April 18, 2024
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Office 365 App Phishing Campaign
December 12, 2019Rewterz Threat Alert – Zeppelin Ransomware Targets Healthcare and IT Companies
December 12, 2019Rewterz Threat Alert – Office 365 App Phishing Campaign
December 12, 2019Rewterz Threat Alert – Zeppelin Ransomware Targets Healthcare and IT Companies
December 12, 2019
Severity
High
Analysis Summary
An ongoing ATM Cashout phishing campaign, linked to a new Cobalt Group phishing campaign is targeting banks in different parts of Europe . This specific campaign utilized the CobInt malware family, which was previously used in the January 2018 – November 2019 campaigns attributed to Cobalt Group. Using malicious attachments, the campaigns potentially targeted individuals and financial institutions in Czech Republic and other parts of Europe targeting financial sector. It should be noted the campaign likely occurred in late October 2019.
Impact
Financial loss
Indicators of Compromise
MD5
7d339ee10e6561f1fb9de3ab05dd4fb8
SHA-256
- bc504b51563959abb11a456ef926b255d8dd679710cedcc1ed7815e8be4e877c
- 893339624602c7b3a6f481aed9509b53e4e995d6771c72d726ba5a6b319608a7
- fe16a85a3f0094134eef4ba209c188a186ed269de90a6b5a84bcc4b90470cc79
- 2c542c38d15d6e25cf33e742716bf1ca14db791d568686ccd8ca09cadda83c7e
- 1d772438392b1e84d3ce800e181603646ae675e8572f7f741184b83537c5451f
SHA1
ffc2be94e5e6a28150cae7b092fc6fd8efafe4d1
Remediation
- Search for the IOC’s in your existing environment.
- Block all threat indicators at your respective controls.