【概要】
■関連Ransomware
ランサムウェア名 | 備考 |
---|---|
Dharma | |
LockBit | |
Maze | |
Nemty | |
Ryuk | |
Shade | |
Snake | |
Sodinokibi | 別名: Sodin / REvil |
SQPC | |
Troldesh | |
VCrypt |
■2020/05/02
◆Sodinokibi, Ryuk ransomware drive up average ransom to $111,000 (Bleeping Computer)
[Sodinokibi、Ryukのランサムウェアが平均身代金を11万1000ドルに引き上げる]
https://www.bleepingcomputer.com/news/security/sodinokibi-ryuk-ransomware-drive-up-average-ransom-to-111-000/
◆Shade / Troldesh Ransomware decryption tool (Bitdefender /Labs, 2020/05/02)
[Shade / Troldesh Ransomware 復号化ツール]
https://labs.bitdefender.com/2020/05/shade-troldesh-ransomware-decryption-tool/
■2020/05/04
◆LockBit ransomware self-spreads to quickly encrypt 225 systems
https://www.bleepingcomputer.com/news/security/lockbit-ransomware-self-spreads-to-quickly-encrypt-225-systems/
⇒ https://malware-log.hatenablog.com/entry/2020/05/04/000000_1
◆New VCrypt Ransomware locks files in password-protected 7ZIPs
https://www.bleepingcomputer.com/news/security/new-vcrypt-ransomware-locks-files-in-password-protected-7zips/
⇒ https://malware-log.hatenablog.com/entry/2020/05/04/000000_2
◆Changes in REvil ransomware version 2.2
https://blog.intel471.com/2020/05/04/changes-in-revil-ransomware-version-2-2/
⇒ https://malware-log.hatenablog.com/entry/2020/05/04/000000_3
■2020/05/05
◆Toll Group hit by ransomware a second time, deliveries affected
https://www.bleepingcomputer.com/news/security/toll-group-hit-by-ransomware-a-second-time-deliveries-affected/
◆New 0day0 Dharma variant
https://twitter.com/JakubKroustek/status/1257708145192951809
■2020/05/06
◆Large scale Snake Ransomware campaign targets healthcare, more
https://www.bleepingcomputer.com/news/security/large-scale-snake-ransomware-campaign-targets-healthcare-more/
◆Targeted Ransomware Attack Hits Taiwanese Organizations
https://blog.trendmicro.com/trendlabs-security-intelligence/targeted-ransomware-attack-hits-taiwanese-organizations/
◆New Nemty spam campaign targeting South Korea
https://twitter.com/vigilantbeluga/status/1257891038582067200
■2020/05/07
◆Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents
https://www.fireeye.com/blog/threat-research/2020/05/tactics-techniques-procedures-associated-with-maze-ransomware-incidents.html
◆New SQPC Stop Ransomware variant
https://twitter.com/demonslay335/status/1258449843913097218
◆New PHP Dharma variant
https://twitter.com/JakubKroustek/status/1258478686296309762
◆Sodinokibi / REvil ransomware TTPs
https://blog.redteam.pl/2020/05/sodinokibi-revil-ransomware.html?m=1
■2020/05/08
◆REvil ransomware threatens to leak A-list celebrities' legal docs
https://www.bleepingcomputer.com/news/security/revil-ransomware-threatens-to-leak-a-list-celebrities-legal-docs/
◆New NET Dharma Ransomware variant
https://twitter.com/fbgwls245/status/1258740920494616576
【ニュース】
◆The Week in Ransomware - May 8th 2020 - Attacks Continue (BleepingComputer, 2020/05/08 18:43)
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-8th-2020-attacks-continue/
【関連まとめ記事】
◆The Week in Ransomware (まとめ)
https://malware-log.hatenablog.com/entry/The_Week_in_Ransomware
◆マルウェア / Malware (まとめ)
◆ランサムウェア (まとめ)
◆Nemty (まとめ)
https://malware-log.hatenablog.com/entry/Nemty