TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

The Week in Ransomware - September 11th 2020 - A barrage of attacks

【概要】

ランサムウェア名 拡張子 備考
BlackRose
Consciousness .Consciousness Consciousness Ransomware Text Message.txt
Dharma .blm, .eur, .blm
DoppelPaymer
Flamingo .FLAMINGO #READ ME.TXT
Matrix .J91D, .S996 J91D_README.rtf, S996_INFO.rtf
MedusaLocker .networkmaze
Netwalker
ProLock
STOP .ogdo
ThunderX .tx_locked
Xorist .emilisub, .hnx911


■2020/09/05

◆New Xorist variant (Twitter(Onyx Mods), 2020/09/05)
https://twitter.com/fuscator/status/1302131687556513792


■2020/09/06

◆Netwalker ransomware hits Argentinian government, demands $4 million (BleepingComputer, 2020/09/06 12:42)
https://www.bleepingcomputer.com/news/security/netwalker-ransomware-hits-argentinian-government-demands-4-million/
https://malware-log.hatenablog.com/entry/2020/09/06/000000_3


■2020/09/07

◆DoppelPaymer ransomware hits Newcastle University, leaks data (BleepingComputer, 2020/09/07 14:48)
https://www.bleepingcomputer.com/news/security/doppelpaymer-ransomware-hits-newcastle-university-leaks-data/
https://malware-log.hatenablog.com/entry/2020/09/07/000000_6

◆New ThunderX Ransomware (Twitter(S!Ri), 2020/09/07)
https://twitter.com/siri_urz/status/1302961362583171072

f:id:tanigawa:20200921181122j:plain
出典: https://twitter.com/siri_urz/status/1302961362583171072

◆New golang BlackRose ransomware (Twitter(Joakim Kennedy), 2020/09/07)
https://twitter.com/joakimkennedy/status/1302997827166121984


■2020/09/08

◆Ransomware delays first day of school for Hartford, Connecticut (BleepingComputer, 2020/09/08 12:08)
https://www.bleepingcomputer.com/news/security/ransomware-delays-first-day-of-school-for-hartford-connecticut/
https://malware-log.hatenablog.com/entry/2020/09/08/000000_5

◆Netwalker ransomware hits Pakistan's largest private power utility (BleepingComputer, 2020/09/08 17:32)
https://www.bleepingcomputer.com/news/security/netwalker-ransomware-hits-pakistans-largest-private-power-utility/
https://malware-log.hatenablog.com/entry/2020/09/08/000000_4

◆New Matrix ransomware variant (Twitter(Michael Gillespie), 2020/09/08)
https://twitter.com/demonslay335/status/1303399016542220289?s=20

◆New Xorist variant (Twitter(Michael Gillespie), 2020/09/08)
https://twitter.com/demonslay335/status/1303410615864750081?s=20

◆New Matrix ransomware variant (Twitter(Michael Gillespie), 2020/09/08)
https://twitter.com/demonslay335/status/1303411030371061762?s=20

◆New MedusaLocker variant (Twitter(Michael Gillespie), 2020/09/08)
https://twitter.com/demonslay335/status/1303417874426540039?s=20

◆New OGDO STOP variant (Twitter(Michael Gillespie), 2020/09/08)
https://twitter.com/demonslay335/status/1303806795908030475?s=20

◆Thailand hostpital hit with ransomware (Twitter(Catalin Cimpanu), 2020/09/08)

Saraburi Hospital was attacked by ransomware, unable to access data on the system. Affect the service of patients Anyone who has advice and can provide assistance, please tell the doctor in this link.

https://twitter.com/campuscodi/status/1303375123857256449?s=20


■2020/09/09

◆Leading US video delivery provider confirms ransomware attack (BleepingComputer, 2020/09/09 15:28)
https://www.bleepingcomputer.com/news/security/leading-us-video-delivery-provider-confirms-ransomware-attack/
https://malware-log.hatenablog.com/entry/2020/09/09/000000_5

◆New Flamingo Ransomware (Twitter(Michael Gillespie), 2020/09/09)
https://twitter.com/demonslay335/status/1303721155015200769

◆New Dharma Ransomware variant (Twitter, 2020/09/09)
https://twitter.com/Kangxiaopao/status/1303884001430519810?s=20


■2020/09/10

◆ProLock ransomware increases payment demand and victim count (BleepingComputer, 2020/09/10 04:44)
https://www.bleepingcomputer.com/news/security/prolock-ransomware-increases-payment-demand-and-victim-count/
https://malware-log.hatenablog.com/entry/2020/09/10/000000_3

◆Equinix data center giant hit by Netwalker Ransomware, $4.5M ransom (BleepingComputer, 2020/09/10 11:32)
https://www.bleepingcomputer.com/news/security/equinix-data-center-giant-hit-by-netwalker-ransomware-45m-ransom/
https://malware-log.hatenablog.com/entry/2020/09/10/000000_4

◆SoftServe hit by ransomware, Windows customization tool exploited (BleepingComputer, 2020/09/10 17:52)
https://www.bleepingcomputer.com/news/security/softserve-hit-by-ransomware-windows-customization-tool-exploited/
https://malware-log.hatenablog.com/entry/2020/09/10/000000_5

◆Ransomware accounted for 41% of all cyber insurance claims in H1 2020 (ZDNet, 2020/09/10 13:00)
https://www.zdnet.com/article/ransomware-accounts-to-41-of-all-cyber-insurance-claims/
https://malware-log.hatenablog.com/entry/2020/09/10/000000_6


■2020/09/11

◆Development Bank of Seychelles hit by ransomware attack (BleepingComputer, 2020/09/11 13:54)
https://www.bleepingcomputer.com/news/security/development-bank-of-seychelles-hit-by-ransomware-attack/
https://malware-log.hatenablog.com/entry/2020/09/11/000000_8

◆Karachi police office computer system hacked, ransom demanded (Jang, 2020/09/11)

Hackers hacked the computer system data of Karachi Police Office (KPO) Media Cell and demanded a ransom of 9 980. The data of Med or Cell is 700.GB Cybercrime officers arrived at the scene, seized the data system and launched an investigation.

https://jang.com.pk/news/819076

◆New Consciousness Ransomware (MalwareHunterTeam, 2020/09/11)
https://twitter.com/malwrhunterteam/status/1304462118847164417?s=20

◆New BLM Dharma variant (Twitter(Onyx Mods LLC), 2020/09/11)
https://twitter.com/fuscator/status/1304441832865239040


【ニュース】

◆The Week in Ransomware - September 11th 2020 - A barrage of attacks (BleepingComputer, 2020/09/11 17:09)
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-11th-2020-a-barrage-of-attacks/


【関連まとめ記事】

全体まとめ
 ◆マルウェア / Malware (まとめ)
  ◆ランサムウェア (まとめ)

◆DoppelPaymer (まとめ)
https://malware-log.hatenablog.com/entry/DoppelPaymer

◆Ransomware: STOP (まとめ)
https://malware-log.hatenablog.com/entry/STOP

◆ProLock (まとめ)
https://malware-log.hatenablog.com/entry/ProLock

◆NetWalker (まとめ)
https://malware-log.hatenablog.com/entry/NetWalker


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020