The Water Hydra group was first detected in 2021, when it gained notoriety for targeting the financial industry, launching attacks against banks, cryptocurrency platforms, forex and stock trading platforms, gambling sites, and casinos worldwide.
Water Hydra exploited CVE-2024-21412 to target forex trading forums and stock trading Telegram channels in spear phishing attacks, pushing a malicious stock chart linking to a compromised trading information websites.
Enhancement idea
DarkMe
malware.Description
The Water Hydra group was first detected in 2021, when it gained notoriety for targeting the financial industry, launching attacks against banks, cryptocurrency platforms, forex and stock trading platforms, gambling sites, and casinos worldwide.
Water Hydra exploited
CVE-2024-21412
to target forex trading forums and stock trading Telegram channels in spear phishing attacks, pushing a malicious stock chart linking to a compromised trading information websites.Links
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21412
https://www.trendmicro.com/content/dam/trendmicro/global/en/research/24/b/cve202421412-water-hydra-targets-traders-with-windows-defender-smartscreen-zero-day/ioc-water-hydra-cve-2024-21412.txt
IOC
I2P websites
n/a
IPFS websites
n/a
Tor2web websites
n/a
TOR websites
n/a
URL's
n/a
Folders
n/a
Sub-Domains
n/a
Domains
IP's
Emails
n/a
Wallet addresses
n/a
Mining pool addresses
n/a