25 percent of registered domains of Zoom in past seven days. 

This indicates that the cyber criminals have noticed the increasing demand of the Zoom along with the opportunity to exploit, lure the users and make the maximum out of this global pandemic. It has been noticed that the links shared to the users can be shoddy and it is advised to take a hard look to make sure it’s not a trap. 

With over 13 million monthly active users, Zoom is one of the most popular cloud-based enterprise communication platforms that offers chat, video and audio conferencing, and options to host webinars and virtual meetings online, and it has emerged the most successful online communication tool all around the world in this global pandemic. 

There has been a long list of corona related malware theme attacks going on and now the threat actors are capitalizing on the situation by registering Zoom domains like “zoom-us-zoom_##########.exe,” which when executed, installed potentially unwanted programs (PUPs) such as InstallCore, a dodgy bundleware application that’s known to install other kinds of malware.

zoom video conferencing coronavirus

Impact

  • Information theft
  • Installation of unwanted programs
  • Exposure of sensitive data.

Affected Vendors

Zoom

Remediation

  • Keep your applications up-to dated.
  • Always look out for emails with spelling errors and mistakes.
  • Never click on the links/attachments sent by unknown senders.
  • Always be suspicious about emails sent by unknown senders.
  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.