Tracking threats with Sekoia.io C2 Tracker 🕵️
When Sekoia.io analysts are coming across new or trendy threats (malware, threat groups, phishing, _etc._), we generally try to find heuristics to track their infrastructure. This proactive hunting approach allows us to collect exclusive indicators of compromise (IoCs) on a weekly basis. In recent weeks, we have added Command & Control (C2) trackers for:
* Newly supervised threats: KeepSpy, Bandit Stealer, Meduza Stealer, Observer Stealer, AndoryuBot;
* Already tracked threats: Ducktail, CryptBot, Stealc, Lumma Stealer, PikaBot, SideWinder, phishing infrastructure.
![ic_keepsy.png](BASE/products/901462981/changelog/23032/inline-2e5addb2f47bd9c578c655cc9204d65b.jpg)
IoCs collected from these trackers can be found in the Sekoia.io Intelligence Center by filtering on the source "Sekoia.io C2 Tracker". If you want to know more about the above-mentioned threats, please visit their card and their model made by the analysts!