TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

The Week in Ransomware - September 4th 2020 - Stay Alert!

【概要】

■関連Ransomware

ランサムウェア名 備考
AESMewLocker
AIDS_NT
BlackHeart
BlackKnight
BOOP STOP
Conti
CoronaCrypt0r
Crypter
Cyrat
DarkSide
Dharma
Fappy
Gladius
Geneve
Hexadecimal
HiddenTear
Matrix
ProLock
SunCrypt
Thanos
VashSorena
ViluciWare
XMRLocker
Z3enc
Zorab


■2020/08/22

f:id:tanigawa:20200905093536p:plain

◆New XMRLocker discovered (Twitter(Amigo-A), 2020/08/22)
https://twitter.com/Amigo_A_/status/1297140226377363456?s=20


■2020/08/24

◆Iranian hackers attack exposed RDP servers to deploy Dharma ransomware
https://www.bleepingcomputer.com/news/security/iranian-hackers-attack-exposed-rdp-servers-to-deploy-dharma-ransomware/
https://malware-log.hatenablog.com/entry/2020/08/24/000000_3

◆Top exploits used by ransomware gangs are VPN bugs, but RDP still reigns supreme
https://www.zdnet.com/article/top-exploits-used-by-ransomware-gangs-are-vpn-bugs-but-rdp-still-reigns-supreme/
https://malware-log.hatenablog.com/entry/2020/08/24/000000_6

◆New BOOP STOP ransomware variant (Twitter(Michael Gillespie), 2020/08/24)
https://twitter.com/demonslay335/status/1297990813209812997?s=20

◆New ViluciWare Ransomware (Twitter(JAMESWT), 2020/08/24)
https://twitter.com/JAMESWT_MHT/status/1297889359635587072


■2020/08/25

◆Ryuk successor Conti Ransomware releases data leak site (BleepingComputer, 2020/08/25)
https://www.bleepingcomputer.com/news/security/ryuk-successor-conti-ransomware-releases-data-leak-site/

◆DarkSide Ransomware hits North American real estate developer (BleepingComputer. 2020/08/25)
https://www.bleepingcomputer.com/news/security/darkside-ransomware-hits-north-american-real-estate-developer/

◆New Gladius Ransomware (Twitter(Michael Gillespie), 2020/08/25)
https://twitter.com/demonslay335/status/1298277895706742791?s=20


■2020/08/26

◆SunCrypt Ransomware sheds light on the Maze ransomware cartel
https://www.bleepingcomputer.com/news/security/suncrypt-ransomware-sheds-light-on-the-maze-ransomware-cartel/

f:id:tanigawa:20200905095300j:plain

◆New CoronaCrypt0r ransomware
https://twitter.com/malwrhunterteam/status/1298609472798162945?s=20


■2020/08/28

◆Elon Musk confirmed Russian's plans to extort Tesla (BleepingComputer, 2020/08/28)
https://www.bleepingcomputer.com/news/security/elon-musk-confirmed-russians-plans-to-extort-tesla/

◆New BlackHeart Ransomware variant
https://twitter.com/malwrhunterteam/status/1299353052659548161?s=20

◆Zorab ransomware impersonates a decryptor
https://twitter.com/malwrhunterteam/status/1299347448410898432?s=20

◆New Hexadecimal Ransomware
https://twitter.com/fbgwls245/status/1299331067036332032?s=20


■2020/08/29

◆New VashSorena v4 Ransomware variant
https://twitter.com/fbgwls245/status/1299659575486902274

◆New Geneve Ransomware
https://twitter.com/Amigo_A_/status/1299641770582700032?s=20


■2020/08/31

◆New BlackKnight screen locker
https://twitter.com/Kangxiaopao/status/1300338657035919360?s=20

◆New Matrix Ransomware variant
https://twitter.com/Kangxiaopao/status/1300382860554072067?s=20

◆New Crypter Ransomware
https://twitter.com/Kangxiaopao/status/1300378579478261762?s=20


■2020/09/01

◆DLL Fixer leads to Cyrat Ransomware
https://www.gdatasoftware.com/blog/cyrat-ransomware

◆New HiddenTear Ransomware variant
https://twitter.com/Kangxiaopao/status/1300378579478261762?s=20

◆New HiddenTear variant
https://twitter.com/fuscator/status/1300822841638760454?s=20


■2020/09/02

◆New AESMewLocker Ransomware
https://twitter.com/Amigo_A_/status/1301146050309300226?s=20


■2020/09/03

◆New z3enc Ransomware
https://twitter.com/siri_urz/status/1301522159018242054?s=20

◆New Fappy Ransomware
https://twitter.com/siri_urz/status/1301510772716007426

◆New GOLD Dharma variant
https://twitter.com/Kangxiaopao/status/1301457896870273025?s=20

◆New AIDS_NT Ransomware
https://twitter.com/GrujaRS/status/1301620462909304833


■2020/09/04

◆Thanos Ransomware adds Windows MBR locker that fails every time (BleepingComputer, 2020/09/04 12:29)
https://www.bleepingcomputer.com/news/security/thanos-ransomware-adds-windows-mbr-locker-that-fails-every-time/
https://malware-log.hatenablog.com/entry/2020/09/04/000000_4

◆FBI issues second alert about ProLock ransomware stealing data (BleepingComputer, 2020/09/04)
https://www.bleepingcomputer.com/news/security/fbi-issues-second-alert-about-prolock-ransomware-stealing-data/

◆SunCrypt Ransomware shuts down North Carolina school district (BleepingComputer, 2020/09/04)
https://www.bleepingcomputer.com/news/security/suncrypt-ransomware-shuts-down-north-carolina-school-district/


【ニュース】

◆The Week in Ransomware - September 4th 2020 - Stay Alert! (BleepingComputer, 2020/09/04)
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-4th-2020-stay-alert/


【関連まとめ記事】

全体まとめ
 ◆資料・報告書 (まとめ)

◆The Week in Ransomware (まとめ)
https://malware-log.hatenablog.com/entry/The_Week_in_Ransomware

 ◆マルウェア / Malware (まとめ)
  ◆ランサムウェア (まとめ)

◆DarkSide (まとめ)
https://malware-log.hatenablog.com/entry/DarkSide


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020