Tracking new threats with SEKOIA C2 Tracker: RedWarden, TrueBot, Aurora, Cova, Nosu, Squarephish, ChaosRAT 🕵️

When SEKOIA.IO analysts are coming across new or trendy threats (malware, threat groups, phishing, *etc.*), we generally try to find heuristics to track their infrastructure. This proactive hunting approach allows us to collect exclusive indicators of compromise (IoCs) on a weekly basis. In recent weeks, we have added Command & Control (C2) trackers for: * Newly supervised threats: Cryptocurrency phishing, WhiteSoftware websites and SEO poisoning infrastructures, TrueBot, Cova, Nosu, RedWarden, Squarephish, ChaosRAT, DuckLogs; * Already tracked threats: Aurora, BatLoader, FakeUpdates, Callisto, Evilginx2, PrivateLoader. IoCs collected from these trackers can be found in the SEKOIA.IO Intelligence Center by filtering on the source "SEKOIA C2 Tracker". If you want to know more about the above-mentioned threats, please visit their card and their model made by the analysts! ![changelog_tracker_20230110.png](BASE/products/901462981/changelog/15455/inline-e3dcbfe4ff63e672af10247c0db1fc67.jpg)