← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Buhtrap group uses zero‑day in latest espionage campaigns
WHITE BuhTrap AlienVault 2019-07-11 Modified: 2019-07-12
32
IOCs
MEDIUM VOLUME
The Buhtrap group is well known for its targeting of financial institutions and businesses in Russia. However, since late 2015, we have witnessed an interesting change in its traditional targets. From a pure criminal group perpetrating cybercrime for financial gain, its toolset has been expanded with malware used to conduct espionage in Eastern Europe and Central Asia.
russiabuhtrap
Indicators of Compromise (5 / 32 total)
All URL domain FileHash-SHA256 hostname FileHash-SHA1 CVE
TYPEINDICATORDESCRIPTIONCREATED
URL http://redmond.corp-microsoft.com/g/help/index.php 2019-07-11
URL https://services-glbdns2.com/FIGm6uJx0MhjJ2ImOVurJQTs0rRv5Ef2UGoSc 2019-07-11
URL https://hdfilm-seyret.com/help/index.php 2019-07-11
URL https://redmond.corp-microsoft.com/help/index.php 2019-07-11
URL https://secure-telemetry.net/wp-login.php 2019-07-11
References (1)
↗ https://www.welivesecurity.com/2019/07/11/buhtrap-zero-day-espionage-campaigns/