TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

The Week in Ransomware - September 18th 2020 - Schools under attack

【概要】

ランサムウェア名 拡張子 備考
AHP .AHP
BlackHeart .Alix1011RVA
Crypt32
Cyborg .petra, .EncryptedFilePayToGetBack, .Cyborg1, .LockIt
Demonware
Dharma
DogeCrypt .DogeCrypt
LINA .lina
LockBit .TEREN
Maze
Nefilim .MEFILIN
PewPew .abkir
STOP .npph
SunCrypt
Xorist .BD, .TAKA, .YOURPCISHACK16024752552658
Zeoticus ..immunityyoung@aol.com.young


■2020/09/12

◆Fairfax County schools hit by Maze ransomware, student data leaked (BleepingComputer, 2020/09/12 03:38)
https://www.bleepingcomputer.com/news/security/fairfax-county-schools-hit-by-maze-ransomware-student-data-leaked/
https://malware-log.hatenablog.com/entry/2020/09/12/000000_5

◆Critical Infrastructure Ransomware Attacks (テンプル大, 2020/09/12)
https://sites.temple.edu/care/ci-rw-attacks/


■2020/09/14

◆New Xorist variant (Twitter(Xiaopao), 2020/09/14)
https://twitter.com/Kangxiaopao/status/1305424160705843200

f:id:tanigawa:20200921171037p:plain
出典: https://twitter.com/Kangxiaopao/status/1305424160705843200/photo/1

◆New Chuk Dharma variant (Twitter(Xiaopao), 2020/09/14)
https://twitter.com/Kangxiaopao/status/1305408131296423936?s=20

◆Emsisoft releases a Crypt32 decryptor (Emsisoft, 2020/09/14)
https://www.emsisoft.com/ransomware-decryption-tools/crypt32

◆New AHP Dharma ransomware variant (Twitter(Marcelo Rivero), 2020/09/14)
https://twitter.com/MarceloRivero/status/1305576774336643081

◆Emsisoft releases a Cyborg ransomware decryptor (Emsisoft, 2020/09/14)
https://www.emsisoft.com/ransomware-decryption-tools/cyborg

◆New Nefilim ransomware variant (Twitter(Michael Gillespie), 2020/09/14)
https://twitter.com/demonslay335/status/1305620578569728000

◆New STOP ransomware variant (Twitter(Michael Gillespie), 2020/09/14)
https://twitter.com/demonslay335/status/1305634355377836039?s=20


■2020/09/15

◆New Zeoticus 2.0 ransomware (Twitter(Michael Gillespie), 2020/09/15)
https://twitter.com/demonslay335/status/1306006695311814662

f:id:tanigawa:20200921170056j:plain
出典: https://twitter.com/demonslay335/status/1306006695311814662/photo/2

◆New Demonware ransomware (Twitter(JAMESWT))
https://twitter.com/JAMESWT_MHT/status/1305846433875140609/photo/1

f:id:tanigawa:20200921170510j:plain
出典: https://twitter.com/JAMESWT_MHT/status/1305846433875140609/photo/1

◆New PewPew ransomware destroys files (Twitter(GrujaRS), 2020/09/15)
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-18th-2020-schools-under-attack/


■2020/09/16

◆University Hospital New Jersey hit by SunCrypt ransomware, data leaked (BleepingComputer, 2020/09/16 13:39)
https://www.bleepingcomputer.com/news/security/university-hospital-new-jersey-hit-by-suncrypt-ransomware-data-leaked/
https://malware-log.hatenablog.com/entry/2020/09/16/000000_2

◆LockBit ransomware launches data leak site to double-extort victims (BleepingComputer, 2020/09/16)
https://www.bleepingcomputer.com/news/security/lockbit-ransomware-launches-data-leak-site-to-double-extort-victims/
https://malware-log.hatenablog.com/entry/2020/09/16/000000_1

◆New TEREN Dharma variant (Twitter(Jakub Kroustek), 2020/09/16)
https://twitter.com/JakubKroustek/status/1306238406381449219

◆New Xorist ransomware variant (Twitter(Michael Gillespie), 2020/09/16)
https://twitter.com/demonslay335/status/1306271414673117184

◆New DogeCrypt DesuCrypt variant (Twitter(dnwls0719), 2020/09/16)
https://twitter.com/fbgwls245/status/1306416574476120064


■2020/09/17

◆Maze ransomware now encrypts via virtual machines to evade detection (BleepingComputer, 2020/09/17 14:24)
https://www.bleepingcomputer.com/news/security/maze-ransomware-now-encrypts-via-virtual-machines-to-evade-detection/
https://malware-log.hatenablog.com/entry/2020/09/17/000000_7

◆Ransomware attack at German hospital leads to death of patient (BleepingComputer, 2020/09/17 11:41)
https://www.bleepingcomputer.com/news/security/ransomware-attack-at-german-hospital-leads-to-death-of-patient/
https://malware-log.hatenablog.com/entry/2020/09/17/000000_8

◆New Xorist variant (Twitter(xiaopao), 2020/09/17)
https://twitter.com/Kangxiaopao/status/1306538494446034944?s=20

◆New BlackHeart ransomware found (Twitter(xiaopao), 2020/09/17)
https://twitter.com/Kangxiaopao/status/1306490376878878720?s=20

◆New LINA Dharma variant (Twitter(xiaopao), 2020/09/17)
https://twitter.com/Kangxiaopao/status/1306490376878878720?s=20

◆New ransomware targeting Vietnam (Twitter(MalwareHunterTeam),2020/09/17)
https://twitter.com/malwrhunterteam/status/1306612890129100801?s=20

f:id:tanigawa:20200921163414j:plain
出典: https://twitter.com/malwrhunterteam/status/1306612890129100801?s=20


■2020/09/18

◆U.K. warns of surge in ransomware threats against education sector (BleepingComputer, 2020/09/18 00:13)
[英国、教育分野に対するランサムウェアの脅威が急増していると警告]
https://www.bleepingcomputer.com/news/security/uk-warns-of-surge-in-ransomware-threats-against-education-sector/
https://malware-log.hatenablog.com/entry/2020/09/18/000000_11

◆Leading U.S. laser developer IPG Photonics hit with ransomware (BleepingComputer, 2020/09/18 13:09)
[米国の大手レーザー開発会社IPG Photonicsがランサムウェアの被害に遭う]
https://www.bleepingcomputer.com/news/security/leading-us-laser-developer-ipg-photonics-hit-with-ransomware/
https://malware-log.hatenablog.com/entry/2020/09/18/000000_12


【ニュース】

◆The Week in Ransomware - September 18th 2020 - Schools under attack (BleepingComputer, 2020/09/18 15:41)
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-18th-2020-schools-under-attack/


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020