Tracking new threats with SEKOIA C2 Tracker: Aurora, Nighthawk, BatLoader and more! 🕵️
When SEKOIA.IO analysts are coming across new or trendy threats (malware, threat groups, phishing, _etc._), we generally try to find heuristics to track their infrastructure. This proactive hunting approach allows us to collect exclusive indicators of compromise (IoCs) on a weekly basis. In recent weeks, we have added Command & Control (C2) trackers for:
* Newly supervised threats: Aurora 🌌, new Vidar botnets 🤖, AcridRain, Nighthawk 🦉, new Magecart clusters 🛒, ModernLoader, Ramnit, BatLoader 🦇, DuckLogs, LaplasClipper;
* Already tracked threats: Sliver, Qakbot, FakeUpdates, Raccoon 🦝.
IoCs collected from these trackers can be found in the SEKOIA.IO Intelligence Center by filtering on the source "SEKOIA C2 Tracker". If you want to know more about the above-mentioned threats, please visit their card and their model made by the analysts!