TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

The Week in Ransomware - November 6th 2020 - Video Games and Liquor!

【ニュース】

◆The Week in Ransomware - November 6th 2020 - Video Games and Liquor! (BleepingComputer, 2020/11/06 18:22)
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-november-6th-2020-video-games-and-liquor/


【詳細】

■2020/11/02

◆Maze ransomware shuts down operations, denies creating cartel (BleepingComputer, 2020/11/02 08:25)
[迷路ランサムウェアは運営を停止し、カルテルの作成を否定]
https://www.bleepingcomputer.com/news/security/maze-ransomware-shuts-down-operations-denies-creating-cartel/
https://malware-log.hatenablog.com/entry/2020/11/02/000000

f:id:tanigawa:20201107113852j:plain
出典: https://www.bleepingcomputer.com/news/security/maze-ransomware-shuts-down-operations-denies-creating-cartel/

◆New Jigsaw Ransomware (MalwareHunterTeam, 2020/11/02)

拡張子=.evil

https://twitter.com/demonslay335/status/1323348640337977349?s=20

■2020/11/03

◆New RegretLocker ransomware targets Windows virtual machines (BleepingComputer, 2020/11/03 17:31)
https://www.bleepingcomputer.com/news/security/new-regretlocker-ransomware-targets-windows-virtual-machines/
https://malware-log.hatenablog.com/entry/2020/11/03/000000_1

■2020/11/04

◆Scam PSA: Ransomware gangs don't always delete stolen data when paid (BleepingComputer, 2020/11/04)
https://www.bleepingcomputer.com/news/security/scam-psa-ransomware-gangs-dont-always-delete-stolen-data-when-paid/
https://malware-log.hatenablog.com/entry/2020/11/04/000000_5


■2020/11/05

◆Capcom hit by Ragnar Locker ransomware, 1TB allegedly stolen (BleepingComputer, 2020/11/05 11:05)
[カプコン、ランサムウェア「Ragnar Locker」の被害に遭い、1TBが盗まれたとされる]
https://www.bleepingcomputer.com/news/security/capcom-hit-by-ragnar-locker-ransomware-1tb-allegedly-stolen/
https://malware-log.hatenablog.com/entry/2020/11/05/000000

◆Campari hit by Ragnar Locker Ransomware, $15 million demanded (BleepingComputer, 2020/11/05 18:19)
https://www.bleepingcomputer.com/news/security/campari-hit-by-ragnar-locker-ransomware-15-million-demanded/
https://malware-log.hatenablog.com/entry/2020/11/05/000000_6

◆Brazil's court system under massive RansomExx ransomware attack (BleepingComputer, 2020/11/05 16:09)
https://www.bleepingcomputer.com/news/security/brazils-court-system-under-massive-ransomexx-ransomware-attack/
https://malware-log.hatenablog.com/entry/2020/11/05/000000_8

◆Babax stealer rebrands to Osno, installs rootkit (GData, 2020/11/05)
https://www.gdatasoftware.com/blog/2020/11/36459-babax-stealer-rebrands-to-osno-installs-rootkit#c210728

◆New Tripoli ransomware (Twitter(Michael Gillespie), 2020/11/05)

Ransomware: Tripoli
拡張子: .crypted, RansomNote: HOW_FIX_FILES.htm

https://twitter.com/demonslay335/status/1324424283809075201?s=20

◆New LockDown ransomware (Twitter(Marcelo Rivero), 2020/11/05)

Ransomware: LockDown
拡張子: .sext, RansomNote: HELP_DECRYPT_YOUR_FILES.txt

https://twitter.com/MarceloRivero/status/1324417142717034505?s=20

◆New Vaca ransomware variant (Twitter(xiaopao), 2020/11/05)

Ransomware: Vaca
拡張子: .locked3dllkierff

https://twitter.com/Kangxiaopao/status/1324293036126339072

◆New Beiguo MBRLocker found (Twitter(xiaopao), 2020/11/05)

Ransomware: MBRLocke

https://twitter.com/Kangxiaopao/status/1324278819574878208?s=20

f:id:tanigawa:20201108042144j:plain


■2020/11/06

◆New Pay2Key ransomware encrypts networks within one hour (BleepingComputer, 2020/11/06 14:32)
[新しいPay2Keyランサムウェアは1時間以内にネットワークを暗号化する]

Ransomware: Pay2Key

https://www.bleepingcomputer.com/news/security/new-pay2key-ransomware-encrypts-networks-within-one-hour/
https://malware-log.hatenablog.com/entry/2020/11/06/000000_6

◆RansomExx ransomware also encrypts Linux systems (BleepingComputer, 2020/11/06 13:57)

Ransomware: RansomExx

https://www.bleepingcomputer.com/news/security/ransomexx-ransomware-also-encrypts-linux-systems/
https://malware-log.hatenablog.com/entry/2020/11/06/000000_7

◆New ZIMBA Dharma ransomware variant (Twitter(Michael Gillespie), 2020/11/06)

Ransomware: ZIMBA Dharma
拡張子= .zimba

https://twitter.com/demonslay335/status/1324758013626978305?s=20

◆New RexCrypt ransomware (Twitter(Michael Gillespie), 2020/11/06)

Ransomware: RexCrypt
拡張子: .RexCrypt, RansomNote: How-To-Decrypt-My-Files.hta

https://twitter.com/demonslay335/status/1324758013626978305?s=20

◆New Fusion Nefilim variant (Twitter(Michael Gillespie), 2020/11/06)

Ransomware: Nefilim
拡張子: .FUSION, RansomNote: FUSION-README.txt

https://twitter.com/demonslay335/status/1324835483302744064?s=20


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020