Tracking new threats with SEKOIA C2 Tracker: SVCReady, SeaFlower, XLoader, and more! 🕵️

When SEKOIA.IO analysts are coming across new or trendy threats (malware, threat groups, phishing, etc.), we generally try to find heuristics to track their infrastructure. This proactive hunting approach allows us to collect exclusive indicators of compromise (IoCs) on a weekly basis. In recent weeks, we have added Command & Control (C2) trackers for:

  • New or recent malware families: SVCReady, FFDroider, CreepySnail, Colibri;
  • The cluster SeaFlower;
  • And other malware families, framework, or threat groups, whose infrastructure has recently evolved, to name but a few: XLoader, ERMAC, Evilginx.

IoCs collected from these trackers can be found in the SEKOIA.IO Intelligence Center by filtering on the source "SEKOIA C2 Tracker". If you want to know more about the above-mentioned threats, please visit their card and their model made by the analysts!

ic_malware_colibri_iocs.png

What do you think about this update?