• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Office 365 App Phishing Campaign
December 12, 2019
Rewterz Threat Alert – Zeppelin Ransomware Targets Healthcare and IT Companies
December 12, 2019

Rewterz Threat Alert – Phishing Campaign Linked to Cobalt Group

December 12, 2019

Severity

High

Analysis Summary

An ongoing ATM Cashout phishing campaign, linked to a new Cobalt Group phishing campaign is targeting banks in different parts of Europe . This specific campaign utilized the CobInt malware family, which was previously used in the January 2018 – November 2019 campaigns attributed to Cobalt Group. Using malicious attachments, the campaigns potentially targeted individuals and financial institutions in Czech Republic and other parts of Europe targeting financial sector. It should be noted the campaign likely occurred in late October 2019.

Impact

Financial loss

Indicators of Compromise

MD5

7d339ee10e6561f1fb9de3ab05dd4fb8

SHA-256

  • bc504b51563959abb11a456ef926b255d8dd679710cedcc1ed7815e8be4e877c
  • 893339624602c7b3a6f481aed9509b53e4e995d6771c72d726ba5a6b319608a7
  • fe16a85a3f0094134eef4ba209c188a186ed269de90a6b5a84bcc4b90470cc79
  • 2c542c38d15d6e25cf33e742716bf1ca14db791d568686ccd8ca09cadda83c7e
  • 1d772438392b1e84d3ce800e181603646ae675e8572f7f741184b83537c5451f

SHA1

ffc2be94e5e6a28150cae7b092fc6fd8efafe4d1


Remediation

  • Search for the IOC’s in your existing environment.
  • Block all threat indicators at your respective controls.
  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.