TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

The Week in Ransomware - October 30th 2020 - Hospitals under siege

【ニュース】

The Week in Ransomware - October 30th 2020 - Hospitals under siege (BleepingComputer, 2020/10/30 15:29)
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-30th-2020-hospitals-under-siege/


【詳細】

■2020/10/24

◆New Russian Ransomware (Twitter(dnwls0719), 2020/10/24)

Ransomware: Russian
拡張子: .pizhon-(Random)

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-30th-2020-hospitals-under-siege/

f:id:tanigawa:20201111191700j:plain


■2020/10/25

◆State and Local Cybersecurity: Defending Our Communities from Cyber Threats Amid COVID-19 (Coveware, 2020/10/25)
https://www.coveware.com/blog/2020/10/14/state-and-local-cybersecurity-defending-our-communities-from-cyber-threats-amid-covid-19
https://malware-log.hatenablog.com/entry/2020/10/25/000000


■2020/10/26

◆Sopra Steria confirms being hit by Ryuk ransomware attack (BleepingComputer, 2020/10/26 09:54)
[Sopra Steriaは、Ryukランサムウェアの攻撃を受けたことを確認しています]

Ransomware: Ryuk

https://www.bleepingcomputer.com/news/security/sopra-steria-confirms-being-hit-by-ryuk-ransomware-attack/
https://malware-log.hatenablog.com/entry/2020/10/26/000000_2

◆New STOP Djvu ransomware variant (Twitter(Michael Gillespie), 2020/10/26)

拡張子: .iiss

https://twitter.com/demonslay335/status/1320847274965127169?s=20

◆New Xorist ransomware variant (Twitter(Michael Gillespie), 2020/10/26)

拡張子: .ZaLtOn

https://twitter.com/demonslay335/status/1320850642605400068?s=20

◆Mineral Technologies Inc discloses a ransomware attack in SEC filings (sec.gov, 2020/10/26)
https://www.sec.gov/ix?doc=/Archives/edgar/data/891014/000089101420000047/form8k_102620.htm

◆New TheDMR ransomware variant (Twitter(Amigo-A ), 2020/10/26)

Ransomware: TheDMR
拡張子: .ALVIN, ランサムノート: HOW TO RECOVER ENCRYPTED FILES.txt

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-30th-2020-hospitals-under-siege/

f:id:tanigawa:20201111193855j:plain

◆New Ransomware32 ransomware (Twitter(Karsten Hahn), )

Ransomware: Ransomware32
拡張子: ._encrypted, ランサムノート: README_encrypted.txt

https://twitter.com/struppigel/status/1320691035861848064?s=20


■2020/10/27

◆Enel Group hit by ransomware again, Netwalker demands $14 million (BleepingComputer, 2020/10/27)
https://www.bleepingcomputer.com/news/security/enel-group-hit-by-ransomware-again-netwalker-demands-14-million/
https://malware-log.hatenablog.com/entry/2020/10/27/000000_7

◆Steelcase furniture giant hit by Ryuk ransomware attack (BleepingComputer, 2020/10/27 12:30)
https://www.bleepingcomputer.com/news/security/steelcase-furniture-giant-hit-by-ryuk-ransomware-attack/
https://malware-log.hatenablog.com/entry/2020/10/27/000000_8

◆New Mars ransomware (Twitter(Michael Gillespie), 2020/10/27)

Ransomware: Mars
拡張子: .mars , ランサムノート: !!!MARS_DECRYPT.TXT

https://twitter.com/demonslay335/status/1321104905491402753?s=20

◆New Ransomware COVID (Twitter(Michael Gillespie), 2020/10/27)

拡張子: .crypt

https://twitter.com/malwrhunterteam/status/1321087379214577666?s=20

◆New SnapDragon ransomware (Twitter(0x4143 ), 2020/10/27)

Ransomware: SnapDragon
拡張子: .SNPDRGN

https://twitter.com/0x4143/status/1321051170241204224?s=20

◆New Wanna Scream variant (Twitter(0x4143 ), 2020/10/27)

Ransomware: Wanna Scream
拡張子: .H@RM@, ランサムノート: info.hta , ReadMe.txt

https://twitter.com/0x4143/status/1321128191495471104?s=20

f:id:tanigawa:20201111195711j:plain


■2020/10/28

■2020/10/29

■2020/10/30



【関連まとめ記事】

全体まとめ
 ◆脅威情報 (まとめ)

◆Talos の 1 週間における脅威のまとめ (まとめ)
https://malware-log.hatenablog.com/entry/Talos_Threat


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020